From e7a6d7831c74e3a5c40946cad37d2fa576b765f2 Mon Sep 17 00:00:00 2001 From: Guanran Wang Date: Wed, 27 Sep 2023 17:05:27 +0800 Subject: [PATCH] flake: move flake configurations to a seperate folder --- flake.nix | 105 +++++---------------------------- flakes/darwin/home-manager.nix | 11 ++++ flakes/nixos/berberman.nix | 7 +++ flakes/nixos/home-manager.nix | 11 ++++ flakes/nixos/hosts.nix | 13 ++++ flakes/nixos/lanzaboote.nix | 12 ++++ flakes/nixos/sops-nix.nix | 5 ++ users/guanranwang/darwin.nix | 3 + users/guanranwang/nixos.nix | 21 ++++++- 9 files changed, 98 insertions(+), 90 deletions(-) create mode 100644 flakes/darwin/home-manager.nix create mode 100644 flakes/nixos/berberman.nix create mode 100644 flakes/nixos/home-manager.nix create mode 100644 flakes/nixos/hosts.nix create mode 100644 flakes/nixos/lanzaboote.nix create mode 100644 flakes/nixos/sops-nix.nix diff --git a/flake.nix b/flake.nix index 9c835b7..add207d 100755 --- a/flake.nix +++ b/flake.nix @@ -46,13 +46,7 @@ modules = [ ./machines/darwin/imac-2017.nix ./users/guanranwang/darwin.nix - - home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.guanranwang = import ./users/guanranwang/home-manager/darwin/home.nix; - } + ./flakes/darwin/home-manager.nix ]; }; }; @@ -65,69 +59,13 @@ system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ - ./machines/nixos/81fw-lenovo-legion-y7000.nix + ./machines/nixos/81fw-lenovo-legion-y7000.nix # Entrypoint, this .nix file imports ./nixos ./users/guanranwang/nixos.nix - - # Overlays - { - nixpkgs.overlays = [ - berberman.overlays.default - ]; - } - - lanzaboote.nixosModules.lanzaboote - ({ pkgs, lib, ... }: - { - environment.systemPackages = with pkgs; [ sbctl ]; - boot.loader.systemd-boot.enable = lib.mkForce false; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - }) - - home-manager.nixosModules.home-manager - ({ lib, ... }: - { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - # users,user, flake, os. - users.guanranwang = import ./users/guanranwang/home-manager/nixos; - - extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ??? - }; - }) - - hosts.nixosModule - { - networking.stevenBlackHosts = { - enable = true; - blockFakenews = true; - blockGambling = true; - blockPorn = true; - blockSocial = true; - }; - } - - sops-nix.nixosModules.sops - ({ config, ... }: - { - sops = { - defaultSopsFile = ./users/guanranwang/secrets/secrets.yaml; - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - secrets = { - "clash-config" = { - #mode = "0444"; # readable - owner = config.users.users."clash-meta".name; - group = config.users.users."clash-meta".group; - restartUnits = [ "clash-meta.service" ]; - path = "/etc/clash-meta/config.yaml"; - }; - "user-password-guanranwang".neededForUsers = true; - }; - }; - }) + ./flakes/nixos/berberman.nix + ./flakes/nixos/home-manager.nix + ./flakes/nixos/hosts.nix + ./flakes/nixos/lanzaboote.nix + ./flakes/nixos/sops-nix.nix ]; }; @@ -138,26 +76,11 @@ modules = [ ./machines/nixos/imac-2017.nix ./users/guanranwag/nixos.nix - - home-manager.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - users.guanranwang = import ./users/guananwnng/home-manager/nixos; - }; - } - - hosts.nixosModule - { - networking.stevenBlackHosts = { - enable = true; - blockFakenews = true; - blockGambling = true; - blockPorn = true; - blockSocial = true; - }; - } + ./flakes/nixos/berberman.nix + ./flakes/nixos/home-manager.nix + ./flakes/nixos/hosts.nix + ./flakes/nixos/lanzaboote.nix + ./flakes/nixos/sops-nix.nix ]; }; }; @@ -167,6 +90,8 @@ # Home-Manager homeConfigurations = { "guanranwang@81fw-nixos" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + extraSpecialArgs = { inherit inputs; }; modules = [ sops-nix.homeManagerModules.sops @@ -184,6 +109,8 @@ }; "guanranwang@imac-nixos" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + extraSpecialArgs = { inherit inputs; }; modules = [ sops-nix.homeManagerModules.sops diff --git a/flakes/darwin/home-manager.nix b/flakes/darwin/home-manager.nix new file mode 100644 index 0000000..7a6e7ab --- /dev/null +++ b/flakes/darwin/home-manager.nix @@ -0,0 +1,11 @@ +{ inputs, ... }: + +{ + imports = [ inputs.home-manager.nixosModules.home-manager ]; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ??? + }; +} \ No newline at end of file diff --git a/flakes/nixos/berberman.nix b/flakes/nixos/berberman.nix new file mode 100644 index 0000000..7f1d3fb --- /dev/null +++ b/flakes/nixos/berberman.nix @@ -0,0 +1,7 @@ +{ inputs, ... }: + +{ + nixpkgs.overlays = [ + inputs.berberman.overlays.default + ]; +} \ No newline at end of file diff --git a/flakes/nixos/home-manager.nix b/flakes/nixos/home-manager.nix new file mode 100644 index 0000000..7a6e7ab --- /dev/null +++ b/flakes/nixos/home-manager.nix @@ -0,0 +1,11 @@ +{ inputs, ... }: + +{ + imports = [ inputs.home-manager.nixosModules.home-manager ]; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ??? + }; +} \ No newline at end of file diff --git a/flakes/nixos/hosts.nix b/flakes/nixos/hosts.nix new file mode 100644 index 0000000..1fcdfc4 --- /dev/null +++ b/flakes/nixos/hosts.nix @@ -0,0 +1,13 @@ +{ inputs, ... }: + +{ + imports = [ inputs.hosts.nixosModule ]; + + networking.stevenBlackHosts = { + enable = true; + blockFakenews = true; + blockGambling = true; + blockPorn = true; + blockSocial = true; + }; +} \ No newline at end of file diff --git a/flakes/nixos/lanzaboote.nix b/flakes/nixos/lanzaboote.nix new file mode 100644 index 0000000..e6ce0dd --- /dev/null +++ b/flakes/nixos/lanzaboote.nix @@ -0,0 +1,12 @@ +{ pkgs, lib, inputs, ... }: + +{ + imports = [ inputs.lanzaboote.nixosModules.lanzaboote ]; + + environment.systemPackages = with pkgs; [ sbctl ]; + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; +} \ No newline at end of file diff --git a/flakes/nixos/sops-nix.nix b/flakes/nixos/sops-nix.nix new file mode 100644 index 0000000..1e01be4 --- /dev/null +++ b/flakes/nixos/sops-nix.nix @@ -0,0 +1,5 @@ +{ inputs, ... }: + +{ + imports = [ inputs.sops-nix.nixosModules.sops ]; +} diff --git a/users/guanranwang/darwin.nix b/users/guanranwang/darwin.nix index 9867e55..adc3e96 100644 --- a/users/guanranwang/darwin.nix +++ b/users/guanranwang/darwin.nix @@ -11,4 +11,7 @@ uid = 501; }; }; + + # users,user, flake, os. + home-manager.users.guanranwang = import ../../users/guanranwang/home-manager/darwin; # NOTE: using flakes } \ No newline at end of file diff --git a/users/guanranwang/nixos.nix b/users/guanranwang/nixos.nix index ec6aebf..ad268e0 100644 --- a/users/guanranwang/nixos.nix +++ b/users/guanranwang/nixos.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { users.users."guanranwang" = { @@ -10,4 +10,23 @@ shell = pkgs.fish; packages = []; }; + + + # Flakes. + home-manager.users.guanranwang = import ../../users/guanranwang/home-manager/nixos; + + sops = { + defaultSopsFile = ../../users/guanranwang/secrets/secrets.yaml; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + secrets = { + "clash-config" = { + #mode = "0444"; # readable + owner = config.users.users."clash-meta".name; + group = config.users.users."clash-meta".group; + restartUnits = [ "clash-meta.service" ]; + path = "/etc/clash-meta/config.yaml"; + }; + "user-password-guanranwang".neededForUsers = true; + }; + }; } \ No newline at end of file