mirror of
https://github.com/kmein/niveum
synced 2026-03-16 10:11:08 +01:00
527 lines
20 KiB
Nix
527 lines
20 KiB
Nix
{
|
|
description = "niveum: packages, modules, systems";
|
|
|
|
inputs = {
|
|
self.submodules = true;
|
|
|
|
agenix.url = "github:ryantm/agenix";
|
|
autorenkalender.url = "github:kmein/autorenkalender";
|
|
coptic-dictionary.url = "github:kmein/coptic-dictionary";
|
|
home-manager.url = "github:nix-community/home-manager/release-25.11";
|
|
menstruation-backend.url = "github:kmein/menstruation.rs";
|
|
menstruation-telegram.url = "github:kmein/menstruation-telegram";
|
|
nix-index-database.url = "github:nix-community/nix-index-database";
|
|
nixpkgs-old.url = "github:NixOS/nixpkgs/50fc86b75d2744e1ab3837ef74b53f103a9b55a0";
|
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
|
|
nur.url = "github:nix-community/NUR";
|
|
recht.url = "github:kmein/recht";
|
|
retiolum.url = "github:krebs/retiolum";
|
|
scripts.url = "github:kmein/scripts";
|
|
stockholm.url = "github:krebs/stockholm";
|
|
stylix.url = "github:danth/stylix/release-25.11";
|
|
telebots.url = "github:kmein/telebots";
|
|
tinc-graph.url = "github:kmein/tinc-graph";
|
|
treefmt-nix.url = "github:numtide/treefmt-nix";
|
|
voidrice.url = "github:Lukesmithxyz/voidrice";
|
|
wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1";
|
|
wallpapers.url = "github:kmein/wallpapers";
|
|
|
|
agenix.inputs.home-manager.follows = "home-manager";
|
|
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
|
autorenkalender.inputs.nixpkgs.follows = "nixpkgs";
|
|
coptic-dictionary.inputs.nixpkgs.follows = "nixpkgs";
|
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
|
menstruation-telegram.inputs.menstruation-backend.follows = "menstruation-backend";
|
|
menstruation-telegram.inputs.nixpkgs.follows = "nixpkgs-old";
|
|
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
|
|
recht.inputs.nixpkgs.follows = "nixpkgs";
|
|
scripts.inputs.nixpkgs.follows = "nixpkgs";
|
|
stylix.inputs.nixpkgs.follows = "nixpkgs";
|
|
tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
|
|
voidrice.flake = false;
|
|
wallpapers.flake = false;
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
nixpkgs-unstable,
|
|
nur,
|
|
home-manager,
|
|
agenix,
|
|
retiolum,
|
|
coptic-dictionary,
|
|
menstruation-backend,
|
|
menstruation-telegram,
|
|
scripts,
|
|
tinc-graph,
|
|
recht,
|
|
treefmt-nix,
|
|
autorenkalender,
|
|
wallpaper-generator,
|
|
telebots,
|
|
stockholm,
|
|
nix-index-database,
|
|
stylix,
|
|
voidrice,
|
|
...
|
|
}:
|
|
let
|
|
lib = nixpkgs.lib;
|
|
eachSupportedSystem = lib.genAttrs lib.systems.flakeExposed;
|
|
treefmtEval = eachSupportedSystem (
|
|
system:
|
|
treefmt-nix.lib.evalModule nixpkgs.legacyPackages.${system} (
|
|
{ pkgs, ... }:
|
|
{
|
|
projectRootFile = "flake.nix";
|
|
programs.nixfmt.enable = true;
|
|
programs.ormolu.enable = true;
|
|
programs.black.enable = true;
|
|
programs.prettier.enable = true;
|
|
programs.stylua.enable = true;
|
|
}
|
|
)
|
|
);
|
|
in
|
|
{
|
|
apps =
|
|
let
|
|
localSystem = "x86_64-linux";
|
|
in
|
|
{
|
|
${localSystem} =
|
|
let
|
|
pkgs = nixpkgs.legacyPackages.${localSystem};
|
|
lib = nixpkgs.lib;
|
|
in
|
|
lib.mergeAttrsList [
|
|
{
|
|
mock-secrets = {
|
|
type = "app";
|
|
program = toString (
|
|
pkgs.writers.writeDash "mock-secrets" ''
|
|
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt
|
|
''
|
|
);
|
|
};
|
|
}
|
|
(builtins.listToAttrs (
|
|
map (
|
|
hostname:
|
|
let
|
|
machines = import lib/machines.nix;
|
|
systemAddresses =
|
|
system:
|
|
lib.optionals (system ? "internalIp") [ system.internalIp ]
|
|
++ lib.optionals (system ? "externalIp") [ system.externalIp ]
|
|
++ lib.optionals (system ? "retiolum") [
|
|
system.retiolum.ipv6
|
|
system.retiolum.ipv4
|
|
]
|
|
++ lib.optionals (system ? "mycelium") [ system.mycelium.ipv6 ];
|
|
addresses = lib.listToAttrs (
|
|
map (name: {
|
|
inherit name;
|
|
value = systemAddresses (machines.${hostname});
|
|
}) (builtins.attrNames self.nixosConfigurations)
|
|
);
|
|
deployScript = pkgs.writers.writeBash "deploy-${hostname}" ''
|
|
# try to connect to any of the known addresses
|
|
targets=(
|
|
${lib.concatStringsSep " " (map (addr: "\"root@${addr}\"") addresses.${hostname})}
|
|
)
|
|
for target in "''${targets[@]}"; do
|
|
nc -z -w 2 "$(echo $target | cut -d'@' -f2)" ${
|
|
toString machines.${hostname}.sshPort
|
|
} && reachable_target=$target && break
|
|
done
|
|
if [ -z "$reachable_target" ]; then
|
|
echo "No reachable target found for ${hostname}" >&2
|
|
exit 1
|
|
fi
|
|
echo "Deploying to ${hostname} via $reachable_target"
|
|
export NIX_SSHOPTS='-p ${toString machines.${hostname}.sshPort}'
|
|
${pkgs.nixos-rebuild-ng}/bin/nixos-rebuild-ng switch \
|
|
--max-jobs 2 \
|
|
--log-format internal-json \
|
|
--flake .#${hostname} \
|
|
--target-host "$reachable_target" \
|
|
${
|
|
lib.optionalString (localSystem != machines.${hostname}.system) "--build-host $reachable_target"
|
|
} \
|
|
|& ${pkgs.nix-output-monitor}/bin/nom --json
|
|
'';
|
|
in
|
|
lib.attrsets.nameValuePair "deploy-${hostname}" {
|
|
type = "app";
|
|
program = toString deployScript;
|
|
}
|
|
) (builtins.attrNames self.nixosConfigurations)
|
|
))
|
|
];
|
|
};
|
|
|
|
# TODO overlay for packages
|
|
# TODO remove flake-utils dependency from my own repos
|
|
|
|
nixosModules = {
|
|
moodle-dl = import modules/moodle-dl.nix;
|
|
passport = import modules/passport.nix;
|
|
panoptikon = import modules/panoptikon.nix;
|
|
power-action = import modules/power-action.nix;
|
|
system-dependent = import modules/system-dependent.nix;
|
|
telegram-bot = import modules/telegram-bot.nix;
|
|
go-webring = import modules/go-webring.nix;
|
|
};
|
|
|
|
lib = {
|
|
};
|
|
|
|
overlays.default = final: prev: {
|
|
niveum-terminal = prev.alacritty;
|
|
niveum-browser = prev.firefox;
|
|
niveum-filemanager = prev.pcmanfm;
|
|
|
|
# wrapped from upstream
|
|
wrapScript =
|
|
{
|
|
packages ? [ ],
|
|
name,
|
|
script,
|
|
}:
|
|
prev.writers.writeDashBin name ''PATH=$PATH:${
|
|
nixpkgs.lib.makeBinPath (
|
|
packages
|
|
++ [
|
|
final.findutils
|
|
final.coreutils
|
|
final.gnused
|
|
final.gnugrep
|
|
]
|
|
)
|
|
} ${script} "$@"'';
|
|
tag = final.wrapScript {
|
|
script = voidrice.outPath + "/.local/bin/tag";
|
|
name = "tag";
|
|
packages = [ final.ffmpeg ];
|
|
};
|
|
booksplit = final.wrapScript {
|
|
script = voidrice.outPath + "/.local/bin/booksplit";
|
|
name = "booksplit";
|
|
packages = [
|
|
final.ffmpeg
|
|
final.glibc.bin
|
|
];
|
|
};
|
|
auc = prev.callPackage packages/auc.nix { };
|
|
cheat-sh = prev.callPackage packages/cheat-sh.nix { };
|
|
brassica = prev.callPackage packages/brassica.nix { }; # TODO upstream
|
|
text2pdf = prev.callPackage packages/text2pdf.nix { }; # TODO upstream
|
|
wttr = prev.callPackage packages/wttr.nix { }; # TODO upstream
|
|
jsesh = prev.callPackage packages/jsesh.nix { }; # TODO upstream
|
|
opustags = prev.callPackage packages/opustags.nix { }; # TODO upstream
|
|
trans = prev.callPackage packages/trans.nix { }; # TODO upstream
|
|
go-webring = prev.callPackage packages/go-webring.nix { }; # TODO upstream
|
|
stag = prev.callPackage packages/stag.nix { }; # TODO upstream
|
|
mpv = prev.mpv.override {
|
|
scripts = [
|
|
final.mpvScripts.visualizer
|
|
final.mpvScripts.mpris
|
|
];
|
|
};
|
|
morris = prev.callPackage packages/morris.nix { };
|
|
cro = prev.callPackage packages/cro.nix { };
|
|
dmenu = prev.writers.writeDashBin "dmenu" ''exec ${final.rofi}/bin/rofi -dmenu "$@"'';
|
|
weechatScripts = prev.weechatScripts // {
|
|
hotlist2extern = prev.callPackage packages/weechatScripts/hotlist2extern.nix { }; # TODO upstream
|
|
};
|
|
vimPlugins = prev.vimPlugins // {
|
|
cheat-sh = prev.callPackage packages/vimPlugins/cheat-sh.nix { };
|
|
icalendar-vim = prev.callPackage packages/vimPlugins/icalendar-vim.nix { }; # TODO upstream
|
|
jq-vim = prev.callPackage packages/vimPlugins/jq-vim.nix { }; # TODO upstream
|
|
typst-vim = prev.callPackage packages/vimPlugins/typst-vim.nix { }; # TODO upstream
|
|
mdwa-nvim = prev.callPackage packages/vimPlugins/mdwa-nvim.nix { }; # TODO upstream
|
|
vim-ernest = prev.callPackage packages/vimPlugins/vim-ernest.nix { }; # TODO upstream
|
|
vim-256noir = prev.callPackage packages/vimPlugins/vim-256noir.nix { }; # TODO upstream
|
|
vim-colors-paramount = prev.callPackage packages/vimPlugins/vim-colors-paramount.nix { }; # TODO upstream
|
|
vim-fetch = prev.callPackage packages/vimPlugins/vim-fetch.nix { }; # TODO upstream
|
|
vim-fsharp = prev.callPackage packages/vimPlugins/vim-fsharp.nix { }; # TODO upstream
|
|
vim-mail = prev.callPackage packages/vimPlugins/vim-mail.nix { }; # TODO upstream
|
|
vim-reason-plus = prev.callPackage packages/vimPlugins/vim-reason-plus.nix { }; # TODO upstream
|
|
};
|
|
|
|
# packaged from inputs
|
|
agenix = agenix.packages.${prev.stdenv.hostPlatform.system}.default;
|
|
alarm = scripts.packages.${prev.stdenv.hostPlatform.system}.alarm;
|
|
menstruation-telegram =
|
|
menstruation-telegram.packages.${prev.stdenv.hostPlatform.system}.menstruation-telegram;
|
|
menstruation-backend =
|
|
menstruation-backend.packages.${prev.stdenv.hostPlatform.system}.menstruation-backend;
|
|
telebots = telebots.packages.${prev.stdenv.hostPlatform.system}.telebots;
|
|
hesychius = scripts.packages.${prev.stdenv.hostPlatform.system}.hesychius;
|
|
autorenkalender = autorenkalender.packages.${prev.stdenv.hostPlatform.system}.default;
|
|
coptic-stardict = coptic-dictionary.packages.${prev.stdenv.hostPlatform.system}.coptic-stardict;
|
|
onomap = scripts.packages.${prev.stdenv.hostPlatform.system}.onomap;
|
|
tinc-graph = tinc-graph.packages.${prev.stdenv.hostPlatform.system}.tinc-graph;
|
|
wp-gen = wallpaper-generator.packages.${prev.stdenv.hostPlatform.system}.wp-gen;
|
|
|
|
# krebs
|
|
brainmelter = prev.callPackage packages/brainmelter.nix { };
|
|
cyberlocker-tools = prev.callPackage packages/cyberlocker-tools.nix { };
|
|
hc = prev.callPackage packages/hc.nix { };
|
|
pls = prev.callPackage packages/pls.nix { };
|
|
radio-news = prev.callPackage packages/radio-news { };
|
|
untilport = prev.callPackage packages/untilport.nix { };
|
|
weechat-declarative = prev.callPackage packages/weechat-declarative.nix { };
|
|
|
|
# my packages
|
|
betacode = prev.callPackage packages/betacode.nix { };
|
|
closest = prev.callPackage packages/closest { };
|
|
default-gateway = prev.callPackage packages/default-gateway.nix { };
|
|
depp = prev.callPackage packages/depp.nix { };
|
|
devanagari = prev.callPackage packages/devanagari { };
|
|
radioStreams = prev.callPackage packages/streams { };
|
|
devour = prev.callPackage packages/devour.nix { };
|
|
dmenu-randr = prev.callPackage packages/dmenu-randr.nix { };
|
|
emailmenu = prev.callPackage packages/emailmenu.nix { };
|
|
fkill = prev.callPackage packages/fkill.nix { };
|
|
fzfmenu = prev.callPackage packages/fzfmenu.nix { };
|
|
gfs-fonts = prev.callPackage packages/gfs-fonts.nix { };
|
|
heuretes = prev.callPackage packages/heuretes.nix { };
|
|
image-convert-favicon = prev.callPackage packages/image-convert-favicon.nix { };
|
|
image-convert-tolino = prev.callPackage packages/image-convert-tolino.nix { };
|
|
ipa = prev.writers.writePython3Bin "ipa" { flakeIgnore = [ "E501" ]; } packages/ipa.py;
|
|
kirciuoklis = prev.callPackage packages/kirciuoklis.nix { };
|
|
kpaste = prev.callPackage packages/kpaste.nix { };
|
|
literature-quote = prev.callPackage packages/literature-quote.nix { };
|
|
man-pdf = prev.callPackage packages/man-pdf.nix { };
|
|
mansplain = prev.callPackage packages/mansplain.nix { };
|
|
manual-sort = prev.callPackage packages/manual-sort.nix { };
|
|
mpv-iptv = prev.callPackage packages/mpv-iptv.nix { };
|
|
mpv-radio = prev.callPackage packages/mpv-radio.nix { di-fm-key-file = "/dev/null"; };
|
|
mpv-tuner = prev.callPackage packages/mpv-tuner.nix { di-fm-key-file = "/dev/null"; };
|
|
mpv-tv = prev.callPackage packages/mpv-tv.nix { };
|
|
new-mac = prev.callPackage packages/new-mac.nix { };
|
|
nix-git = prev.callPackage packages/nix-git.nix { };
|
|
noise-waves = prev.callPackage packages/noise-waves.nix { };
|
|
notemenu = prev.callPackage packages/notemenu.nix { };
|
|
obsidian-vim = prev.callPackage packages/obsidian-vim.nix { };
|
|
vim-typewriter = prev.callPackage packages/vim-typewriter.nix { };
|
|
polyglot = prev.callPackage packages/polyglot.nix { };
|
|
q = prev.callPackage packages/q.nix { };
|
|
qrpaste = prev.callPackage packages/qrpaste.nix { };
|
|
random-zeno = prev.callPackage packages/random-zeno.nix { };
|
|
scanned = prev.callPackage packages/scanned.nix { };
|
|
stardict-tools = prev.callPackage packages/stardict-tools.nix { };
|
|
swallow = prev.callPackage packages/swallow.nix { };
|
|
tocharian-font = prev.callPackage packages/tocharian-font.nix { };
|
|
ttspaste = prev.callPackage packages/ttspaste.nix { };
|
|
unicodmenu = prev.callPackage packages/unicodmenu.nix { };
|
|
vg = prev.callPackage packages/vg.nix { };
|
|
vim-kmein = prev.callPackage packages/vim-kmein { };
|
|
vimv = prev.callPackage packages/vimv.nix { };
|
|
klem = prev.callPackage packages/klem.nix { };
|
|
|
|
lib = lib // {
|
|
niveum = import lib/default.nix {
|
|
inherit lib;
|
|
pkgs = final;
|
|
};
|
|
panoptikon = import lib/panoptikon.nix {
|
|
inherit lib;
|
|
pkgs = final;
|
|
};
|
|
};
|
|
};
|
|
|
|
nixosConfigurations =
|
|
let
|
|
defaultModules = [
|
|
{ nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; }
|
|
{ nixpkgs.overlays = [ self.overlays.default ]; }
|
|
agenix.nixosModules.default
|
|
retiolum.nixosModules.retiolum
|
|
];
|
|
desktopModules = [
|
|
home-manager.nixosModules.home-manager
|
|
nix-index-database.nixosModules.default
|
|
nur.modules.nixos.default
|
|
stylix.nixosModules.stylix
|
|
self.nixosModules.system-dependent
|
|
self.nixosModules.power-action
|
|
];
|
|
in
|
|
{
|
|
ful = nixpkgs.lib.nixosSystem {
|
|
system = "aarch64-linux";
|
|
modules = defaultModules ++ [
|
|
systems/ful/configuration.nix
|
|
self.nixosModules.passport
|
|
self.nixosModules.panoptikon
|
|
self.nixosModules.go-webring
|
|
stockholm.nixosModules.reaktor2
|
|
nur.modules.nixos.default
|
|
{ nixpkgs.overlays = [ stockholm.overlays.default ]; }
|
|
];
|
|
};
|
|
zaatar = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = defaultModules ++ [
|
|
systems/zaatar/configuration.nix
|
|
];
|
|
};
|
|
kibbeh = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules =
|
|
defaultModules
|
|
++ desktopModules
|
|
++ [
|
|
systems/kibbeh/configuration.nix
|
|
];
|
|
};
|
|
makanek = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = defaultModules ++ [
|
|
systems/makanek/configuration.nix
|
|
self.nixosModules.telegram-bot
|
|
self.nixosModules.passport
|
|
nur.modules.nixos.default
|
|
];
|
|
};
|
|
tahina = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = defaultModules ++ [
|
|
systems/tahina/configuration.nix
|
|
];
|
|
};
|
|
tabula = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = defaultModules ++ [
|
|
systems/tabula/configuration.nix
|
|
];
|
|
};
|
|
manakish = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules =
|
|
defaultModules
|
|
++ desktopModules
|
|
++ [
|
|
systems/manakish/configuration.nix
|
|
];
|
|
};
|
|
kabsa = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules =
|
|
defaultModules
|
|
++ desktopModules
|
|
++ [
|
|
systems/kabsa/configuration.nix
|
|
];
|
|
};
|
|
fatteh = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules =
|
|
defaultModules
|
|
++ desktopModules
|
|
++ [
|
|
systems/fatteh/configuration.nix
|
|
];
|
|
};
|
|
};
|
|
|
|
formatter = eachSupportedSystem (system: treefmtEval.${system}.config.build.wrapper);
|
|
checks = eachSupportedSystem (system: {
|
|
formatting = treefmtEval.${system}.config.build.check self;
|
|
});
|
|
|
|
packages = eachSupportedSystem (
|
|
system:
|
|
let
|
|
pkgs = import nixpkgs {
|
|
inherit system;
|
|
config.allowUnfree = true;
|
|
overlays = [
|
|
nur.overlays.default
|
|
self.overlays.default
|
|
];
|
|
};
|
|
in
|
|
{
|
|
inherit (pkgs)
|
|
auc
|
|
betacode
|
|
booksplit
|
|
brainmelter
|
|
brassica
|
|
cheat-sh
|
|
closest
|
|
cro
|
|
cyberlocker-tools
|
|
default-gateway
|
|
depp
|
|
devanagari
|
|
devour
|
|
dmenu-randr
|
|
emailmenu
|
|
fkill
|
|
fzfmenu
|
|
gfs-fonts
|
|
gimp
|
|
go-webring
|
|
hc
|
|
heuretes
|
|
image-convert-favicon
|
|
image-convert-tolino
|
|
ipa
|
|
jsesh
|
|
kirciuoklis
|
|
klem
|
|
kpaste
|
|
literature-quote
|
|
man-pdf
|
|
mansplain
|
|
manual-sort
|
|
morris
|
|
mpv-iptv
|
|
mpv-radio
|
|
mpv-tuner
|
|
mpv-tv
|
|
new-mac
|
|
nix-git
|
|
noise-waves
|
|
notemenu
|
|
obsidian-vim
|
|
opustags
|
|
pls
|
|
polyglot
|
|
q
|
|
qrpaste
|
|
radio-news
|
|
random-zeno
|
|
rfc
|
|
scanned
|
|
stag
|
|
stardict-tools
|
|
swallow
|
|
text2pdf
|
|
timer
|
|
tocharian-font
|
|
trans
|
|
ttspaste
|
|
unicodmenu
|
|
untilport
|
|
vg
|
|
vim-kmein
|
|
vim-typewriter
|
|
vimv
|
|
weechat-declarative
|
|
wttr
|
|
;
|
|
}
|
|
);
|
|
};
|
|
}
|