{ description = "jolheiser's nixos config"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; jolheiser.url = "git+https://git.jolheiser.com/nixpkgs.git"; flake-utils.url = "github:numtide/flake-utils"; # Only expressed here to use for followers home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; agenix = { url = "github:ryantm/agenix"; inputs = { nixpkgs.follows = "nixpkgs"; darwin.follows = ""; home-manager.follows = ""; }; }; nixos-hardware.url = "github:nixos/nixos-hardware/master"; nur.url = "github:nix-community/NUR"; helix = { url = "git+https://git.jolheiser.com/helix.drv.git"; inputs.nixpkgs.follows = "jolheiser/nixpkgs"; }; website = { url = "git+https://git.jolheiser.com/jolheiser.com.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; templ.follows = "templ"; }; }; resume = { url = "git+https://git.jolheiser.com/resume.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; blog = { url = "git+https://git.jolheiser.com/blog.git"; inputs = { nixpkgs.follows = "nixpkgs"; templ.follows = "templ"; }; }; bennet = { url = "git+https://git.jolheiser.com/bennet.git"; inputs.nixpkgs.follows = "nixpkgs"; }; git-age = { url = "git+https://git.jolheiser.com/git-age.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; gist = { url = "git+https://git.jolheiser.com/gist.git"; inputs.nixpkgs.follows = "nixpkgs"; }; tmpl = { url = "git+https://git.jolheiser.com/tmpl.git"; inputs.nixpkgs.follows = "nixpkgs"; }; gomodinit = { url = "git+https://git.jolheiser.com/gomodinit.git"; inputs.nixpkgs.follows = "nixpkgs"; }; cfg = { url = "git+https://git.jolheiser.com/cfg.git"; inputs.nixpkgs.follows = "nixpkgs"; }; cfg-playground = { url = "git+https://git.jolheiser.com/cfg-playground.git"; inputs.nixpkgs.follows = "nixpkgs"; }; ugit = { url = "git+https://git.jolheiser.com/ugit.git"; inputs.nixpkgs.follows = "nixpkgs"; }; git-pr = { url = "git+https://git.jolheiser.com/git-pr-nix.git"; inputs.nixpkgs.follows = "nixpkgs"; }; spectre = { url = "git+https://git.jolheiser.com/go-spectre.git"; inputs.nixpkgs.follows = "nixpkgs"; }; # Other flakes golink = { url = "github:tailscale/golink"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; tclip = { url = "github:tailscale-dev/tclip"; inputs = { #nixpkgs.follows = "nixpkgs"; utils.follows = "flake-utils"; }; }; templ = { url = "github:a-h/templ"; inputs.nixpkgs.follows = "nixpkgs"; }; actual = { url = "git+https://git.xeno.science/xenofem/actual-nix.git"; inputs.nixpkgs.follows = "nixpkgs"; }; foundry.url = "github:reckenrode/nix-foundryvtt"; tailproxy = { url = "git+https://git.jolheiser.com/tailproxy.git"; inputs.nixpkgs.follows = "nixpkgs"; }; ghostty.url = "git+ssh://git@github.com/ghostty-org/ghostty"; }; outputs = { nixpkgs, home-manager, nixos-hardware, agenix, ... }@inputs: let overlays = [ (_: prev: { nur = import inputs.nur { nurpkgs = prev; pkgs = prev; }; jolheiser = { helix = inputs.helix.packages.${prev.system}.default; website = inputs.website.packages.${prev.system}.default; resume = inputs.resume.packages.${prev.system}.default; git-age = inputs.git-age.packages.${prev.system}.default; gist = inputs.gist.packages.${prev.system}.default; tmpl = inputs.tmpl.packages.${prev.system}.default; gomodinit = inputs.gomodinit.packages.${prev.system}.default; cfg = inputs.cfg.packages.${prev.system}.default; blog = inputs.blog.packages.${prev.system}.default; bennet = inputs.bennet.packages.${prev.system}.default; spectre = inputs.spectre.packages.${prev.system}.default; }; tclip = inputs.tclip.packages.${prev.system}.tclip; templ = inputs.templ.packages.${prev.system}.templ; ghostty = inputs.ghostty.packages.${prev.system}.ghostty; }) inputs.golink.overlay ]; pkgs = import inputs.nixpkgs { inherit overlays system; config.allowUnfree = true; }; commonConfig = { config, ... }: { config = { nixpkgs.overlays = overlays; # TODO Remove when apps are updated nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; }; }; username = "jolheiser"; system = "x86_64-linux"; homeManagerModules = [ agenix.homeManagerModules.age { home = { inherit username; homeDirectory = "/home/${username}"; }; age = { secretsDir = "/home/${username}/.agenix/agenix"; secretsMountPoint = "/home/${username}/.agenix/agenix.d"; identityPaths = [ "/home/${username}/.ssh/nix" ]; secrets = { ssh-config.file = ./secrets/shared/ssh-config.age; spotify = { file = ./secrets/shared/spotify.age; path = "/home/${username}/.cache/spotify-player/credentials.json"; }; irc-pw.file = ./secrets/shared/irc-pw.age; gist-pw.file = ./secrets/shared/gist-pw.age; spectre-pw.file = ./secrets/shared/spectre-pw.age; git-send-email.file = ./secrets/shared/git-send-email.age; cachix = { file = ./secrets/shared/cachix.age; path = "/home/${username}/.config/cachix/cachix.dhall"; }; llm = { file = ./secrets/shared/llm.age; path = "/home/${username}/.config/io.datasette.llm/keys.json"; }; }; }; } ./apps/gui ]; in { inherit homeManagerModules; homeConfigurations = { "jolheiser" = home-manager.lib.homeManagerConfiguration { inherit pkgs; modules = homeManagerModules ++ [ ./apps/de ]; }; }; nixosConfigurations = { "genmaicha" = nixpkgs.lib.nixosSystem { inherit system; modules = [ nixos-hardware.nixosModules.framework-13-7040-amd ./machines/genmaicha commonConfig ]; }; "sencha" = nixpkgs.lib.nixosSystem { inherit system; modules = [ ./machines/sencha commonConfig ]; }; }; colmena = { meta = { nixpkgs = import nixpkgs { inherit overlays system; }; specialArgs = { inherit inputs; }; }; dragonwell = { pkgs, ... }: { imports = [ inputs.agenix.nixosModules.default inputs.golink.nixosModules.default inputs.ugit.nixosModules.default inputs.git-pr.nixosModules.default inputs.actual.nixosModules.default inputs.tailproxy.nixosModules.default inputs.foundry.nixosModules.foundryvtt inputs.cfg-playground.nixosModules.default ./modules/tclip ./machines/dragonwell ]; services.tclip.package = inputs.tclip.packages.${pkgs.system}.tclipd; }; gunpowder = { imports = [ inputs.tailproxy.nixosModules.default ./machines/gunpowder ]; }; }; nixConfig = { extra-substitutors = [ "https://jolheiser.cachix.org" ]; extra-trusted-public-keys = [ "jolheiser.cachix.org-1:fiKkfTuHFqDK5ZOVxcqb4InUkKsrTvtMLISid7XvuVg=" ]; }; devShells.${system}.default = pkgs.mkShell { nativeBuildInputs = [ agenix.packages.${system}.agenix pkgs.colmena ]; }; }; }