mynix/system
1
1
Fork 0
Code Issues Pull requests Activity

host/macbook-pro: init nix-darwin configuration

Browse source
This commit is contained in:
Dmitriy Pleshevskiy 2025-03-06 16:06:19 +03:00
parent 5bc599772d
commit 488dc5095e
Signed by: pleshevskiy
GPG key ID: 17041163DA10A9A2
7 changed files with 172 additions and 56 deletions

17
Makefile
View file

@ -1,4 +1,4 @@
NIX_RUN := nix run .\# NIX := nix --experimental-features "nix-command flakes"
DEPS_EDITOR := \ DEPS_EDITOR := \
nixeovim nixeovim
@ -14,7 +14,8 @@ DEPS_SYSTEM := \
MACHINES := \ MACHINES := \
home \ home \
asus-gl553vd asus-gl553vd \
macbook-pro
VPS := \ VPS := \
istal \ istal \
@ -32,12 +33,12 @@ define machine_rule
.PHONY: $(1) .PHONY: $(1)
$(1): ; $(1): ;
# systemctl --user reset-failed # systemctl --user reset-failed
sudo nix run -L $(NIX_ARGS) .#switch/$(1) -- $(BUILD_ARGS) sudo $(NIX) run -L $(NIX_ARGS) .#switch/$(1) -- $(BUILD_ARGS)
endef endef
define vps_rule define vps_rule
.PHONY: $(1) .PHONY: $(1)
$(1): ; nix run -L .#deploy/$(1) -- $(BUILD_ARGS) $(1): ; $(NIX) run -L .#deploy/$(1) -- $(BUILD_ARGS)
endef endef
@ -54,11 +55,11 @@ rollback:
.PHONY: neovim .PHONY: neovim
neovim: neovim:
nix profile upgrade $(or $(NEOVIM_INDEX),$(shell nix profile list --json | jq '.elements | to_entries[] | select(.value.attrPath | endswith(".neovim-dev")) | .key')) $(NIX) profile upgrade $(or $(NEOVIM_INDEX),$(shell $(NIX) profile list --json | jq '.elements | to_entries[] | select(.value.attrPath | endswith(".neovim-dev")) | .key'))
.PHONY: install/neovim .PHONY: install/neovim
install/neovim: install/neovim:
nix profile install .#neovim-dev $(NIX) profile install .#neovim-dev
################################################################################ ################################################################################
# Deps # Deps
@ -66,11 +67,11 @@ install/neovim:
.PHONY: deps/editor .PHONY: deps/editor
deps/editor: deps/editor:
nix flake update $(DEPS_EDITOR) $(NIX) flake update $(DEPS_EDITOR)
.PHONY: deps/system .PHONY: deps/system
deps/system: deps/system:
nix flake update $(DEPS_SYSTEM) $(NIX) flake update $(DEPS_SYSTEM)
.PHONY: deps .PHONY: deps
deps: deps/editor deps/system ; deps: deps/editor deps/system ;

22
flake.lock generated
View file

@ -255,6 +255,27 @@
"type": "github" "type": "github"
} }
}, },
"nix-darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741126078,
"narHash": "sha256-ng0a4cIq3c9E3iGKomlwqKzVYs2RLOzQho2U1Mc2sqU=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "c172f50b55b087f8e7801631de977461603bb976",
"type": "github"
},
"original": {
"owner": "LnL7",
"ref": "nix-darwin-24.11",
"repo": "nix-darwin",
"type": "github"
}
},
"nix2lua": { "nix2lua": {
"locked": { "locked": {
"lastModified": 1716215210, "lastModified": 1716215210,
@ -382,6 +403,7 @@
"impermanence": "impermanence", "impermanence": "impermanence",
"lan-mouse": "lan-mouse", "lan-mouse": "lan-mouse",
"nil": "nil", "nil": "nil",
"nix-darwin": "nix-darwin",
"nixeovim": "nixeovim", "nixeovim": "nixeovim",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",

153
flake.nix
View file

@ -27,6 +27,11 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-darwin = {
url = "github:LnL7/nix-darwin/nix-darwin-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
wired = { wired = {
url = "github:Toqozz/wired-notify"; url = "github:Toqozz/wired-notify";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -53,17 +58,75 @@
}; };
outputs = { self, flake-utils, nixpkgs, nixeovim, ... } @ inputs: outputs = { self, flake-utils, nixpkgs, nixeovim, ... } @ inputs:
let inherit (flake-utils.lib) eachSystem system; in let
eachSystem [ system.x86_64-linux ] inherit (nixpkgs) lib;
inherit (flake-utils.lib) eachSystem;
inherit (flake-utils.lib.system) x86_64-linux x86_64-darwin;
hosts = (import ./hosts inputs);
linuxMachines = lib.filterAttrs
(hostname: { system, ... }: system == x86_64-linux)
hosts;
darwinMachines = lib.filterAttrs
(hostname: { system, ... }: system == x86_64-darwin)
hosts;
mkDeploymentModule = targetHost: ({ lib, ... }: {
options.deployment = with lib; {
targetHost = mkOption {
type = types.nullOr types.str;
readOnly = true;
internal = true;
};
};
config.deployment = { inherit targetHost; };
});
baseHomeManagerModule = ({ ... }: {
home-manager.backupFileExtension = "backup";
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {
packagesPath = ./packages;
hostsPath = ./hosts;
};
home-manager.sharedModules = [
{
imports = [
./modules/home-manager
inputs.wired.homeManagerModules.default
inputs.lan-mouse.homeManagerModules.default
];
}
];
});
baseDarwinModule = system: ({ ... }: {
system.stateVersion = 5;
system.configurationRevision = self.rev or self.dirtyRev or null;
nixpkgs.hostPlatform = system;
});
in
eachSystem [ x86_64-linux x86_64-darwin ]
(system: (system:
let let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs { inherit system; };
inherit (pkgs) lib nixos-rebuild;
machineRebuild = { system, ...}:
if system == x86_64-linux
then pkgs.nixos-rebuild
else inputs.nix-darwin.packages.${x86_64-darwin}.darwin-rebuild;
nixeovimPackage = config: nixeovim.lib.mkNixeovimPackage { inherit system config; }; nixeovimPackage = config: nixeovim.lib.mkNixeovimPackage { inherit system config; };
localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations; localMachines = lib.filterAttrs
vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations; (h: m: m.config.deployment.targetHost == null)
(self.nixosConfigurations // self.darwinConfigurations);
vpsMachines = lib.filterAttrs
(h: m: m.config.deployment.targetHost != null)
self.nixosConfigurations;
in in
{ {
packages = { packages = {
@ -75,18 +138,20 @@
(flake-utils.lib.flattenTree { (flake-utils.lib.flattenTree {
deploy = lib.recurseIntoAttrs (lib.mapAttrs deploy = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "deploy/${hostname}" '' (hostname: machine: pkgs.writeShellScript "deploy/${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild switch \ ${lib.getExe (machineRebuild machine)} switch \
--flake .#${hostname} \ --flake .#${hostname} \
${lib.optionalString (system != machine.system) ''--build-host root@${machine.config.deployment.targetHost} \''}
--target-host root@${machine.config.deployment.targetHost} \ --target-host root@${machine.config.deployment.targetHost} \
$@ $@
'') '')
vpsMachines); vpsMachines);
switch = lib.recurseIntoAttrs (lib.mapAttrs switch = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "switch/${hostname}" '' (hostname: machine:
set -e pkgs.writeShellScript "switch/${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} $@ set -e
'') ${lib.getExe (machineRebuild machine)} switch --flake .#${hostname} $@
'')
localMachines); localMachines);
}); });
@ -117,7 +182,7 @@
}) })
// { // {
nixosConfigurations = nixosConfigurations =
nixpkgs.lib.mapAttrs lib.mapAttrs
(hostname: { system (hostname: { system
, specialArgs ? { } , specialArgs ? { }
, extraModules ? [ ] , extraModules ? [ ]
@ -144,42 +209,46 @@
impermanence.nixosModules.impermanence impermanence.nixosModules.impermanence
]) ])
++ [ ++ [
# deployment settings (mkDeploymentModule targetHost)
({ lib, ... }: { baseHomeManagerModule
options.deployment = with lib; {
targetHost = mkOption {
type = types.nullOr types.str;
readOnly = true;
internal = true;
};
};
config.deployment = { inherit targetHost; };
})
# base home manager settings
({ ... }: {
home-manager.backupFileExtension = "backup";
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {
packagesPath = ./packages;
hostsPath = ./hosts;
};
home-manager.sharedModules = [
{
imports = [
./modules/home-manager
inputs.wired.homeManagerModules.default
inputs.lan-mouse.homeManagerModules.default
];
}
];
})
] ]
++ extraModules ++ extraModules
++ [ ./modules/nixos ] ++ [ ./modules/nixos ]
++ [ ./hosts/${hostname}/configuration.nix ]; ++ [ ./hosts/${hostname}/configuration.nix ];
}) })
(import ./hosts inputs); linuxMachines;
darwinConfigurations =
lib.mapAttrs
(hostname: { system
, specialArgs ? { }
, extraModules ? [ ]
, targetHost ? null
}:
inputs.nix-darwin.lib.darwinSystem {
inputs = {
inherit inputs;
globalData = import ./data.nix;
usersPath = ./users;
hostsPath = ./hosts;
packagesPath = ./packages;
sharedPath = ./shared;
} // specialArgs;
modules =
(with inputs; [
agenix.darwinModules.default
home-manager.darwinModules.default
])
++ [
(baseDarwinModule system)
(mkDeploymentModule targetHost)
baseHomeManagerModule
]
++ extraModules
++ [ ./hosts/${hostname}/configuration.nix ];
})
darwinMachines;
diskoConfigurations = { diskoConfigurations = {
asus-gl553vd = import ./hosts/asus-gl553vd/disk-config.nix; asus-gl553vd = import ./hosts/asus-gl553vd/disk-config.nix;

17
hosts/default.nix
View file

@ -2,10 +2,11 @@
let let
hardware = inputs.hardware.nixosModules; hardware = inputs.hardware.nixosModules;
inherit (inputs.flake-utils.lib.system) x86_64-linux x86_64-darwin;
in in
{ {
home = { home = {
system = "x86_64-linux"; system = x86_64-linux;
extraModules = [ extraModules = [
hardware.common-gpu-amd hardware.common-gpu-amd
@ -15,7 +16,7 @@ in
}; };
asus-gl553vd = { asus-gl553vd = {
system = "x86_64-linux"; system = x86_64-linux;
extraModules = [ extraModules = [
hardware.common-cpu-intel hardware.common-cpu-intel
@ -24,8 +25,16 @@ in
]; ];
}; };
macbook-pro = {
system = x86_64-darwin;
extraModules = [
# ./networking.secret.nix
];
};
istal = { istal = {
system = "x86_64-linux"; system = x86_64-linux;
extraModules = [ extraModules = [
../modules/vps.nix ../modules/vps.nix
@ -35,7 +44,7 @@ in
}; };
tatos = { tatos = {
system = "x86_64-linux"; system = x86_64-linux;
extraModules = [ extraModules = [
../modules/vps.nix ../modules/vps.nix

4
hosts/home/hardware-configuration/nfs.nix
View file

@ -18,8 +18,8 @@
statdPort = 4000; statdPort = 4000;
exports = '' exports = ''
/export 192.168.0.0/24(rw,fsid=0,no_subtree_check) /export 192.168.0.0/24(rw,fsid=0,no_subtree_check)
/export/mynix 192.168.0.0/24(rw,nohide,insecure,no_subtree_check) /export/mynix 192.168.0.0/24(rw,nohide,insecure,no_subtree_check,all_squash,anonuid=502,anongid=20)
/export/projects 192.168.0.0/24(rw,nohide,insecure,no_subtree_check) /export/projects 192.168.0.0/24(rw,nohide,insecure,no_subtree_check,all_squash,anonuid=502,anongid=20)
''; '';
}; };
networking.firewall = { networking.firewall = {

15
hosts/macbook-pro/configuration.nix Normal file
View file

@ -0,0 +1,15 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
vim
];
nix.settings.experimental-features = "nix-command flakes";
services.synergy.client = {
enable = true;
serverAddress = "192.168.0.153";
screenName = "macbook-pro";
};
}

BIN
hosts/networking.secret.nix
View file

Binary file not shown.