From 250548599646d95d7791eaa70595c63a5422ff76 Mon Sep 17 00:00:00 2001 From: DerGrumpf Date: Mon, 22 Jun 2026 22:16:53 +0200 Subject: [PATCH] Aligned flake with workflow --- .gitea/workflows/ci.yml | 5 +- flake.nix | 97 +++++++++++++++++++-------- home/shell.nix | 51 -------------- hosts/cyper-node-1/configuration.nix | 5 -- hosts/cyper-node-2/configuration.nix | 2 - nixos/default.nix | 5 ++ nixos/plymouth.nix | 4 +- nixos/roles/matrix/discord-bridge.nix | 2 - nixos/roles/unifi.nix | 2 - 9 files changed, 81 insertions(+), 92 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 486fbf4..560b4a0 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -8,12 +8,15 @@ on: jobs: check: runs-on: nix + env: + PATH: "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin" + NIXPKGS_ALLOW_UNFREE: "1" steps: - name: Checkout run: git clone https://git.cyperpunk.de/DerGrumpf/cyper-nix.git . - name: Nix flake check - run: nix flake check --no-build + run: nix flake check --impure - name: Format check run: nix fmt -- --check . diff --git a/flake.nix b/flake.nix index 53d98db..36ef17a 100644 --- a/flake.nix +++ b/flake.nix @@ -95,6 +95,61 @@ }@inputs: let primaryUser = "phil"; + + mkIso = + { + hostName, + isDarwin ? false, + isServer ? false, + }: + nixos-generators.nixosGenerate { + system = "x86_64-linux"; + format = "iso"; + specialArgs = { + inherit + inputs + primaryUser + self + hostName + isDarwin + isServer + ; + }; + modules = [ + { + nixpkgs.overlays = [ + inputs.nur.overlays.default + (import ./overlays { inherit (inputs) nur; }) + ]; + } + { nixpkgs.config.allowUnfree = true; } + { nixpkgs.hostPlatform = "x86_64-linux"; } + { networking.hostName = hostName; } + ./hosts/${hostName}/configuration.nix + ./nixos + inputs.sops-nix.nixosModules.sops + inputs.home-manager.nixosModules.home-manager + { + home-manager = { + extraSpecialArgs = { + inherit + inputs + primaryUser + self + hostName + isDarwin + isServer + ; + }; + users.${primaryUser} = import ./home; + backupFileExtension = "backup"; + useGlobalPkgs = true; + useUserPackages = true; + }; + } + ]; + }; + mkSystem = { hostName, @@ -196,36 +251,24 @@ isDarwin = true; }; - # NEW: flashable image for cyper-controller - packages.x86_64-linux.cyper-controller-image = nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "raw-efi"; - specialArgs = { - inherit inputs primaryUser self; + packages.x86_64-linux = { + cyper-desktop-iso = mkIso { hostName = "cyper-desktop"; }; + cyper-controller-iso = mkIso { hostName = "cyper-controller"; - isDarwin = false; isServer = true; }; - modules = [ - { nixpkgs.hostPlatform = "x86_64-linux"; } - { networking.hostName = "cyper-controller"; } - ./hosts/cyper-controller/configuration.nix - ./nixos - inputs.sops-nix.nixosModules.sops - inputs.home-manager.nixosModules.home-manager - { - home-manager = { - extraSpecialArgs = { - inherit inputs primaryUser self; - hostName = "cyper-controller"; - isDarwin = false; - isServer = true; - }; - users.${primaryUser} = import ./home; - backupFileExtension = "backup"; - }; - } - ]; + cyper-proxy-iso = mkIso { + hostName = "cyper-proxy"; + isServer = true; + }; + cyper-node-1-iso = mkIso { + hostName = "cyper-node-1"; + isServer = true; + }; + cyper-node-2-iso = mkIso { + hostName = "cyper-node-2"; + isServer = true; + }; }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; diff --git a/home/shell.nix b/home/shell.nix index f595570..db5680b 100644 --- a/home/shell.nix +++ b/home/shell.nix @@ -74,57 +74,6 @@ }; }; - # Doenst work - iamb = { - enable = false; - settings = { - default_profile = "personal"; - settings = { - notifications.enabled = true; - image_preview.protocol = { - type = "kitty"; - size = { - height = 10; - width = 66; - }; - }; - }; - }; - }; - - newsboat = { - enable = true; - autoReload = true; - browser = if isDarwin then "open" else "xdg-open"; - urls = [ - { - url = "https://www.tagesschau.de/xml/rss2"; - tags = [ - "news" - "de" - ]; - } - { - url = "https://www.spiegel.de/schlagzeilen/index.rss"; - tags = [ - "news" - "de" - ]; - } - { - url = "https://www.focus.de/rss"; - tags = [ - "news" - "de" - ]; - } - { - url = "https://feeds.feedburner.com/blogspot/rkEL"; - tags = [ "blog" ]; - } - ]; - }; - cava = lib.mkIf (!isDarwin) { enable = true; }; yazi = { diff --git a/hosts/cyper-node-1/configuration.nix b/hosts/cyper-node-1/configuration.nix index 8fb1bc3..9826ea0 100644 --- a/hosts/cyper-node-1/configuration.nix +++ b/hosts/cyper-node-1/configuration.nix @@ -1,11 +1,6 @@ { imports = [ ./hardware-configuration.nix - ../../nixos/roles/monitoring.nix - ../../nixos/roles/matrix.nix - ../../nixos/roles/postgresql.nix - ../../nixos/roles/wyl.nix - ../../nixos/roles/adguard.nix ]; networking = { diff --git a/hosts/cyper-node-2/configuration.nix b/hosts/cyper-node-2/configuration.nix index 8322e7a..575b7c3 100644 --- a/hosts/cyper-node-2/configuration.nix +++ b/hosts/cyper-node-2/configuration.nix @@ -1,8 +1,6 @@ { imports = [ ./hardware-configuration.nix - ../../nixos/roles/gitea.nix - ../../nixos/roles/filebrowser.nix ]; networking = { diff --git a/nixos/default.nix b/nixos/default.nix index 8769923..1562509 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -57,6 +57,11 @@ }; }; + nixpkgs.config = { + allowUnfree = true; + permittedInsecurePackages = [ "olm-3.2.16" ]; + }; + documentation = { enable = true; doc.enable = false; diff --git a/nixos/plymouth.nix b/nixos/plymouth.nix index 55369dc..c3c8a23 100644 --- a/nixos/plymouth.nix +++ b/nixos/plymouth.nix @@ -1,4 +1,4 @@ -{ ... }: +{ lib, ... }: { boot = { plymouth = { @@ -15,6 +15,6 @@ "udev.log_priority=3" "rd.systemd.show_status=auto" ]; - loader.timeout = 0; + loader.timeout = lib.mkDefault 0; }; } diff --git a/nixos/roles/matrix/discord-bridge.nix b/nixos/roles/matrix/discord-bridge.nix index f732931..0f61cf0 100644 --- a/nixos/roles/matrix/discord-bridge.nix +++ b/nixos/roles/matrix/discord-bridge.nix @@ -1,7 +1,5 @@ { config, lib, ... }: { - nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" ]; - sops.secrets = { discord_bot_token = { owner = "mautrix-discord"; diff --git a/nixos/roles/unifi.nix b/nixos/roles/unifi.nix index da78ebf..c561a67 100644 --- a/nixos/roles/unifi.nix +++ b/nixos/roles/unifi.nix @@ -1,8 +1,6 @@ { pkgs, ... }: { - nixpkgs.config.allowUnfree = true; - services.unifi = { enable = true; unifiPackage = pkgs.unifi;