diff --git a/flake.nix b/flake.nix index 8dbf04d..9e7359b 100644 --- a/flake.nix +++ b/flake.nix @@ -260,7 +260,6 @@ (import ./overlays/mpv-scripts.nix inputs) (import ./overlays/nextcloud-apps.nix inputs) (import ./overlays/betterlockscreen.nix) - (import ./overlays/osc.nix inputs) ]; # System types to support. @@ -274,28 +273,40 @@ # Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'. forAllSystems = nixpkgs.lib.genAttrs supportedSystems; + # { system -> pkgs } + pkgsBySystem = forAllSystems (system: import nixpkgs { inherit system overlays; }); + hosts = import ./hosts; - buildHome = { }; + buildHome = + { pkgs, modules }: + inputs.home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = modules ++ [ + ./platforms/home-manager + ]; + }; buildNixos = - pkgs: modules: + { pkgs, modules }: nixpkgs.lib.nixosSystem { inherit pkgs; modules = modules ++ [ inputs.home-manager.nixosModules.home-manager inputs.disko.nixosModules.disko inputs.wsl.nixosModules.wsl + ./platforms/nixos ]; }; buildDarwin = - pkgs: modules: + { pkgs, modules }: inputs.darwin.lib.darwinSystem { inherit pkgs; modules = modules ++ [ inputs.home-manager.darwinModules.home-manager inputs.mac-app-util.darwinModules.default + ./platforms/nix-darwin ]; }; @@ -304,15 +315,33 @@ # Contains my full system builds, including home-manager # nixos-rebuild switch --flake .#tempest - nixosConfigurations = builtins.mapAttrs buildNixos (import ./hosts/nixos inputs); + nixosConfigurations = + builtins.mapAttrs buildNixos { + pkgs = pkgsBySystem.x86_64-linux; + modules = import ./hosts/x86_64-linux; + } + // builtins.mapAttrs buildNixos { + pkgs = pkgsBySystem.aarch64-linux; + modules = import ./hosts/aarch64-linux; + }; # Contains my full Mac system builds, including home-manager # darwin-rebuild switch --flake .#lookingglass - darwinConfigurations = builtins.mapAttrs buildDarwin (import ./hosts/darwin inputs); + darwinConfigurations = builtins.mapAttrs buildDarwin { + pkgs = pkgsBySystem.aarch64-darwin; + modules = import ./hosts/darwin; + }; # For quickly applying home-manager settings with: # home-manager switch --flake .#tempest - homeConfigurations = { + homeConfigurations = rec { + default = personal; + work = buildHome { + pkgs = pkgsBySystem.aarch64-darwin; + modules = { }; + }; + personal = buildHome { + }; tempest = nixosConfigurations.tempest.config.home-manager.users.${globals.user}.home; lookingglass = darwinConfigurations.lookingglass.config.home-manager.users."Noah.Masur".home; }; diff --git a/hosts/nix-darwin/default.nix b/hosts/aarch64-darwin/default.nix similarity index 100% rename from hosts/nix-darwin/default.nix rename to hosts/aarch64-darwin/default.nix diff --git a/hosts/nix-darwin/lookingglass/default.nix b/hosts/aarch64-darwin/lookingglass/default.nix similarity index 100% rename from hosts/nix-darwin/lookingglass/default.nix rename to hosts/aarch64-darwin/lookingglass/default.nix diff --git a/hosts/nixos/default.nix b/hosts/aarch64-linux/default.nix similarity index 100% rename from hosts/nixos/default.nix rename to hosts/aarch64-linux/default.nix diff --git a/hosts/nixos/flame/default.nix b/hosts/aarch64-linux/flame/default.nix similarity index 100% rename from hosts/nixos/flame/default.nix rename to hosts/aarch64-linux/flame/default.nix diff --git a/hosts/default.nix b/hosts/default.nix index 3c91cd7..6d65e57 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,6 +1,6 @@ # Return a list of all hosts { - darwinConfigurations = import ./nix-darwin; - nixosConfigurations = import ./nixos; + darwin-hosts = import ./aarch64-darwin; + linux-hosts = import ./x86_64-linux // import ./aarch64-linux; } diff --git a/hosts/nixos/arrow/aws/ec2.tf b/hosts/x86_64-linux/arrow/aws/ec2.tf similarity index 100% rename from hosts/nixos/arrow/aws/ec2.tf rename to hosts/x86_64-linux/arrow/aws/ec2.tf diff --git a/hosts/nixos/arrow/aws/image.tf b/hosts/x86_64-linux/arrow/aws/image.tf similarity index 100% rename from hosts/nixos/arrow/aws/image.tf rename to hosts/x86_64-linux/arrow/aws/image.tf diff --git a/hosts/nixos/arrow/aws/main.tf b/hosts/x86_64-linux/arrow/aws/main.tf similarity index 100% rename from hosts/nixos/arrow/aws/main.tf rename to hosts/x86_64-linux/arrow/aws/main.tf diff --git a/hosts/nixos/arrow/aws/outputs.tf b/hosts/x86_64-linux/arrow/aws/outputs.tf similarity index 100% rename from hosts/nixos/arrow/aws/outputs.tf rename to hosts/x86_64-linux/arrow/aws/outputs.tf diff --git a/hosts/nixos/arrow/aws/variables.tf b/hosts/x86_64-linux/arrow/aws/variables.tf similarity index 100% rename from hosts/nixos/arrow/aws/variables.tf rename to hosts/x86_64-linux/arrow/aws/variables.tf diff --git a/hosts/nixos/arrow/default.nix b/hosts/x86_64-linux/arrow/default.nix similarity index 100% rename from hosts/nixos/arrow/default.nix rename to hosts/x86_64-linux/arrow/default.nix diff --git a/hosts/nixos/arrow/modules.nix b/hosts/x86_64-linux/arrow/modules.nix similarity index 100% rename from hosts/nixos/arrow/modules.nix rename to hosts/x86_64-linux/arrow/modules.nix diff --git a/hosts/nixos/arrow/vultr/main.tf b/hosts/x86_64-linux/arrow/vultr/main.tf similarity index 100% rename from hosts/nixos/arrow/vultr/main.tf rename to hosts/x86_64-linux/arrow/vultr/main.tf diff --git a/hosts/x86_64-linux/default.nix b/hosts/x86_64-linux/default.nix new file mode 100644 index 0000000..24b0b2f --- /dev/null +++ b/hosts/x86_64-linux/default.nix @@ -0,0 +1,20 @@ +# Return a list of all NixOS hosts + +{ nixpkgs, ... }: + +let + inherit (nixpkgs) lib; +in + +lib.pipe (lib.filesystem.listFilesRecursive ./.) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Import each host function + map + (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + }) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) +] diff --git a/hosts/nixos/hydra/default.nix b/hosts/x86_64-linux/hydra/default.nix similarity index 100% rename from hosts/nixos/hydra/default.nix rename to hosts/x86_64-linux/hydra/default.nix diff --git a/hosts/nixos/staff/default.nix b/hosts/x86_64-linux/staff/default.nix similarity index 100% rename from hosts/nixos/staff/default.nix rename to hosts/x86_64-linux/staff/default.nix diff --git a/hosts/nixos/swan/default.nix b/hosts/x86_64-linux/swan/default.nix similarity index 100% rename from hosts/nixos/swan/default.nix rename to hosts/x86_64-linux/swan/default.nix diff --git a/hosts/nixos/tempest/default.nix b/hosts/x86_64-linux/tempest/default.nix similarity index 100% rename from hosts/nixos/tempest/default.nix rename to hosts/x86_64-linux/tempest/default.nix diff --git a/platforms/home-manager/modules/nmasur/presets/fonts.nix b/platforms/home-manager/modules/nmasur/presets/fonts.nix index 0b56196..a9650ec 100644 --- a/platforms/home-manager/modules/nmasur/presets/fonts.nix +++ b/platforms/home-manager/modules/nmasur/presets/fonts.nix @@ -32,7 +32,7 @@ in programs.rofi.font = "Hack Nerd Font 14"; programs.alacritty.settings.font.normal.family = "VictorMono"; programs.kitty.font.name = "VictorMono Nerd Font Mono"; - config.nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono"; + nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono"; services.dunst.settings.global.font = "Hack Nerd Font 14"; }; } diff --git a/platforms/home-manager/modules/nmasur/presets/programs/atuin.nix b/platforms/home-manager/modules/nmasur/presets/programs/atuin.nix index aabe60a..b28add8 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/atuin.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/atuin.nix @@ -36,7 +36,7 @@ in }; }; - config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish + nmasur.presets.programs.fish.fish_user_key_bindings = # fish '' # Ctrl-h bind -M insert \ch '_atuin_search --filter-mode global' diff --git a/platforms/home-manager/modules/nmasur/presets/programs/fzf/default.nix b/platforms/home-manager/modules/nmasur/presets/programs/fzf/default.nix index ea58670..c3bdaf6 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/fzf/default.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/fzf/default.nix @@ -63,7 +63,7 @@ in }; }; - config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish + nmasur.presets.programs.fish.fish_user_key_bindings = # fish '' # Ctrl-o bind -M insert \co edit diff --git a/platforms/home-manager/modules/nmasur/presets/programs/git/default.nix b/platforms/home-manager/modules/nmasur/presets/programs/git/default.nix index 96df7f9..2997eff 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/git/default.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/git/default.nix @@ -167,7 +167,7 @@ in }; }; - config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish + nmasur.presets.programs.fish.fish_user_key_bindings = # fish '' # Ctrl-g bind -M default \cg commandline-git-commits diff --git a/platforms/home-manager/modules/nmasur/presets/programs/kitty.nix b/platforms/home-manager/modules/nmasur/presets/programs/kitty.nix index 85c347c..7795823 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/kitty.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/kitty.nix @@ -15,7 +15,7 @@ in config = lib.mkIf cfg.enable { # Set the i3 terminal - config.nmasur.presets.services.i3.terminal = pkgs.kitty; + nmasur.presets.services.i3.terminal = pkgs.kitty; # Set the Rofi terminal for running programs programs.rofi.terminal = lib.mkIf pkgs.stdenv.isLinux (lib.mkDefault "${pkgs.kitty}/bin/kitty"); diff --git a/platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix b/platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix index 31f5773..5c646b3 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix @@ -80,7 +80,7 @@ in }; }; - config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish + nmasur.presets.programs.fish.fish_user_key_bindings = # fish '' # Ctrl-n bind -M insert \cn 'commandline -r "nix shell nixpkgs#"' diff --git a/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix b/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix index 58f2619..5495e40 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix @@ -21,7 +21,7 @@ in config = lib.mkIf cfg.enable { # Set the i3 terminal - config.nmasur.presets.services.i3.terminal = pkgs.wezterm; + nmasur.presets.services.i3.terminal = pkgs.wezterm; # Display images in the terminal programs.fish.shellAliases = { diff --git a/platforms/home-manager/modules/nmasur/profiles/power-user.nix b/platforms/home-manager/modules/nmasur/profiles/power-user.nix index 7657b65..01fd9a7 100644 --- a/platforms/home-manager/modules/nmasur/profiles/power-user.nix +++ b/platforms/home-manager/modules/nmasur/profiles/power-user.nix @@ -48,8 +48,10 @@ in bash = lib.mkDefault lib.getExe pkgs.bashInteractive; }; - nmasur.presets = { + nmasur.presets.programs = { + atuin.enable = lib.mkDefault true; bat.enable = lib.mkDefault true; + dotfiles.enable = lib.mkDefault true; fd.enable = lib.mkDefault true; ripgrep.enable = lib.mkDefault true; prettyping.enable = lib.mkDefault true; diff --git a/platforms/nixos/modules/nmasur/presets/programs/template.nix b/platforms/nixos/modules/nmasur/presets/programs/template.nix deleted file mode 100644 index ce11356..0000000 --- a/platforms/nixos/modules/nmasur/presets/programs/template.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -let - cfg = config.nmasur.presets.programs.; -in - -{ - - options.nmasur.presets.programs..enable = lib.mkEnableOption ""; - - config = lib.mkIf cfg.enable { - }; -} diff --git a/platforms/nixos/modules/nmasur/presets/services/bind.nix b/platforms/nixos/modules/nmasur/presets/services/bind.nix index bb71721..6bb5598 100644 --- a/platforms/nixos/modules/nmasur/presets/services/bind.nix +++ b/platforms/nixos/modules/nmasur/presets/services/bind.nix @@ -35,7 +35,7 @@ in # Normally I block all requests not coming from Cloudflare, so I have to also # allow my local network. - config.nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ]; + nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ]; services.bind = { diff --git a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix index deccf15..7e1e713 100644 --- a/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix +++ b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix @@ -63,7 +63,7 @@ in config = lib.mkIf cfg.enable { # Forces Caddy to error if coming from a non-Cloudflare IP - config.nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges; + nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges; # Tell Caddy to use Cloudflare DNS for ACME challenge validation services.caddy.package = pkgs.caddy.withPlugins { diff --git a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix b/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix index 85e4c7f..9e85d5f 100644 --- a/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix +++ b/platforms/nixos/modules/nmasur/presets/services/nextcloud.nix @@ -26,7 +26,7 @@ in maxUploadSize = "50G"; config = { adminpassFile = config.secrets.nextcloud.dest; - dbtype = "pgsql"; + dbtype = "pgsql"; # Enables postgresql }; settings = { default_phone_region = "US"; diff --git a/platforms/nixos/modules/nmasur/presets/programs/zfs.nix b/platforms/nixos/modules/nmasur/presets/zfs.nix similarity index 81% rename from platforms/nixos/modules/nmasur/presets/programs/zfs.nix rename to platforms/nixos/modules/nmasur/presets/zfs.nix index f36123c..8a560b9 100644 --- a/platforms/nixos/modules/nmasur/presets/programs/zfs.nix +++ b/platforms/nixos/modules/nmasur/presets/zfs.nix @@ -6,12 +6,12 @@ }: let - cfg = config.nmasur.presets.services.zfs; + cfg = config.nmasur.presets.zfs; in { - options.nmasur.presets.services.zfs.enable = lib.mkEnableOption "ZFS file system"; + options.nmasur.presets.zfs.enable = lib.mkEnableOption "ZFS file system"; config = lib.mkIf cfg.enable { diff --git a/platforms/nixos/modules/nmasur/profiles/aws.nix b/platforms/nixos/modules/nmasur/profiles/aws.nix index e08dda1..dd4ca82 100644 --- a/platforms/nixos/modules/nmasur/profiles/aws.nix +++ b/platforms/nixos/modules/nmasur/profiles/aws.nix @@ -1,11 +1,11 @@ -{ config, ... }: +{ config, lib, ... }: let cfg = config.nmasur.profiles.aws; in { - options.nmasur.profiles.nmasur.aws.enable = lib.mkEnableOption "AWS EC2"; + options.nmasur.profiles.aws.enable = lib.mkEnableOption "AWS EC2"; config = lib.mkIf cfg.enable { diff --git a/platforms/nixos/modules/nmasur/profiles/communications.nix b/platforms/nixos/modules/nmasur/profiles/communications.nix new file mode 100644 index 0000000..8955da9 --- /dev/null +++ b/platforms/nixos/modules/nmasur/profiles/communications.nix @@ -0,0 +1,43 @@ +{ + config, + lib, + ... +}: + +let + cfg = config.nmasur.profiles.communications; +in + +{ + + options.nmasur.profiles.communications.enable = + lib.mkEnableOption "communications server configuration"; + + config = lib.mkIf cfg.enable { + + nmasur.presets = { + programs = { + msmtp.enable = lib.mkDefault true; + }; + services = { + actualbudget.enable = lib.mkDefault true; + caddy.enable = lib.mkDefault true; + cloudflare.enable = lib.mkDefault true; + cloudflared.enable = lib.mkDefault true; + gitea.enable = lib.mkDefault true; + grafana.enable = lib.mkDefault true; + influxdb2.enable = lib.mkDefault true; + minecraft-server.enable = lib.mkDefault true; + n8n.enable = lib.mkDefault true; + nix-autoupgrade.enable = lib.mkDefault true; # On by default for communications + ntfy-sh.enable = lib.mkDefault true; + postgresql.enable = lib.mkDefault true; + thelounge.enable = lib.mkDefault true; + uptime-kuma.enable = lib.mkDefault true; + vaultwarden.enable = lib.mkDefault true; + victoriametrics.enable = lib.mkDefault true; + }; + }; + + }; +} diff --git a/platforms/nixos/modules/nmasur/profiles/latest.nix b/platforms/nixos/modules/nmasur/profiles/latest.nix index d34b1a0..4bb1364 100644 --- a/platforms/nixos/modules/nmasur/profiles/latest.nix +++ b/platforms/nixos/modules/nmasur/profiles/latest.nix @@ -18,5 +18,7 @@ in # Use latest released Linux kernel by default boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; + nmasur.presets.services.nix-autoupgrade.enable = lib.mkDefault true; + }; } diff --git a/platforms/nixos/modules/nmasur/profiles/nas.nix b/platforms/nixos/modules/nmasur/profiles/nas.nix new file mode 100644 index 0000000..b0ed12f --- /dev/null +++ b/platforms/nixos/modules/nmasur/profiles/nas.nix @@ -0,0 +1,42 @@ +{ + config, + lib, + ... +}: + +let + cfg = config.nmasur.profiles.nas; +in + +{ + + options.nmasur.profiles.nas.enable = lib.mkEnableOption "NAS (storage device) configuration"; + + config = lib.mkIf cfg.enable { + + nmasur.presets = { + zfs.enable = lib.mkDefault true; + programs = { + msmtp.enable = lib.mkDefault true; + }; + services = { + arr.enable = lib.mkDefault true; + audiobookshelf.enable = lib.mkDefault true; + bind.enable = lib.mkDefault true; + caddy.enable = lib.mkDefault true; + calibre-web.enable = lib.mkDefault true; + cloudflare.enable = lib.mkDefault true; + cloudflared.enable = lib.mkDefault true; + filebrowser.enable = lib.mkDefault true; + immich.enable = lib.mkDefault true; + jellyfin.enable = lib.mkDefault true; + nextcloud.enable = lib.mkDefault true; + nix-autoupgrade.enable = lib.mkDefault false; # Off by default for NAS + paperless.enable = lib.mkDefault true; + samba.enable = lib.mkDefault true; + postgresql.enable = lib.mkDefault true; + }; + }; + + }; +} diff --git a/platforms/nixos/modules/nmasur/profiles/server.nix b/platforms/nixos/modules/nmasur/profiles/server.nix index 4cb91b7..54979ab 100644 --- a/platforms/nixos/modules/nmasur/profiles/server.nix +++ b/platforms/nixos/modules/nmasur/profiles/server.nix @@ -16,6 +16,8 @@ in networking.firewall.allowPing = lib.mkDefault true; + nmasur.presets.services.openssh.enable = lib.mkDefault true; + # Implement a simple fail2ban service for sshd services.sshguard.enable = lib.mkDefault true;