Trolli Schmittlauch
9ad1049f4a
Inspired by https://jade.fyi/blog/flakes-arent-real/, this is better for composability: > it also doesn't work outside of the flake that's actually invoking nixpkgs.lib.nixosSystem. The latter is the much more sinister part, and the reason I would strongly recommend inline modules with closures instead of specialArgs: they break flake composition. For now, the `system` remains a specialArg, until I decide what to do with that.
84 lines
2.9 KiB
Nix
84 lines
2.9 KiB
Nix
{
|
|
description = "NixOS system flake";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
|
|
logseq-fix-nixpkgs.url = "github:kilianar/nixpkgs?rev=8de164c9152a31d7b5e510df1546d257a64a4374";
|
|
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager/release-23.11";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
lanzaboote = {
|
|
url = "github:nix-community/lanzaboote/v0.3.0";
|
|
# deliberately do _not_ follow the nixpkgs input here, because paranoia and test coverage
|
|
};
|
|
utils.url = "github:numtide/flake-utils";
|
|
|
|
nur.url = "github:nix-community/NUR";
|
|
# TODO: possible make this a flake as well
|
|
mysecrets = {
|
|
flake = false;
|
|
url = "git+ssh://gitea@git.orlives.de:2342/schmittlauch/home-manager_secrets.git";
|
|
};
|
|
|
|
};
|
|
|
|
outputs =
|
|
{ self, nixpkgs, nur, lanzaboote, flake-utils, home-manager, ... }@inputs:
|
|
let
|
|
# FIXME: allow different systems
|
|
systems = flake-utils.lib.system;
|
|
# necessary to make the top-level inputs available to system configuration
|
|
# inspired by https://jade.fyi/blog/flakes-arent-real/
|
|
inputInjection = {pkgs, lib, ...}: {
|
|
options.inputInjection = lib.mkOption {
|
|
type = with lib.types; attrsOf unspecified;
|
|
default = {};
|
|
};
|
|
config.inputInjection = {
|
|
flake-inputs = inputs;
|
|
};
|
|
};
|
|
defaultModules = system: [
|
|
inputInjection
|
|
];
|
|
mkSystem = system: extraModules:
|
|
nixpkgs.lib.nixosSystem rec {
|
|
modules = (defaultModules system) ++ extraModules;
|
|
inherit system;
|
|
specialArgs = {inherit system;};
|
|
};
|
|
mkHomeManager = confName: user: system: # unfortunately, home-manager configs are still system-specific
|
|
# FIXME: this is thus still linux-x86_64 specific
|
|
home-manager.lib.homeManagerConfiguration {
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
modules = [
|
|
{
|
|
imports = [
|
|
nur.hmModules.nur
|
|
# TODO: $name can be utilised to conditionally load other config files
|
|
./home/home.nix
|
|
];
|
|
# extends the home config
|
|
home.username = user;
|
|
home.homeDirectory = "/home/${user}";
|
|
}
|
|
];
|
|
# Optionally use extraSpecialArgs
|
|
# to pass through arguments to home.nix
|
|
extraSpecialArgs = {
|
|
inherit inputs system;
|
|
};
|
|
};
|
|
in
|
|
{
|
|
nixosConfigurations = {
|
|
thinknix = mkSystem systems.x86_64-linux [ ./hosts/thinknix inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t440s lanzaboote.nixosModules.lanzaboote ];
|
|
framenix = mkSystem systems.x86_64-linux [ ./hosts/framenix inputs.nixos-hardware.nixosModules.framework-13-7040-amd lanzaboote.nixosModules.lanzaboote ];
|
|
};
|
|
homeConfigurations.spiollinux = mkHomeManager "spiollinux" "spiollinux" systems.x86_64-linux;
|
|
};
|
|
}
|