flake: move flake configurations to a seperate folder

This commit is contained in:
Guanran Wang 2023-09-27 17:05:27 +08:00
parent 109ea25c58
commit e7a6d7831c
Signed by: nyancat
SSH key fingerprint: SHA256:8oWGKciPALWut/6WA27oFKofX+6Wtc0gQnsefXLQx/8
9 changed files with 98 additions and 90 deletions

105
flake.nix
View file

@ -46,13 +46,7 @@
modules = [ modules = [
./machines/darwin/imac-2017.nix ./machines/darwin/imac-2017.nix
./users/guanranwang/darwin.nix ./users/guanranwang/darwin.nix
./flakes/darwin/home-manager.nix
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.guanranwang = import ./users/guanranwang/home-manager/darwin/home.nix;
}
]; ];
}; };
}; };
@ -65,69 +59,13 @@
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ modules = [
./machines/nixos/81fw-lenovo-legion-y7000.nix ./machines/nixos/81fw-lenovo-legion-y7000.nix # Entrypoint, this .nix file imports ./nixos
./users/guanranwang/nixos.nix ./users/guanranwang/nixos.nix
./flakes/nixos/berberman.nix
# Overlays ./flakes/nixos/home-manager.nix
{ ./flakes/nixos/hosts.nix
nixpkgs.overlays = [ ./flakes/nixos/lanzaboote.nix
berberman.overlays.default ./flakes/nixos/sops-nix.nix
];
}
lanzaboote.nixosModules.lanzaboote
({ pkgs, lib, ... }:
{
environment.systemPackages = with pkgs; [ sbctl ];
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
})
home-manager.nixosModules.home-manager
({ lib, ... }:
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
# users,user, flake, os.
users.guanranwang = import ./users/guanranwang/home-manager/nixos;
extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ???
};
})
hosts.nixosModule
{
networking.stevenBlackHosts = {
enable = true;
blockFakenews = true;
blockGambling = true;
blockPorn = true;
blockSocial = true;
};
}
sops-nix.nixosModules.sops
({ config, ... }:
{
sops = {
defaultSopsFile = ./users/guanranwang/secrets/secrets.yaml;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = {
"clash-config" = {
#mode = "0444"; # readable
owner = config.users.users."clash-meta".name;
group = config.users.users."clash-meta".group;
restartUnits = [ "clash-meta.service" ];
path = "/etc/clash-meta/config.yaml";
};
"user-password-guanranwang".neededForUsers = true;
};
};
})
]; ];
}; };
@ -138,26 +76,11 @@
modules = [ modules = [
./machines/nixos/imac-2017.nix ./machines/nixos/imac-2017.nix
./users/guanranwag/nixos.nix ./users/guanranwag/nixos.nix
./flakes/nixos/berberman.nix
home-manager.nixosModules.home-manager ./flakes/nixos/home-manager.nix
{ ./flakes/nixos/hosts.nix
home-manager = { ./flakes/nixos/lanzaboote.nix
useGlobalPkgs = true; ./flakes/nixos/sops-nix.nix
useUserPackages = true;
users.guanranwang = import ./users/guananwnng/home-manager/nixos;
};
}
hosts.nixosModule
{
networking.stevenBlackHosts = {
enable = true;
blockFakenews = true;
blockGambling = true;
blockPorn = true;
blockSocial = true;
};
}
]; ];
}; };
}; };
@ -167,6 +90,8 @@
# Home-Manager # Home-Manager
homeConfigurations = { homeConfigurations = {
"guanranwang@81fw-nixos" = home-manager.lib.homeManagerConfiguration { "guanranwang@81fw-nixos" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs; };
modules = [ modules = [
sops-nix.homeManagerModules.sops sops-nix.homeManagerModules.sops
@ -184,6 +109,8 @@
}; };
"guanranwang@imac-nixos" = home-manager.lib.homeManagerConfiguration { "guanranwang@imac-nixos" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs; };
modules = [ modules = [
sops-nix.homeManagerModules.sops sops-nix.homeManagerModules.sops

View file

@ -0,0 +1,11 @@
{ inputs, ... }:
{
imports = [ inputs.home-manager.nixosModules.home-manager ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ???
};
}

View file

@ -0,0 +1,7 @@
{ inputs, ... }:
{
nixpkgs.overlays = [
inputs.berberman.overlays.default
];
}

View file

@ -0,0 +1,11 @@
{ inputs, ... }:
{
imports = [ inputs.home-manager.nixosModules.home-manager ];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs; }; # ??? isnt specialArgs imported by default ???
};
}

13
flakes/nixos/hosts.nix Normal file
View file

@ -0,0 +1,13 @@
{ inputs, ... }:
{
imports = [ inputs.hosts.nixosModule ];
networking.stevenBlackHosts = {
enable = true;
blockFakenews = true;
blockGambling = true;
blockPorn = true;
blockSocial = true;
};
}

View file

@ -0,0 +1,12 @@
{ pkgs, lib, inputs, ... }:
{
imports = [ inputs.lanzaboote.nixosModules.lanzaboote ];
environment.systemPackages = with pkgs; [ sbctl ];
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
}

View file

@ -0,0 +1,5 @@
{ inputs, ... }:
{
imports = [ inputs.sops-nix.nixosModules.sops ];
}

View file

@ -11,4 +11,7 @@
uid = 501; uid = 501;
}; };
}; };
# users,user, flake, os.
home-manager.users.guanranwang = import ../../users/guanranwang/home-manager/darwin; # NOTE: using flakes
} }

View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, ... }:
{ {
users.users."guanranwang" = { users.users."guanranwang" = {
@ -10,4 +10,23 @@
shell = pkgs.fish; shell = pkgs.fish;
packages = []; packages = [];
}; };
# Flakes.
home-manager.users.guanranwang = import ../../users/guanranwang/home-manager/nixos;
sops = {
defaultSopsFile = ../../users/guanranwang/secrets/secrets.yaml;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = {
"clash-config" = {
#mode = "0444"; # readable
owner = config.users.users."clash-meta".name;
group = config.users.users."clash-meta".group;
restartUnits = [ "clash-meta.service" ];
path = "/etc/clash-meta/config.yaml";
};
"user-password-guanranwang".neededForUsers = true;
};
};
} }