move to flake entrypoint

2024-08-18 16:46:59 +01:00 · 2024-08-18 16:46:59 +01:00 · 6f17f67493
parent 60a9f59816
commit 6f17f67493
5 changed files with 230 additions and 115 deletions
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,126 @@
 {
  "nodes": {
    "agenix": {
      "inputs": {
        "darwin": [],
        "home-manager": "home-manager",
        "nixpkgs": [
          "nixpkgs"
        ],
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1723293904,
        "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
        "type": "github"
      },
      "original": {
        "owner": "ryantm",
        "repo": "agenix",
        "type": "github"
      }
    },
    "birdsong": {
      "locked": {
        "lastModified": 1722971137,
        "narHash": "sha256-1x0vaUy/uFCfoDn0a4K55+MNseAqLQmv1GPP6GQFFIA=",
        "ref": "main",
        "rev": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3",
        "revCount": 7,
        "type": "git",
        "url": "https://git.qenya.tel/qenya/birdsong"
      },
      "original": {
        "ref": "main",
        "type": "git",
        "url": "https://git.qenya.tel/qenya/birdsong"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "agenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1703113217,
        "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "home-manager_2": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1720042825,
        "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "ref": "release-24.05",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1723688146,
        "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-24.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "birdsong": "birdsong",
        "home-manager": "home-manager_2",
        "nixpkgs": "nixpkgs"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
  "version": 7
 }
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,104 @@
 {
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
    home-manager = {
      url = "github:nix-community/home-manager/release-24.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    agenix = {
      url = "github:ryantm/agenix?tag=0.15.0";
      inputs = {
        nixpkgs.follows = "nixpkgs";
        darwin.follows = "";
      };
    };
    birdsong.url = "git+https://git.qenya.tel/qenya/birdsong?ref=main";
  };
  outputs = inputs@{ self, nixpkgs, home-manager, agenix, birdsong, ... }: {
    colmena = {
      meta.nixpkgs = import nixpkgs { system = "x86_64-linux"; };
      meta.nodeNixpkgs.kalessin = import nixpkgs { system = "aarch64-linux"; }; # TODO: this should be generated from the host config somehow
      defaults = { name, nodes, config, lib, pkgs, ... }: {
        deployment.replaceUnknownProfiles = lib.mkDefault false;
        networking.hostName = name;
        nix.settings.experimental-features = "nix-command flakes";
        nixpkgs.flake.source = nixpkgs;
        nix.nixPath = [ "nixpkgs=flake:nixpkgs" ];
        nixpkgs.config = {
          allowUnfree = true;
          packageOverrides = pkgs:
            let sources = import ./npins;
            in {
              agenix = (import sources.agenix { inherit pkgs; }).agenix;
              nur = (import sources.nur { inherit pkgs; });
              vscode-extensions = (import sources.nix-vscode-extensions).extensions.x86_64-linux; # TODO: This should check the host architecture
            };
        };
        home-manager = {
          useUserPackages = true;
          useGlobalPkgs = true;
        };
        imports = [
          home-manager.nixosModules.home-manager
          agenix.nixosModules.default
          birdsong.nixosModules.default
          ./common
          ./services
        ];
      };
      tohru = { name, nodes, ... }: {
        networking.hostId = "31da19c1";
        time.timeZone = "Europe/London";
        imports = [
          ./deployment/local.nix
          ./hosts/tohru/configuration.nix
        ];
      };
      yevaud = { name, nodes, ... }: {
        networking.hostId = "09673d65";
        time.timeZone = "Etc/UTC";
        imports = [
          ./deployment/remote.nix
          ./hosts/yevaud/configuration.nix
        ];
      };
      orm = { name, nodes, ... }: {
        networking.hostId = "00000000";
        time.timeZone = "Etc/UTC";
        imports = [
          ./deployment/remote.nix
          ./hosts/orm/configuration.nix
        ];
      };
      kalessin = { name, nodes, ... }: {
        networking.hostId = "534b538e";
        time.timeZone = "Etc/UTC";
        deployment = {
          buildOnTarget = true;
          replaceUnknownProfiles = true;
        };
        imports = [
          ./deployment/remote.nix
          ./hosts/kalessin/configuration.nix
        ];
      };
    };
  };
 }
--- a/hive.nix
+++ b/hive.nix
@ -1,76 +0,0 @@
 let sources = import ./npins;
 in {
  meta.nixpkgs = sources.nixpkgs;
  defaults = { name, nodes, config, lib, pkgs, ... }: {
    deployment.replaceUnknownProfiles = lib.mkDefault false;
    networking.hostName = name;
    nixpkgs.config = {
      allowUnfree = true;
      packageOverrides = pkgs: {
        agenix = (import sources.agenix { inherit pkgs; }).agenix;
        nur = (import sources.nur { inherit pkgs; });
        vscode-extensions = (import sources.nix-vscode-extensions).extensions.x86_64-linux; # TODO: This should check the host architecture
      };
    };
    home-manager = {
      useUserPackages = true;
      useGlobalPkgs = true;
    };
    imports = [
      (import "${sources.home-manager}/nixos")
      (import "${sources.agenix}/modules/age.nix")
      (import "${sources.birdsong}/module.nix")
      ./pinning.nix
      ./common
      ./services
    ];
  };
  tohru = { name, nodes, ... }: {
    networking.hostId = "31da19c1";
    time.timeZone = "Europe/London";
    imports = [
      ./deployment/local.nix
      ./hosts/tohru/configuration.nix
    ];
  };
  yevaud = { name, nodes, ... }: {
    networking.hostId = "09673d65";
    time.timeZone = "Etc/UTC";
    imports = [
      ./deployment/remote.nix
      ./hosts/yevaud/configuration.nix
    ];
  };
  orm = { name, nodes, ... }: {
    networking.hostId = "00000000";
    time.timeZone = "Etc/UTC";
    imports = [
      ./deployment/remote.nix
      ./hosts/orm/configuration.nix
    ];
  };
  kalessin = { name, nodes, ... }: {
    networking.hostId = "534b538e";
    time.timeZone = "Etc/UTC";
    deployment = {
      buildOnTarget = true;
      replaceUnknownProfiles = true;
    };
    imports = [
      ./deployment/remote.nix
      ./hosts/kalessin/configuration.nix
    ];
  };
 }
--- a/npins/sources.json
+++ b/npins/sources.json
@ -15,29 +15,6 @@
      "url": "https://api.github.com/repos/ryantm/agenix/tarball/0.15.0",
      "hash": "01dhrghwa7zw93cybvx4gnrskqk97b004nfxgsys0736823956la"
    },
    "birdsong": {
      "type": "Git",
      "repository": {
        "type": "Git",
        "url": "https://git.qenya.tel/qenya/birdsong.git"
      },
      "branch": "main",
      "revision": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3",
      "url": null,
      "hash": "100l0mjfikv3sjphjb9aw2qhvqz7p616px1rl2gm1f5z9iljy7fp"
    },
    "home-manager": {
      "type": "Git",
      "repository": {
        "type": "GitHub",
        "owner": "nix-community",
        "repo": "home-manager"
      },
      "branch": "release-24.05",
      "revision": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
      "url": "https://github.com/nix-community/home-manager/archive/e1391fb22e18a36f57e6999c7a9f966dc80ac073.tar.gz",
      "hash": "0c83di08nhkzq0cwc3v7aax3x8y5m7qahyzxppinzwxi3r8fnjq3"
    },
    "nix-vscode-extensions": {
      "type": "Git",
      "repository": {
@ -50,12 +27,6 @@
      "url": "https://github.com/nix-community/nix-vscode-extensions/archive/27ce569a199d2da1a8483fe3d69dd41664da3a63.tar.gz",
      "hash": "1dpykmk4xmpvx9i8awd93h0g1q8ir2pwsisjzc7vc5f43lm7h86b"
    },
    "nixpkgs": {
      "type": "Channel",
      "name": "nixos-24.05",
      "url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.3914.c3d4ac725177/nixexprs.tar.xz",
      "hash": "1bs4sl01pbxp47sr3hny9mipfibazw1ch2b9cd6vygi501ickx9w"
    },
    "nur": {
      "type": "Git",
      "repository": {
--- a/pinning.nix
+++ b/pinning.nix
@ -1,10 +0,0 @@
 { config, lib, pkgs, ... }:
 let sources = import ./npins;
 in {
  # Make <nixpkgs> point systemwide to the pinned nixpkgs
  # https://jade.fyi/blog/pinning-nixos-with-npins/
  nix.settings.experimental-features = "nix-command flakes";
  nixpkgs.flake.source = sources.nixpkgs;
  nix.nixPath = [ "nixpkgs=flake:nixpkgs" ];
 }