diff --git a/flake.nix b/flake.nix index 72cf4ef..3a17913 100755 --- a/flake.nix +++ b/flake.nix @@ -103,10 +103,5 @@ (mkHost "nextcloud" { suite = "server/lxc"; }) - - # Container for managing server flock. - (mkHost "ornithologist" { - suite = "server/lxc"; - }) ]; } diff --git a/helpers.nix b/helpers.nix index 747dd8c..7856d87 100644 --- a/helpers.nix +++ b/helpers.nix @@ -12,101 +12,99 @@ with inputs.nixpkgs.lib; { suite ? "", docker ? false, hostModules ? [], - }: let - # Secrets directory. - secrets = builtins.toString inputs.secrets; + }: + { + nixosConfigurations.${hostname} = nixosSystem rec { + # Architecture. + system = platform; - # Architecture. - system = platform; + # nixpkgs config. + pkgs = import nixpkgs { + inherit system; - # Stable nixpkgs with overlay. - pkgs = import nixpkgs { - inherit system; - - config = { - # Allow installation of proprietary software. - allowUnfree = true; - # Allow the installation of packages marked as insecure in nixpkgs. - permittedInsecurePackages = [ - "dotnet-sdk-6.0.428" # For WebOne. - "dotnet-runtime-6.0.36" # For WebOne. - ]; - }; - - # Import my overlays. - overlays = [ - (import ./overlay.nix {inherit nixpkgs-unstable nixpkgs-pr-feishin;}) - ]; - }; - - # deploy-rs. - deployPkgs = import nixpkgs { - inherit system; - - overlays = [ - deploy-rs.overlays.default - (self: super: { - deploy-rs = { - inherit (pkgs) deploy-rs; - lib = super.deploy-rs.lib; + config = { + # Allow installation of proprietary software. + allowUnfree = true; + # Allow the installation of packages marked as insecure in nixpkgs. + permittedInsecurePackages = [ + "dotnet-sdk-6.0.428" # For WebOne. + "dotnet-runtime-6.0.36" # For WebOne. + ]; }; - }) - ]; - }; - in { - nixosConfigurations.${hostname} = nixosSystem { - inherit system pkgs; - specialArgs = { - # Pass variables to config. - inherit inputs secrets hostname; - }; + # Import my overlays. + overlays = [ + (import ./overlay.nix {inherit nixpkgs-unstable nixpkgs-pr-feishin;}) + ]; + }; - modules = - [ - nixvim.nixosModules.nixvim # Neovim. - lanzaboote.nixosModules.lanzaboote # Secure boot. - sops-nix.nixosModules.sops # Secrets management. + specialArgs = { + # Pass hostname & inputs to config. + inherit inputs hostname; - ./suites/${suite} # Collection of configuration options for different types of systems. - ./hosts/${hostname} # Host-specific config. + # Secrets directory. + secrets = builtins.toString inputs.secrets; + }; - # Home manager. - home-manager.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - backupFileExtension = "backup"; - users.fern = { - # Me! - home.username = "fern"; - home.homeDirectory = "/home/fern"; + modules = + [ + nixvim.nixosModules.nixvim # Neovim. + lanzaboote.nixosModules.lanzaboote # Secure boot. + sops-nix.nixosModules.sops # Secrets management. - # Home manager version. - home.stateVersion = "25.05"; + ./suites/${suite} # Collection of configuration options for different types of systems. + ./hosts/${hostname} # Host-specific config. - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; + # Home manager. + home-manager.nixosModules.home-manager + { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + backupFileExtension = "backup"; + users.fern = { + # Me! + home.username = "fern"; + home.homeDirectory = "/home/fern"; - # Import config. - imports = [./suites/${suite}/home.nix]; + # Home manager version. + home.stateVersion = "25.05"; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; + + # Import config. + imports = [./suites/${suite}/home.nix]; + }; }; - }; - } - ] - ++ hostModules # Host-specific modules. - ++ optionals (docker == true) [./suites/server/docker] # Enable docker if required. - ++ (filesystem.listFilesRecursive ./modules); # Custom modules. - }; - - deploy.nodes.${hostname} = mkIf (strings.hasPrefix "server" suite) { - hostname = "${hostname}.local"; - profiles.system = { - user = "root"; - sshuser = "fern"; - path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname}; + } + ] + ++ hostModules # Host-specific modules. + ++ optionals (docker == true) [./suites/server/docker] # Enable docker if required. + ++ (filesystem.listFilesRecursive ./modules); # Custom modules. + }; + } + // optionalAttrs (strings.hasPrefix "server" suite) { + deploy.nodes.${hostname} = let + deployPkgs = import nixpkgs { + inherit system; + overlays = [ + deploy-rs.overlays.default + (self: super: { + deploy-rs = { + inherit (pkgs) deploy-rs; + lib = super.deploy-rs.lib; + }; + }) + ]; + }; + in { + hostname = "${hostname}.local"; + profiles.system = { + user = "root"; + sshuser = "fern"; + path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname}; + }; }; }; - }; } diff --git a/hosts/muskduck/default.nix b/hosts/muskduck/default.nix index aef03cb..3b9b514 100644 --- a/hosts/muskduck/default.nix +++ b/hosts/muskduck/default.nix @@ -39,9 +39,6 @@ with lib; { ]; }; - # Allow emulating aarch64 to build for Raspberry Pi. - boot.binfmt.emulatedSystems = ["aarch64-linux"]; - # Share Music dir. services.samba = { enable = true; diff --git a/hosts/ornithologist/default.nix b/hosts/ornithologist/default.nix deleted file mode 100644 index 82597c4..0000000 --- a/hosts/ornithologist/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...}: { - # Allow emulating aarch64 to build for Raspberry Pi. - boot.binfmt.emulatedSystems = ["aarch64-linux"]; - - # Install some packages. - environment.systemPackages = with pkgs; [deploy-rs]; -} diff --git a/suites/desktop/default.nix b/suites/desktop/default.nix index f50e77c..e117819 100755 --- a/suites/desktop/default.nix +++ b/suites/desktop/default.nix @@ -26,6 +26,9 @@ with lib; { "udev.log_priority=3" "rd.systemd.show_status=auto" ]; + + # Allow emulating aarch64 to build for Raspberry Pi. + binfmt.emulatedSystems = ["aarch64-linux"]; }; # Enable smart card support (for YubiKey).