diff options
Diffstat (limited to '')
-rw-r--r-- | flake.nix | 111 | ||||
-rw-r--r-- | nix/lib/mkSystem.nix | 12 | ||||
-rw-r--r-- | nix/lib/overlays.nix | 3 | ||||
-rw-r--r-- | nix/users/fcuny/1password.nix | 3 | ||||
-rw-r--r-- | packages/hashi/default.nix | 3 | ||||
-rw-r--r-- | secrets/secrets.nix | 7 |
6 files changed, 66 insertions, 73 deletions
diff --git a/flake.nix b/flake.nix index 20a5bd4..b65a7dd 100644 --- a/flake.nix +++ b/flake.nix @@ -38,42 +38,46 @@ }; # Output config, or config for NixOS system - outputs = - { self - , nixpkgs - , darwin - , flake-utils - , pre-commit-hooks - , devshell - , agenix - , ... - }@inputs: - flake-utils.lib.eachDefaultSystem - (system: + outputs = { self, nixpkgs, darwin, flake-utils, pre-commit-hooks, devshell + , treefmt-nix, agenix, ... }@inputs: + flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; overlays = [ devshell.overlays.default ]; }; - - in - { + treefmt = (treefmt-nix.lib.mkWrapper pkgs { + projectRootFile = "flake.nix"; + programs = { nixfmt-classic.enable = true; }; + settings.formatter.deadnix = { + command = "${pkgs.deadnix}/bin/deadnix"; + options = [ "--edit" ]; + includes = [ "*.nix" ]; + }; + }); + in { checks = { pre-commit-check = pre-commit-hooks.lib.${system}.run { src = ./.; hooks = { - shellcheck.enable = true; - nixpkgs-fmt.enable = true; check-merge-conflicts.enable = true; end-of-file-fixer.enable = true; + treefmt-check = { + enable = true; + entry = "${treefmt}/bin/treefmt --fail-on-change"; + pass_filenames = false; + }; }; }; }; + formatter = treefmt; + devShells.default = pkgs.devshell.mkShell { packages = with pkgs; [ just agenix + treefmt inputs.agenix.packages."${system}".default ]; devshell.startup.pre-commit.text = @@ -85,41 +89,40 @@ }; }) // (flake-utils.lib.eachDefaultSystemPassThrough (system: - let - mkSystem = import ./nix/lib/mkSystem.nix { inherit nixpkgs inputs; }; - in - { - - # a VM running on the MacBook Air - nixosConfigurations.vm-aarch64 = mkSystem "vm-aarch64" { - system = "aarch64-linux"; - user = "fcuny"; - }; - - # a VM running on the synology DS923+ - nixosConfigurations.vm-synology = mkSystem "vm-synology" { - system = "x86_64-linux"; - user = "fcuny"; - }; - - # a VM running on hetzner cloud - nixosConfigurations.vm-hetzner = mkSystem "vm-hetzner" { - system = "x86_64-linux"; - user = "fcuny"; - }; - - # my personal MacBook Air - darwinConfigurations.mba-m2 = mkSystem "mba-m2" { - system = "aarch64-darwin"; - user = "fcuny"; - darwin = true; - }; - - # my work MacBook Pro - darwinConfigurations.hq-c02fk3q7md6t = mkSystem "hq-c02fk3q7md6t" { - system = "x86_64-darwin"; - user = "fcuny"; - darwin = true; - }; - })); + let + mkSystem = import ./nix/lib/mkSystem.nix { inherit nixpkgs inputs; }; + in { + + # a VM running on the MacBook Air + nixosConfigurations.vm-aarch64 = mkSystem "vm-aarch64" { + system = "aarch64-linux"; + user = "fcuny"; + }; + + # a VM running on the synology DS923+ + nixosConfigurations.vm-synology = mkSystem "vm-synology" { + system = "x86_64-linux"; + user = "fcuny"; + }; + + # a VM running on hetzner cloud + nixosConfigurations.vm-hetzner = mkSystem "vm-hetzner" { + system = "x86_64-linux"; + user = "fcuny"; + }; + + # my personal MacBook Air + darwinConfigurations.mba-m2 = mkSystem "mba-m2" { + system = "aarch64-darwin"; + user = "fcuny"; + darwin = true; + }; + + # my work MacBook Pro + darwinConfigurations.hq-c02fk3q7md6t = mkSystem "hq-c02fk3q7md6t" { + system = "x86_64-darwin"; + user = "fcuny"; + darwin = true; + }; + })); } diff --git a/nix/lib/mkSystem.nix b/nix/lib/mkSystem.nix index cb581c7..c9c8074 100644 --- a/nix/lib/mkSystem.nix +++ b/nix/lib/mkSystem.nix @@ -14,13 +14,11 @@ let # NixOS vs nix-darwin functionst systemFunc = if darwin then inputs.darwin.lib.darwinSystem else nixpkgs.lib.nixosSystem; - home-manager = - if darwin then - inputs.home-manager.darwinModules - else - inputs.home-manager.nixosModules; -in -systemFunc rec { + home-manager = if darwin then + inputs.home-manager.darwinModules + else + inputs.home-manager.nixosModules; +in systemFunc rec { inherit system; modules = [ diff --git a/nix/lib/overlays.nix b/nix/lib/overlays.nix index 1ec6f49..531c725 100644 --- a/nix/lib/overlays.nix +++ b/nix/lib/overlays.nix @@ -1,6 +1,5 @@ let path = ../../overlays; in with builtins; -map (n: import (path + ("/" + n))) (filter - (n: +map (n: import (path + ("/" + n))) (filter (n: match ".*\\.nix" n != null || pathExists (path + ("/" + n + "/default.nix"))) (attrNames (readDir path))) diff --git a/nix/users/fcuny/1password.nix b/nix/users/fcuny/1password.nix index 0e16f8e..fd1dfbe 100644 --- a/nix/users/fcuny/1password.nix +++ b/nix/users/fcuny/1password.nix @@ -4,8 +4,7 @@ let darwinSockPath = "${home}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; sockPath = ".1password/agent.sock"; -in -{ +in { home.sessionVariables = { SSH_AUTH_SOCK = "${home}/${sockPath}"; }; home.file.sock = { diff --git a/packages/hashi/default.nix b/packages/hashi/default.nix index cadabb4..bfe01d5 100644 --- a/packages/hashi/default.nix +++ b/packages/hashi/default.nix @@ -2,8 +2,7 @@ let url = "https://artifactory.rbx.com:443/artifactory/generic-rbx-local/hashi/0.1.4/bin/hashi_darwin-amd64"; -in -stdenv.mkDerivation rec { +in stdenv.mkDerivation rec { pname = "hashi"; version = "0.1.4"; src = fetchurl { diff --git a/secrets/secrets.nix b/secrets/secrets.nix index a2ea4c7..98e8dd4 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -2,14 +2,9 @@ let fcuny = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"; users = [ fcuny ]; - - vm-aarch64 = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvVTAPXBOynTeMXvti6Xt9luCJAHaHZBb6aGs0SDoO"; vm-synology = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHf5gXGbOjaoqdpCDnHjBMhikuM0smLKhUo7J83+by+K"; - systems = [ vm-aarch64 vm-synology ]; -in -{ +in { "restic-backups.age".publicKeys = [ fcuny vm-synology ]; "ddns-updater.age".publicKeys = users ++ [ vm-synology ]; } |