{ description = "NixOS system flake"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/release-24.11"; #nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixos-2405.url = "github:NixOS/nixpkgs/nixos-24.05"; nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { url = "github:nix-community/home-manager/master"; #url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; # deliberately do _not_ follow the nixpkgs input here, because paranoia and test coverage }; utils.url = "github:numtide/flake-utils"; treefmt-nix = { url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-darwin = { url = "github:LnL7/nix-darwin"; inputs.nixpkgs.follows = "nixpkgs"; }; nur.url = "github:nix-community/NUR"; # TODO: possible make this a flake as well mysecrets = { flake = false; url = "git+ssh://gitea@git.orlives.de:2342/schmittlauch/home-manager_secrets.git"; }; }; outputs = { self, nixpkgs, nur, lanzaboote, utils, home-manager, treefmt-nix, nix-darwin, ... }@inputs: let # FIXME: allow different systems systems = utils.lib.system; # necessary to make the top-level inputs available to system configuration # inspired by https://jade.fyi/blog/flakes-arent-real/ inputInjection = { pkgs, lib, ... }: { options.inputInjection = lib.mkOption { type = with lib.types; attrsOf unspecified; default = { }; }; config.inputInjection = { flake-inputs = inputs; }; }; defaultModules = system: [ inputInjection # for some reason, `imports`-ing the home-manager module via inputInjection # from a sub-module causes infinite recursion, so importing it here instead home-manager.nixosModules.home-manager ]; mkSystem = system: extraModules: nixpkgs.lib.nixosSystem rec { modules = (defaultModules system) ++ extraModules; inherit system; specialArgs = { inherit system; }; }; mkHomeManager = confName: user: system: # unfortunately, home-manager configs are still system-specific home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.${system}; modules = [ { imports = [ nur.hmModules.nur ./home/common.nix ./home/${confName}.nix ]; # extends the home config home.username = user; } ]; # Optionally use extraSpecialArgs # to pass through arguments to home.nix extraSpecialArgs = { inherit inputs system; }; }; treefmtConf = { pkgs, ... }: { projectRootFile = "flake.nix"; programs.nixfmt.enable = true; }; in { overlays.default = import ./packages; nixosConfigurations = { thinknix = mkSystem systems.x86_64-linux [ ./hosts/thinknix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t440s lanzaboote.nixosModules.lanzaboote ]; framenix = mkSystem systems.x86_64-linux [ ./hosts/framenix inputs.nixos-hardware.nixosModules.framework-13-7040-amd lanzaboote.nixosModules.lanzaboote ]; }; darwinConfigurations."OS-MacBook-Pro" = nix-darwin.lib.darwinSystem { modules = [ ./darwin/configuration.nix inputInjection ]; }; homeConfigurations = { spiollinux-desktop = mkHomeManager "desktop" "spiollinux" systems.x86_64-linux; os-workmac = mkHomeManager "workmac" "os" systems.aarch64-darwin; }; lib = { inherit mkHomeManager; }; } // utils.lib.eachDefaultSystem ( system: let nixpkgs = import inputs.nixpkgs { inherit system; overlays = nixpkgs.lib.attrValues self.overlays; }; nixpkgs_unstable = import inputs.nixos-unstable { inherit system; overlays = nixpkgs.lib.attrValues self.overlays; }; pkgs = inputs.nixpkgs.legacyPackages.${system}; pkgs_unstable = inputs.nixos-unstable.legacyPackages.${system}; treefmtEval = treefmt-nix.lib.evalModule pkgs_unstable treefmtConf; in { devShells.default = pkgs.mkShell { buildInputs = [ ]; }; formatter = treefmtEval.config.build.wrapper; checks.formatting = treefmtEval.config.build.check self; # expose nixpkgs with overlay; TODO: figure out role of config #legacyPackages = nixpkgs; # inspired by https://github.com/Mic92/dotfiles/blob/main/home-manager/flake-module.nix # run like: `nix run .#hm -- ` apps.hm = { type = "app"; program = "${pkgs.writeShellScriptBin "hm" '' set -x export PATH=${ pkgs.lib.makeBinPath [ pkgs.git pkgs.coreutils pkgs.findutils pkgs.nix pkgs.jq pkgs.unixtools.hostname ] } declare -A profiles=( ["framenix"]="spiollinux-desktop" ["thinknix"]="spiollinux-desktop" ["OS MacBook Pro"]="os-workmac" ) user=$(id -un) host=$(hostname) if [[ -n ''${profiles["$host-$user"]} ]]; then profile=''${profiles["$host-$user"]}; elif [[ -n ''${profiles[$host]:-} ]]; then profile=''${profiles[$host]} else echo "No suitable profile found." >2 exit 2 fi if [[ "''${1:-}" == profile ]]; then echo $profile exit 0 fi ${ inputs.home-manager.packages.${pkgs.system}.home-manager }/bin/home-manager --flake "${self}#$profile" "$@" ''}/bin/hm"; }; } ); }