5 Commits

Author SHA1 Message Date
1394dc6b71 automated: Update flake.lock
All checks were successful
Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9m33s
Check Nix flake / Perform Nix flake checks (pull_request) Successful in 14m50s
Auto-generated by [update.yml][1] with the help of
[create-pull-request][2].

[1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml
[2]: https://forgejo.stefka.eu/jiriks74/create-pull-request
2025-07-08 12:21:31 +00:00
2df1ef27e1 Merge pull request 'feature/home-config' (#130) from feature/home-config into main
Some checks failed
Check flake.lock / Check health of `flake.lock` (push) Successful in 9m39s
Check Nix flake / Perform Nix flake checks (push) Successful in 14m38s
Update flakes / update_lockfile (push) Failing after 27m28s
Reviewed-on: #130
2025-07-08 01:26:38 -04:00
f4ff5a6251 remove lix, add homes to hydra
All checks were successful
Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9m40s
Check Nix flake / Perform Nix flake checks (pull_request) Successful in 14m52s
2025-07-08 01:10:59 -04:00
8f8bb999a3 make restic repos private 2025-07-04 18:11:28 -04:00
f11b0f9e0a add home-manager module for non-nixos systems 2025-07-04 14:36:37 -04:00
8 changed files with 85 additions and 163 deletions

View File

@ -19,39 +19,39 @@ creation_rules:
- path_regex: users/alice/secrets.*\.yaml$ - path_regex: users/alice/secrets.*\.yaml$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *palatine-hill - *palatine-hill
- *artemision - *artemision
- *artemision-home - *artemision-home
- path_regex: systems/palatine-hill/secrets.*\.yaml$ - path_regex: systems/palatine-hill/secrets.*\.yaml$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *palatine-hill - *palatine-hill
- path_regex: systems/artemision/secrets.*\.yaml$ - path_regex: systems/artemision/secrets.*\.yaml$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *artemision - *artemision
- path_regex: systems/selinunte/secrets.*\.yaml$ - path_regex: systems/selinunte/secrets.*\.yaml$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *artemision - *artemision
- *selinunte - *selinunte
- path_regex: systems/palatine-hill/docker/wg/.*\.conf$ - path_regex: systems/palatine-hill/docker/wg/.*\.conf$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *palatine-hill - *palatine-hill
- path_regex: systems/palatine-hill/docker/openvpn/.*\.ovpn$ - path_regex: systems/palatine-hill/docker/openvpn/.*\.ovpn$
key_groups: key_groups:
- pgp: - pgp:
- *admin_alice - *admin_alice
age: age:
- *palatine-hill - *palatine-hill

165
flake.lock generated
View File

@ -75,11 +75,11 @@
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "dir": "pkgs/firefox-addons",
"lastModified": 1751618693, "lastModified": 1751947402,
"narHash": "sha256-bAKNekZcZd4QnBO/RUxjQAgaz67bYwFXWfQENA45Scg=", "narHash": "sha256-ojywcCphY620xHsjrw6opWXYEIBujaqIwz1AAmGVUq0=",
"owner": "rycee", "owner": "rycee",
"repo": "nur-expressions", "repo": "nur-expressions",
"rev": "0c5b037915083a27a260b063b127b31443827bae", "rev": "d17de94e8101db1571979e52dd5a0e04353fdf1b",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -178,21 +178,6 @@
"type": "github" "type": "github"
} }
}, },
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
"owner": "lf-",
"repo": "flakey-profile",
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
"type": "github"
},
"original": {
"owner": "lf-",
"repo": "flakey-profile",
"type": "github"
}
},
"fromYaml": { "fromYaml": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -209,32 +194,6 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": {
"inputs": {
"flake-compat": [
"stylix",
"flake-compat"
],
"gitignore": "gitignore_2",
"nixpkgs": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747372754,
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": { "gitignore": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -256,28 +215,6 @@
"type": "github" "type": "github"
} }
}, },
"gitignore_2": {
"inputs": {
"nixpkgs": [
"stylix",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gnome-shell": { "gnome-shell": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -302,11 +239,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751638848, "lastModified": 1751824240,
"narHash": "sha256-7HiC6w4ROEbMmKtj5pilnLOJej9HkkfU9wEd5QSTyNo=", "narHash": "sha256-aDDC0CHTlL7QDKWWhdbEgVPK6KwWt+ca0QkmHYZxMzI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "7d9e3c35f0d46f82bac791d76260f15f53d83529", "rev": "fd9e55f5fac45a26f6169310afca64d56b681935",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -345,11 +282,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750372088, "lastModified": 1751715349,
"narHash": "sha256-LPwgPRBTfnA76rHUr7KYvwq2pNt5IfxymNAZUJFvn/M=", "narHash": "sha256-cP76ijtfGTFTpWFfmyFHA2MpDlIyKpWwW82kqQSQ6s0=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "contrib", "repo": "contrib",
"rev": "189f32f56285aae9646bf1292976392beba5a2e2", "rev": "dafa5d09b413d08a55a81f6f8e85775d717bacda",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -358,46 +295,6 @@
"type": "github" "type": "github"
} }
}, },
"lix": {
"flake": false,
"locked": {
"lastModified": 1737234286,
"narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=",
"rev": "079528098f5998ba13c88821a2eca1005c1695de",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz"
}
},
"lix-module": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"flakey-profile": "flakey-profile",
"lix": "lix",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741892773,
"narHash": "sha256-8oUT6D7VlsuLkms3zBsUaPBUoxucmFq62QdtyVpjq0Y=",
"ref": "stable",
"rev": "ed7a2fa83145868ecb830d6b3c73ebfd81a9e911",
"revCount": 130,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module"
},
"original": {
"ref": "stable",
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module"
}
},
"nix": { "nix": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -438,11 +335,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751170039, "lastModified": 1751774635,
"narHash": "sha256-3EKpUmyGmHYA/RuhZjINTZPU+OFWko0eDwazUOW64nw=", "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=",
"owner": "Mic92", "owner": "Mic92",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "9c932ae632d6b5150515e5749b198c175d8565db", "rev": "85686025ba6d18df31cc651a91d5adef63378978",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -503,11 +400,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1747663185, "lastModified": 1751903740,
"narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=", "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc", "rev": "032decf9db65efed428afd2fa39d80f7089085eb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -541,11 +438,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751649523, "lastModified": 1751969879,
"narHash": "sha256-39SLBeXE+bzq5ChXYB7FFzUNa+8SCnXvwe9IEgKcxWQ=", "narHash": "sha256-p1P4cjWCv9zvubK7gunkFSSQElmQXLkl7FKSTH5ifAY=",
"owner": "SuperSandro2000", "owner": "SuperSandro2000",
"repo": "nixos-modules", "repo": "nixos-modules",
"rev": "d2a834e4f97a1ccb71c62e3091501a4e237fd6cb", "rev": "fe42595f2abf79902350943fb4d49f10c3ec58fc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -556,11 +453,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1751619433, "lastModified": 1751952840,
"narHash": "sha256-5aZFBHQNQzrfCisewtYBDNbiKcHbxPYChiP4dkEcSXQ=", "narHash": "sha256-SIkjQb9PPGvR/EcZAU8UZEnO9dwY2Z/BrDWgtyZd7OA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a2867cc3f8acc944cb19fe0b73c840e9fa1ba589", "rev": "27278798fe68d7f81131dd7ab62b8ea2b795cd56",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -660,7 +557,6 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"hydra": "hydra", "hydra": "hydra",
"hyprland-contrib": "hyprland-contrib", "hyprland-contrib": "hyprland-contrib",
"lix-module": "lix-module",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nixos-cosmic": "nixos-cosmic", "nixos-cosmic": "nixos-cosmic",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
@ -683,11 +579,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751596734, "lastModified": 1751942411,
"narHash": "sha256-1tQOwmn3jEUQjH0WDJyklC+hR7Bj+iqx6ChtRX2QiPA=", "narHash": "sha256-01uMHCt2U9tP4f24DGch145tT8YQppLY5TC9mWK7O0A=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "e28ba067a9368286a8bc88b68dc2ca92181a09f0", "rev": "c587235f892930a61c9e415f0d9792a1b27a41a2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -723,15 +619,8 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": [
"flake-compat"
],
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": [
"home-manager"
],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@ -744,11 +633,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1751648901, "lastModified": 1751914048,
"narHash": "sha256-yC45eAT37H6rOFCGhr2iuV5dzJ/8I2N1QrKq1MwPG7U=", "narHash": "sha256-xHO3xlw35tCC0f3pN3osPNjgwwwAgusTuZk5iC8oDiE=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "dea0337e0bffeeeb941ca6caffb44e966b13a97b", "rev": "bf0ef81c8fcc30c32db9dab32d379f8d9db835e4",
"type": "github" "type": "github"
}, },
"original": { "original": {

View File

@ -66,13 +66,13 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
lix-module = { #lix-module = {
url = "git+https://git.lix.systems/lix-project/nixos-module?ref=stable"; # url = "git+https://git.lix.systems/lix-project/nixos-module?ref=stable";
inputs = { # inputs = {
nixpkgs.follows = "nixpkgs"; # nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils"; # flake-utils.follows = "flake-utils";
}; # };
}; #};
nix-index-database = { nix-index-database = {
url = "github:Mic92/nix-index-database"; url = "github:Mic92/nix-index-database";
@ -175,6 +175,29 @@
formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style); formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
nixosConfigurations = genSystems inputs outputs src (src + "/systems"); nixosConfigurations = genSystems inputs outputs src (src + "/systems");
homeConfigurations = {
"alice" = inputs.home-manager.lib.homeManagerConfiguration {
pkgs = import nixpkgs { system = "x86_64-linux"; };
modules = [
inputs.stylix.homeModules.stylix
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.hmModules.nix-index
{
nixpkgs.config = {
allowUnfree = true;
allowUnfreePredicate = _: true;
};
}
./users/alice/home.nix
];
extraSpecialArgs = {
inherit inputs outputs;
machineConfig = {
server = false;
};
};
};
};
images = { images = {
install-iso = getImages nixosConfigurations "install-iso"; install-iso = getImages nixosConfigurations "install-iso";
iso = getImages nixosConfigurations "iso"; iso = getImages nixosConfigurations "iso";

View File

@ -10,6 +10,9 @@ let
getCfg = _: cfg: cfg.config.system.build.toplevel; getCfg = _: cfg: cfg.config.system.build.toplevel;
hostToAgg = _: cfg: cfg; hostToAgg = _: cfg: cfg;
getHome = _: cfg: cfg.config.home.activationPackage;
homeToAgg = _: cfg: cfg;
# get per-system check derivation (with optional postfix) # get per-system check derivation (with optional postfix)
mapSystems = mapSystems =
{ {
@ -22,11 +25,16 @@ rec {
inherit (outputs) formatter devShells checks; inherit (outputs) formatter devShells checks;
host = lib.mapAttrs getCfg outputs.nixosConfigurations; host = lib.mapAttrs getCfg outputs.nixosConfigurations;
home = lib.mapAttrs getHome outputs.homeConfigurations; # homeConfigurations.alice.config.home.activationPackage
hosts = pkgs.releaseTools.aggregate { hosts = pkgs.releaseTools.aggregate {
name = "hosts"; name = "hosts";
constituents = lib.mapAttrsToList hostToAgg host; constituents = lib.mapAttrsToList hostToAgg host;
}; };
homes = pkgs.releaseTools.aggregate {
name = "homes";
constituents = lib.mapAttrsToList homeToAgg home;
};
devChecks = pkgs.releaseTools.aggregate { devChecks = pkgs.releaseTools.aggregate {
name = "devChecks"; name = "devChecks";

View File

@ -172,6 +172,7 @@ rec {
modules = modules =
[ [
inputs.nixos-modules.nixosModule inputs.nixos-modules.nixosModule
inputs.nix-index-database.nixosModules.nix-index
(genHostName hostname) (genHostName hostname)
(configPath + "/hardware.nix") (configPath + "/hardware.nix")
(configPath + "/configuration.nix") (configPath + "/configuration.nix")
@ -181,7 +182,7 @@ rec {
++ genWrapper sops genSops args ++ genWrapper sops genSops args
++ genWrapper home genHome args ++ genWrapper home genHome args
++ genWrapper true genUsers args ++ genWrapper true genUsers args
++ genWrapper lix ({ ... }: [ inputs.lix-module.nixosModules.default ]) args #++ genWrapper lix ({ ... }: [ inputs.lix-module.nixosModules.default ]) args
++ genWrapper (system != "x86_64-linux") genNonX86 args; ++ genWrapper (system != "x86_64-linux") genNonX86 args;
}; };

View File

@ -10,7 +10,7 @@ in
image = "restic/rest-server:latest"; image = "restic/rest-server:latest";
volumes = [ "${restic_path}:/data" ]; volumes = [ "${restic_path}:/data" ];
environment = { environment = {
OPTIONS = "--prometheus --htpasswd-file /data/.htpasswd"; OPTIONS = "--prometheus --private-repos --htpasswd-file /data/.htpasswd";
}; };
ports = [ "8010:8000" ]; ports = [ "8010:8000" ];
extraOptions = [ extraOptions = [

View File

@ -76,6 +76,7 @@
nix-prefetch nix-prefetch
nix-tree nix-tree
nh nh
home-manager
# doom emacs dependencies # doom emacs dependencies
fd fd

View File

@ -72,7 +72,7 @@
"sgc" = "sudo git -C /root/dotfiles"; "sgc" = "sudo git -C /root/dotfiles";
## SSH ## SSH
"ssh-init" = "ssh-init" =
"ssh-add -t 2h ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh"; "ssh-add -t 2h ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh ~/.ssh/id_ed25519";
## Backups ## Backups
"borgmatic-backup-quick" = "borgmatic-backup-quick" =