jana/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make home configs work

Browse source
This commit is contained in:
Jana Dönszelmann 2026-01-23 13:27:58 +01:00
parent f0c21b2e79
commit 30f81b2b79
No known key found for this signature in database
29 changed files with 2131 additions and 2033 deletions
Download patch file Download diff file Expand all files Collapse all files

33
; Normal file
View file

@ -0,0 +1,33 @@
{
lib,
options,
machine,
...
}:
with lib;
{
options = {
custom.program = mkOption {
type = types.attrsOf (
types.submodule (
{ config, ... }:
{
options = {
name = mkOption {
type = types.string;
};
home-config = mkOption {
type = types.deferredModule;
};
system-config = mkOption {
type = types.deferredModule;
default = _: { };
};
};
config = if builtins.isNull machine.home-only then config.system-config else config.home-config;
}
)
);
};
};
}

124
config.nix Normal file
View file

@ -0,0 +1,124 @@
inputs@{
nixpkgs,
deploy-rs,
self,
pkgsForSystem,
...
}:
rec {
configs =
configs: builtins.foldl' (acc: val: nixpkgs.lib.recursiveUpdate (config val) acc) { } configs;
config =
{
hostname,
capabilities,
type,
home-only ? null,
extra-modules ? [ ],
system ? "x86_64-linux",
deploy-hostname ? hostname,
deploy-options ? {
user = if builtins.isNull home-only then "root" else home-only;
sshUser = if builtins.isNull home-only then "jana" else home-only;
},
home-manager ? builtins.isNull home-only,
stateVersion ? "26.05",
}:
with nixpkgs.lib;
let
inherit (nixpkgs) lib;
matches-capabilities =
# all requirements are contained in the machine capabilities
requirements: lib.all (req: builtins.elem req capabilities) requirements;
program =
{
requirements ? [ ],
home-config,
system-config ? { },
}:
# if (matches-capabilities requirements) then
if (true) then
{
inherit home-config system-config;
}
else
{
# home-config = _: { };
};
specialArgsForHomeSystem =
{
system,
type,
capabilities,
}:
home-only: {
pkgs = pkgsForSystem system;
flakes = inputs;
inherit inputs;
inherit (inputs.secrets.packages.${system}) secrets;
machine = {
inherit
type
capabilities
stateVersion
home-only
program
;
};
};
specialArgsForSystem = system: specialArgsForHomeSystem system null;
specialArgs = specialArgsForSystem {
inherit system type capabilities;
};
modules =
extra-modules
++ [ ./hosts/${hostname}/configuration.nix ]
++ (
if builtins.isNull home-only then
[ ./defaults/machine-config.nix ]
else
[ ./defaults/machine-or-home-config.nix ]
)
++ (
if home-manager then
[
inputs.home-manager.nixosModules.default
{
home-manager.extraSpecialArgs = specialArgs;
}
]
else
[ ]
);
in
{
deploy.nodes.${hostname} = {
hostname = deploy-hostname;
fastConnection = true;
profiles.system = {
path =
if (builtins.isNull home-only) then
deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${hostname}
else
deploy-rs.lib.x86_64-linux.activate.home-manager self.nixosConfigurations.${hostname};
}
// deploy-options;
};
nixosConfigurations.${hostname} =
if builtins.isNull home-only then
(nixosSystem {
inherit system modules specialArgs;
})
else
inputs.home-manager.lib.homeManagerConfiguration {
extraSpecialArgs = specialArgsForHomeSystem {
inherit system type capabilities;
} home-only;
inherit modules;
pkgs = pkgsForSystem system;
};
};
}

14
default-machine-config.nix → defaults/machine-config.nix
View file

@ -1,23 +1,21 @@
{
lib,
pkgs,
inputs,
flakes,
machine,
...
}:
{
imports = [
(inputs.self + /modules/machine-type.nix)
(inputs.self + /modules/program.nix)
(inputs.self + /programs)
(inputs.self + /users)
./machine-or-home-config.nix
./xdg.nix
];
xdg.mime.enable = lib.mkForce false;
system.stateVersion = "26.05";
system.stateVersion = machine.stateVersion;
services.resolved.enable = false;
xdg.mime.enable = lib.mkForce false;
# Enable SSH
services.openssh = {
enable = true;

9
defaults/machine-or-home-config.nix Normal file
View file

@ -0,0 +1,9 @@
{ inputs, ... }:
{
imports = [
(../modules/program.nix)
(../programs)
(../users)
];
}

0
programs/xdg.nix → defaults/xdg.nix
View file

104
flake.nix
View file

@ -72,12 +72,10 @@
};
outputs =
{
self,
nixpkgs,
flake-utils,
sops-nix,
vpn-confinement,
home-manager,
deploy-rs,
...
}@inputs:
@ -94,87 +92,40 @@
})
];
};
specialArgsForSystem = system: {
pkgs = pkgsForSystem system;
flakes = inputs;
inherit inputs;
inherit (inputs.secrets.packages.${system}) secrets;
};
configs = import ./config.nix (inputs // { inherit pkgsForSystem; });
in
(configs.configs [
{
nixosConfigurations.fili = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [
inputs.home-manager.nixosModules.default
{ home-manager.extraSpecialArgs = specialArgs; }
./hosts/fili/configuration.nix
./users
./default-machine-config.nix
hostname = "fili";
capabilities = [ "cli" ];
type = "server";
extra-modules = [
sops-nix.nixosModules.sops
vpn-confinement.nixosModules.default
];
specialArgs = specialArgsForSystem system;
};
nixosConfigurations.kili = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [
inputs.home-manager.nixosModules.default
{ home-manager.extraSpecialArgs = specialArgs; }
./hosts/kili/configuration.nix
./users
];
specialArgs = specialArgsForSystem system;
};
nixosConfigurations.ragdoll = home-manager.lib.homeManagerConfiguration (
let
system = "x86_64-linux";
in
}
{
modules = [
inputs.home-manager.nixosModules.default
{ home-manager.extraSpecialArgs = specialArgsForSystem system; }
./hosts/ragdoll/configuration.nix
./default-machine-config.nix
hostname = "kili";
deploy-hostname = "localhost";
capabilities = [
"cli"
"graphical"
"work"
"fun"
];
pkgs = pkgsForSystem system;
type = "pc";
}
);
deploy.nodes.fili = {
hostname = "fili";
fastConnection = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.fili;
sshUser = "jana";
};
};
deploy.nodes.kili = {
hostname = "localhost";
fastConnection = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kili;
sshUser = "jana";
};
};
deploy.nodes.ragdoll = {
{
hostname = "ragdoll";
fastConnection = true;
profiles.system = {
user = "jana";
path = deploy-rs.lib.x86_64-linux.activate.home-manager self.nixosConfigurations.ragdoll;
sshUser = "jana";
};
};
deploy-hostname = "ragdoll";
home-only = "jana";
capabilities = [
"cli"
"work"
];
type = "pc";
}
])
// flake-utils.lib.eachDefaultSystem (
system:
let
@ -184,14 +135,17 @@
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
lix
(pkgs.writeShellScriptBin "apply-local" ''
apply $(hostname)
'')
(pkgs.writeShellScriptBin "apply" ''
set -e
if [ $# -eq 0 ]
then
deploy
deploy -s
elif [ $# -eq 1 ]
then
deploy ".#$@"
deploy -s ".#$@"
else
echo "too many parameters"
exit 1

9
hosts/fili/configuration.nix
View file

@ -6,13 +6,6 @@ _: {
./services
];
custom.machine = {
type = "server";
capabilities = [
"cli"
];
};
networking.nameservers = [
"1.1.1.1"
"9.9.9.9"
@ -50,4 +43,6 @@ _: {
"media"
"nginx"
];
users.groups.media = { };
}

2
hosts/fili/services/forgejo.nix
View file

@ -150,7 +150,7 @@
wget
# used in deployments
flakes.colmena.defaultPackage."x86_64-linux"
# flakes.deploy.defaultPackage."x86_64-linux"
lix
openssh
];

12
hosts/kili/configuration.nix
View file

@ -6,19 +6,9 @@
{
imports = [
./hardware-configuration.nix
../../default-machine-config.nix
./kanata.nix
];
custom.machine = {
type = "pc";
capabilities = [
"cli"
"graphical"
"work"
"fun"
];
};
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;

34
hosts/kili/hardware-configuration.nix
View file

@ -1,27 +1,43 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/4919727e-d114-4d57-b206-522b5df5fccc";
fileSystems."/" = {
device = "/dev/disk/by-uuid/4919727e-d114-4d57-b206-522b5df5fccc";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/26CD-373C";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/26CD-373C";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [ ];

13
hosts/kili/kanata.nix Normal file
View file

@ -0,0 +1,13 @@
{ pkgs, ... }:
{
# TODO: make kanata system pkgs only
users.groups.uinput = { };
users.extraUsers.jana.extraGroups = [
"uinput"
"input"
];
environment.systemPackages = [ pkgs.kanata-with-cmd ];
services.udev.extraRules = ''
KERNEL=="uinput", MODE="0660", GROUP="uinput", OPTIONS+="static_node=uinput"
'';
}

13
hosts/ragdoll/configuration.nix
View file

@ -1,18 +1,7 @@
{
pkgs,
...
}:
{
imports = [
./hardware-configuration.nix
../../default-machine-config.nix
];
imports = [ ];
custom.machine = {
type = "pc";
capabilities = [
"cli"
];
homeOnly = "jana";
};
}

16
hosts/ragdoll/hardware-configuration.nix
View file

@ -1,16 +0,0 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
fileSystems."/" = {
device = "/dev/disk/by-uuid/4919727e-d114-4d57-b206-522b5df5fccc";
fsType = "ext4";
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

16
modules/home-info.nix
View file

@ -1,16 +0,0 @@
{
lib,
...
}:
with lib;
{
options = {
custom.home-info = mkOption {
type = types.submodule {
options = {
};
};
};
};
}

25
modules/machine-type.nix
View file

@ -1,25 +0,0 @@
{
lib,
...
}:
with lib;
{
options = {
custom.machine = mkOption {
type = types.submodule {
options = {
type = mkOption {
type = types.enum [
"server"
"pc"
];
};
capabilities = mkOption {
type = types.listOf (types.enum (import ./capabilities.nix));
default = [ "cli" ];
};
};
};
};
};
}

9
modules/program.nix
View file

@ -1,6 +1,7 @@
{
lib,
options,
machine,
...
}:
with lib;
@ -15,19 +16,15 @@ with lib;
name = mkOption {
type = types.string;
};
requirements = mkOption {
type = types.listOf (types.enum (import ./capabilities.nix));
default = [ "cli" ];
};
home-config = mkOption {
type = types.deferredModule;
};
system-config = mkOption {
# type = types.attrs;
type = types.deferredModule;
default = { };
default = _: { };
};
};
config = if builtins.isNull machine.home-only then config.system-config else config.home-config;
}
)
);

44
modules/users.nix
View file

@ -1,30 +1,31 @@
{
args@{
lib,
pkgs,
config,
machine,
...
}:
with lib;
let
cfg = config.custom.users;
machine = config.custom.machine;
inherit (machine) home-only;
inherit (machine) stateVersion;
valid-on-machine =
on:
# TODO: iterate over possibilities
(
if machine.type == "server" then
on.server
else if machine.type == "pc" then
on.pc
else
false;
matches-capabilities =
# all requirements are contained in the machine capabilities
requirements: lib.all (req: builtins.elem req machine.capabilities) requirements;
false
);
users = lib.filterAttrs (_: value: valid-on-machine value.on) cfg;
home-users = lib.filterAttrs (_: value: value.apply-home-configs) users;
stateVersion = config.system.stateVersion;
programs = lib.attrsets.attrValues config.custom.program;
valid-programs = builtins.filter (program: matches-capabilities program.requirements) programs;
in
{
options =
@ -75,13 +76,28 @@ in
};
};
config = lib.mkMerge ([
config = lib.mkMerge [
(
if (!builtins.isNull home-only) then
lib.mkMerge ([
{
home = {
inherit stateVersion;
username = toString home-only;
homeDirectory = "/home/${toString home-only}";
};
}
]
# ++ map (program: program.home-config) programs
)
else
(lib.mkMerge ([
{
users.extraUsers = lib.mapAttrs (name: value: {
isNormalUser = true;
extraGroups = value.groups;
openssh.authorizedKeys.keys = value.keys;
shell = value.shell;
inherit (value) shell;
description = name;
}) users;
home-manager.users = lib.mapAttrs (
@ -89,11 +105,9 @@ in
(_: {
imports = (
[
./home-info.nix
]
++ (map (program: program.home-config) valid-programs)
++ (map (program: program.home-config) programs)
);
home = {
inherit stateVersion;
username = name;
@ -102,5 +116,7 @@ in
})
) home-users;
}
]);
]))
)
];
}

11
programs/default.nix
View file

@ -1,4 +1,4 @@
{ ... }@inputs:
{ machine, ... }@inputs:
{
imports = [
./nvim
@ -11,10 +11,9 @@
./niri
./zed
./firefox
./xdg.nix
];
custom.program.graphcial-packages = {
custom.program.graphcial-packages = machine.program {
requirements = [ "graphical" ];
home-config =
{ pkgs, ... }:
@ -34,7 +33,7 @@
};
};
custom.program.discord = {
custom.program.discord = machine.program {
requirements = [ "graphical" ];
home-config =
{
@ -150,7 +149,7 @@
};
};
custom.program.fun-packages = {
custom.program.fun-packages = machine.program {
requirements = [ "fun" ];
home-config =
{ pkgs, ... }:
@ -162,7 +161,7 @@
};
};
custom.program.cli-packages = {
custom.program.cli-packages = machine.program {
requirements = [ "cli" ];
home-config =
{ config, pkgs, ... }:

9
programs/firefox/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.firefox.requirements = [ "graphical" ];
custom.program.firefox.home-config =
{ machine, ... }:
{
custom.program.firefox = machine.program {
requirements = [ "graphical" ];
home-config =
{
config,
flakes,
@ -162,4 +164,5 @@ _: {
defaultApplications."x-scheme-handler/unknown" = [ "firefox.desktop" ];
};
};
};
}

9
programs/fish/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.fish.requirements = [ "cli" ];
custom.program.fish.home-config =
{ machine, ... }:
{
custom.program.fish = machine.program {
requirements = [ "cli" ];
home-config =
{
config,
pkgs,
@ -251,4 +253,5 @@ _: {
'';
};
};
};
}

9
programs/git/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.git.requirements = [ "cli" ];
custom.program.git.home-config = _: {
{ machine, ... }:
{
custom.program.git = machine.program {
requirements = [ "cli" ];
home-config = _: {
programs.git = {
enable = true;
signing.key = "/home/jana/.ssh/id_ed25519.pub";
@ -36,4 +38,5 @@ _: {
enableGitIntegration = true;
};
};
};
}

9
programs/jj/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.jujutsu.requirements = [ "cli" ];
custom.program.jujutsu.home-config =
{ machine, ... }:
{
custom.program.jujutsu = machine.program {
requirements = [ "cli" ];
home-config =
{ config, pkgs, ... }:
{
programs.jujutsu = {
@ -190,4 +192,5 @@ _: {
};
};
};
};
}

19
programs/kanata/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ machine, pkgs, ... }:
let
kanata-config = ''
(defcfg
@ -86,9 +86,10 @@ let
'';
in
{
custom.program.kanata.requirements = [ "graphical" ];
custom.program.kanata.home-config =
{ pkgs, config, ... }:
custom.program.kanata = machine.program {
requirements = [ "graphical" ];
home-config =
{ pkgs, ... }:
{
systemd.user.services.kanata = {
Unit = {
@ -112,6 +113,7 @@ in
text = kanata-config;
};
};
};
# custom.program.kanata.system-config =
# { pkgs, ... }:
@ -123,15 +125,6 @@ in
# reboot or sudo udevadm control --reload-rules && sudo udevadm trigger
# sudo modprobe uinput
users.groups.uinput = { };
users.extraUsers.jana.extraGroups = [
"uinput"
"input"
];
environment.systemPackages = [ pkgs.kanata-with-cmd ];
services.udev.extraRules = ''
KERNEL=="uinput", MODE="0660", GROUP="uinput", OPTIONS+="static_node=uinput"
'';
# };
}

9
programs/kitty/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.kitty.requirements = [ "graphical" ];
custom.program.kitty.home-config =
{ machine, ... }:
{
custom.program.kitty = machine.program {
requirements = [ "graphical" ];
home-config =
{ pkgs, flakes, ... }:
{
home.packages = pkgs.custom.maple-fonts-pack;
@ -60,4 +62,5 @@ _: {
'';
};
};
};
}

9
programs/niri/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.niri.requirements = [ "graphical" ];
custom.program.niri.home-config =
{ machine, ... }:
{
custom.program.niri = machine.program {
requirements = [ "graphical" ];
home-config =
{
config,
pkgs,
@ -660,4 +662,5 @@ _: {
};
};
};
};
}

9
programs/nvim/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.nvim.requirements = [ "cli" ];
custom.program.nvim.home-config =
{ machine, ... }:
{
custom.program.nvim = machine.program {
requirements = [ "cli" ];
home-config =
{
pkgs,
flakes,
@ -152,4 +154,5 @@ _: {
'';
};
};
};
}

9
programs/tmux/default.nix
View file

@ -1,6 +1,8 @@
_: {
custom.program.tmux.requirements = [ "cli" ];
custom.program.tmux.home-config =
{ machine, ... }:
{
custom.program.tmux = machine.program {
requirements = [ "cli" ];
home-config =
{ pkgs, ... }:
{
programs.tmux = {
@ -199,4 +201,5 @@ _: {
'';
};
};
};
}

12
programs/zed/default.nix
View file

@ -1,6 +1,11 @@
_: {
custom.program.zed.requirements = [ "work" ];
custom.program.zed.home-config =
{ machine, ... }:
{
custom.program.zed = machine.program {
requirements = [
"work"
"graphical"
];
home-config =
{ pkgs, ... }:
{
home.packages = pkgs.custom.maple-fonts-pack;
@ -173,4 +178,5 @@ _: {
};
};
};
};
}

5
users/default.nix
View file

@ -1,9 +1,8 @@
{ pkgs, inputs, ... }:
{ pkgs, ... }:
{
imports = [
(inputs.self + /modules/users.nix)
(../modules/users.nix)
];
users.groups.media = { };
custom.users = {
vivian = {