migrate constructSystem to lib/

migrates the bulk of constructSystem to lib/ and splits out the largest
chunks into individual functions (namely SOPS, home-manager, and user creation);

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

flake.lock

@@ -10,7 +10,9 @@
         "nixpkgs": [
           "nixpkgs"
         ],
-        "nixpkgs-stable": "nixpkgs-stable"
+        "nixpkgs-stable": [
+          "nixpkgs-stable"
+        ]
       },
       "locked": {
         "lastModified": 1711742460,
@@ -458,7 +460,7 @@
         "nixos-hardware": "nixos-hardware",
         "nixos-modules": "nixos-modules",
         "nixpkgs": "nixpkgs",
-        "nixpkgs-stable": "nixpkgs-stable_2",
+        "nixpkgs-stable": "nixpkgs-stable",
         "rust-overlay": "rust-overlay",
         "sops-nix": "sops-nix",
         "systems": "systems",

flake.nix

@@ -23,93 +23,96 @@
     trusted-users = [ "root" ];
   };
 
-  inputs = {
+  inputs =
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small";
-    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";
-    systems.url = "github:nix-systems/default";
-    nix-index-database = {
-      url = "github:Mic92/nix-index-database";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
 
-    nix = {
+    {
-      url = "github:NixOS/nix/latest-release";
+      nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small";
-      inputs.nixpkgs.follows = "nixpkgs";
+      nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";
-    };
+      systems.url = "github:nix-systems/default";
+      nix-index-database = {
+        url = "github:Mic92/nix-index-database";
+        inputs.nixpkgs.follows = "nixpkgs";
+      };
 
-    flake-utils = {
+      nix = {
-      url = "github:numtide/flake-utils";
+        url = "github:NixOS/nix/latest-release";
-      inputs.systems.follows = "systems";
+        inputs.nixpkgs.follows = "nixpkgs";
-    };
+      };
 
-    fenix = {
+      flake-utils = {
-      url = "github:nix-community/fenix";
+        url = "github:numtide/flake-utils";
-      inputs.nixpkgs.follows = "nixpkgs";
+        inputs.systems.follows = "systems";
-    };
+      };
 
-    nixos-modules = {
+      fenix = {
-      url = "github:SuperSandro2000/nixos-modules";
+        url = "github:nix-community/fenix";
-      inputs = {
+        inputs.nixpkgs.follows = "nixpkgs";
-        nixpkgs.follows = "nixpkgs";
+      };
-        flake-utils.follows = "flake-utils";
+
+      nixos-modules = {
+        url = "github:SuperSandro2000/nixos-modules";
+        inputs = {
+          nixpkgs.follows = "nixpkgs";
+          flake-utils.follows = "flake-utils";
+        };
+      };
+
+      home-manager = {
+        url = "github:nix-community/home-manager";
+        inputs.nixpkgs.follows = "nixpkgs";
+      };
+
+      sops-nix = {
+        url = "github:Mic92/sops-nix";
+        inputs = {
+          nixpkgs.follows = "nixpkgs";
+          nixpkgs-stable.follows = "nixpkgs-stable";
+        };
+      };
+
+      nix-pre-commit = {
+        url = "github:jmgilman/nix-pre-commit";
+        inputs = {
+          nixpkgs.follows = "nixpkgs";
+          flake-utils.follows = "flake-utils";
+        };
+      };
+
+      wired-notify = {
+        url = "github:Toqozz/wired-notify";
+        inputs = {
+          nixpkgs.follows = "nixpkgs";
+          rust-overlay.follows = "rust-overlay";
+        };
+      };
+
+      rust-overlay = {
+        url = "github:oxalica/rust-overlay";
+        inputs = {
+          flake-utils.follows = "flake-utils";
+          nixpkgs.follows = "nixpkgs";
+        };
+      };
+
+      nixos-hardware = {
+        url = "github:NixOS/nixos-hardware";
+      };
+
+      attic = {
+        url = "github:zhaofengli/attic";
+        inputs = {
+          nixpkgs.follows = "nixpkgs";
+          nixpkgs-stable.follows = "nixpkgs-stable";
+          flake-utils.follows = "flake-utils";
+        };
+      };
+
+      hyprland-contrib = {
+        url = "github:hyprwm/contrib";
+        inputs.nixpkgs.follows = "nixpkgs";
       };
     };
 
-    home-manager = {
-      url = "github:nix-community/home-manager";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
-    sops-nix = {
-      url = "github:Mic92/sops-nix";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-        nixpkgs-stable.follows = "nixpkgs-stable";
-      };
-    };
-
-    nix-pre-commit = {
-      url = "github:jmgilman/nix-pre-commit";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-        flake-utils.follows = "flake-utils";
-      };
-    };
-
-    wired-notify = {
-      url = "github:Toqozz/wired-notify";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-        rust-overlay.follows = "rust-overlay";
-      };
-    };
-
-    rust-overlay = {
-      url = "github:oxalica/rust-overlay";
-      inputs = {
-        flake-utils.follows = "flake-utils";
-        nixpkgs.follows = "nixpkgs";
-      };
-    };
-
-    nixos-hardware = {
-      url = "github:NixOS/nixos-hardware";
-    };
-
-    attic = {
-      url = "github:zhaofengli/attic";
-      inputs = {
-        nixpkgs.follows = "nixpkgs";
-        flake-utils.follows = "flake-utils";
-      };
-    };
-
-    hyprland-contrib = {
-      url = "github:hyprwm/contrib";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-  };
-
   outputs =
     {
       self,
@@ -138,7 +141,11 @@
       #
       # used for module imports and system search
       src = builtins.filterSource (
-        path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)
+        path: type:
+        type == "directory"
+        || lib.hasSuffix ".nix"
+        || lib.hasSuffix ".yaml"
+        || lib.hasSuffix ".yml" (baseNameOf path)
       ) ./.;
 
       config = {
@@ -175,71 +182,14 @@
 
       nixosConfigurations =
         let
-          constructSystem =
+          constructSystem = lib.rad-dev.systems.constructSystem;
-            {
-              hostname,
-              users,
-              home ? true,
-              iso ? [ ],
-              modules ? [ ],
-              server ? true,
-              sops ? true,
-              system ? "x86_64-linux",
-            }:
-            lib.nixosSystem {
-              system = "x86_64-linux";
-              specialArgs = inputs;
-              modules =
-                [
-                  nixos-modules.nixosModule
-                  sops-nix.nixosModules.sops
-                  { config.networking.hostName = "${hostname}"; }
-                  ./systems/${hostname}/hardware.nix
-                  ./systems/${hostname}/configuration.nix
-                ]
-                ++ (lib.rad-dev.fileList src "modules")
-                ++ modules
-                ++ lib.optional home home-manager.nixosModules.home-manager
-                ++ (
-                  if home then
-                    (map (user: { home-manager.users.${user} = import ./users/${user}/home.nix; }) users)
-                  else
-                    [ ]
-                )
-                ++ lib.optional (system != "x86_64-linux") {
-                  config.nixpkgs = {
-                    config.allowUnsupportedSystem = true;
-                    buildPlatform = "x86_64-linux";
-                  };
-                }
-                ++ map (
-                  user:
-                  {
-                    config,
-                    lib,
-                    pkgs,
-                    ...
-                  }@args:
-                  {
-                    users.users.${user} = import ./users/${user} (args // { name = "${user}"; });
-                    boot.initrd.network.ssh.authorizedKeys =
-                      lib.mkIf server
-                        config.users.users.${user}.openssh.authorizedKeys.keys;
-                    sops = lib.mkIf sops {
-                      secrets."${user}/user-password" = {
-                        sopsFile = ./users/${user}/secrets.yaml;
-                        neededForUsers = true;
-                      };
-                    };
-                  }
-                ) users;
-            };
         in
         (builtins.listToAttrs (
           map (system: {
             name = system;
             value = constructSystem (
               {
+                inherit inputs src;
                 hostname = system;
               }
               // builtins.removeAttrs (import ./systems/${system} { inherit inputs; }) [

lib/default.nix

@@ -2,6 +2,8 @@
 {
   # create rad-dev namespace for lib
   rad-dev = rec {
+    systems = import ./systems.nix { inherit lib; };
+
     # any(), but checks if any value in the list is true
     #
     # args:

lib/systems.nix

@@ -0,0 +1,88 @@
+{ lib, ... }:
+
+rec {
+  genHostName = hostname: { config.networking.hostName = hostname; };
+
+  genHome =
+    {
+      inputs,
+      users,
+      src,
+      ...
+    }:
+    [ inputs.home-manager.nixosModules.home-manager ]
+    ++ (map (user: { home-manager.users.${user} = import (src + "/users/${user}/home.nix"); }) users);
+
+  genSops =
+    {
+      inputs,
+      users,
+      src,
+      ...
+    }:
+    [ inputs.sops-nix.nixosModules.sops ]
+    ++ (map (user: {
+      sops.secrets."${user}/user-password" = {
+        sopsFile = src + "/users/${user}/secrets.yaml";
+        neededForUsers = true;
+      };
+    }) users);
+
+  genUsers =
+    { users, src, ... }:
+    (map (
+      user:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }@args:
+      {
+        users.users.${user} = import (src + "/users/${user}") (args // { name = user; });
+      }
+    ) users);
+
+  genWrapper =
+    var: func: args:
+    lib.optionals var (func args);
+
+  nonX86 = {
+    config.nixpkgs = {
+      config.allowUnsupportedSystem = true;
+      buildPlatform = "x86_64-linux";
+    };
+  };
+
+  constructSystem =
+    {
+      hostname,
+      users,
+      inputs,
+      src,
+      home ? true,
+      iso ? [ ],
+      modules ? [ ],
+      server ? true,
+      sops ? true,
+      system ? "x86_64-linux",
+
+    }@args:
+
+    lib.nixosSystem {
+      inherit system;
+      specialArgs = inputs;
+      modules =
+        [
+          inputs.nixos-modules.nixosModule
+          (genHostName hostname)
+          (src + "/systems/${hostname}/hardware.nix")
+          (src + "/systems/${hostname}/configuration.nix")
+        ]
+        ++ modules
+        ++ (lib.rad-dev.fileList src "modules")
+        ++ genWrapper sops genSops args
+        ++ genWrapper home genHome args
+        ++ genWrapper true genUsers args;
+    };
+}