Refactor, add roam using colmena

2025-05-14 03:22:38 +02:00 · 2025-05-14 03:22:38 +02:00 · 1106930891
commit 1106930891
parent a42514ce97
16 changed files with 348 additions and 103 deletions
--- a/3
+++ b/3
@ -10,6 +10,9 @@ all:
 switch: _switch_${HOST}
 apply:
 	colmena apply
 _switch_:
 	@echo "ERROR: couldn't find hostname"
 	@false
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,58 @@
 {
  "nodes": {
    "colmena": {
      "inputs": {
        "flake-compat": "flake-compat",
        "flake-utils": "flake-utils",
        "nix-github-actions": "nix-github-actions",
        "nixpkgs": "nixpkgs",
        "stable": "stable"
      },
      "locked": {
        "lastModified": 1746816769,
        "narHash": "sha256-ymQzXrfHVT8/RJiGbfrNjEeuzXQan46lUJdxEhgivdM=",
        "owner": "zhaofengli",
        "repo": "colmena",
        "rev": "df694ee23be7ed7b2d8b42c245a640f0724eb06c",
        "type": "github"
      },
      "original": {
        "owner": "zhaofengli",
        "repo": "colmena",
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1650374568,
        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "flake-utils": {
      "locked": {
        "lastModified": 1659877975,
        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@ -7,11 +60,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1747021744,
+        "lastModified": 1747155932,
-        "narHash": "sha256-IDsM/9/tHQBlhG3tXI2fTM84AUN1uRa7JDPT1LMlGes=",
+        "narHash": "sha256-NnPzzXEqfYjfrimLzK0JOBItfdEJdP/i6SNTuunCGgw=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "fb061f555f821fe4fb49f8f6f2a0cc3d5728bd52",
+        "rev": "8d832ddfda9facf538f3dda9b6985fb0234f151c",
        "type": "github"
      },
      "original": {
@ -20,13 +73,34 @@
        "type": "github"
      }
    },
    "nix-github-actions": {
      "inputs": {
        "nixpkgs": [
          "colmena",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1729742964,
        "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
        "owner": "nix-community",
        "repo": "nix-github-actions",
        "rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "nix-github-actions",
        "type": "github"
      }
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1746814339,
+        "lastModified": 1747129300,
-        "narHash": "sha256-hf2lICJzwACWuzHCmZn5NI6LUAOgGdR1yh8ip+duyhk=",
+        "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "3c5e12673265dfb0de3d9121420c0c2153bf21e0",
+        "rev": "e81fd167b33121269149c57806599045fd33eeed",
        "type": "github"
      },
      "original": {
@ -52,11 +126,44 @@
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1746904237,
        "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "colmena": "colmena",
        "home-manager": "home-manager",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs_2"
      }
    },
    "stable": {
      "locked": {
        "lastModified": 1746557022,
        "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-24.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    }
  },
--- a/flake.nix
+++ b/flake.nix
@ -2,6 +2,7 @@
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    colmena.url = "github:zhaofengli/colmena";
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
@ -13,26 +14,52 @@
      self,
      nixpkgs,
      nixos-hardware,
      colmena,
      home-manager,
    }@inputs:
    let
      lib = nixpkgs.lib;
      lib' = import ./lib.nix { inherit lib; };
      mod = lib'.walk-dir ./mod;
-      specialArgs = { inherit inputs mod lib'; };
+      specialArgs = { inherit inputs lib' mod; };
    in
    {
      nixosConfigurations = {
        "solo" = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          inherit specialArgs;
-          modules = [ ./host/solo ];
+          modules = [
            ./host/solo
            mod.shared.pc
          ];
        };
        "c2" = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          inherit specialArgs;
-          modules = [ ./host/c2 ];
+          modules = [
            ./host/c2
            mod.shared.pc
          ];
        };
      };
      colmenaHive = colmena.lib.makeHive {
        meta = {
          nixpkgs = import nixpkgs {
            system = "x86_64-linux";
          };
          inherit specialArgs;
        };
        "roam" = {
          deployment = {
            targetHost = "185.163.117.158";
            buildOnTarget = true;
          };
          imports = [
            ./host/roam
            mod.shared.all
          ];
        };
      };
--- a/host/c2/default.nix
+++ b/host/c2/default.nix
@ -1,18 +1,13 @@
-{ mod, inputs, ... }:
+{ inputs, ... }:
 {
  networking.hostName = "c2";
-  imports =
+  imports = with inputs.nixos-hardware.nixosModules; [
-    with mod;
+    ./hardware-configuration.nix
-    [
+    common-cpu-intel
-      collections.pc
+    common-pc-laptop
-      ./hardware-configuration.nix
+    common-pc-laptop-ssd
-    ]
+  ];
    ++ (with inputs.nixos-hardware.nixosModules; [
      common-cpu-intel
      common-pc-laptop
      common-pc-laptop-ssd
    ]);
  boot.loader.efi.efiSysMountPoint = "/boot/efi";
--- a/host/roam/default.nix
+++ b/host/roam/default.nix
@ -0,0 +1,18 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 {
  networking.hostName = "roam";
  imports = [
    ./hardware-configuration.nix
  ];
  services.openssh.enable = true;
  # ====== DON'T CHANGE ======
  system.stateVersion = "24.11";
 }
--- a/host/roam/hardware-configuration.nix
+++ b/host/roam/hardware-configuration.nix
@ -0,0 +1,77 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 {
  config,
  lib,
  pkgs,
  modulesPath,
  ...
 }:
 {
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
  ];
  boot.initrd.availableKernelModules = [
    "ata_piix"
    "uhci_hcd"
    "virtio_pci"
    "sr_mod"
    "virtio_blk"
  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];
  fileSystems."/" = {
    device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0";
    fsType = "btrfs";
    options = [
      "subvol=root"
      "compress=zstd:1"
      "noatime"
    ];
  };
  fileSystems."/home" = {
    device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0";
    fsType = "btrfs";
    options = [
      "subvol=home"
      "compress=zstd:1"
      "noatime"
    ];
  };
  fileSystems."/nix" = {
    device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0";
    fsType = "btrfs";
    options = [
      "subvol=nix"
      "compress=zstd:1"
      "noatime"
    ];
  };
  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/332B-8C27";
    fsType = "vfat";
    options = [
      "fmask=0022"
      "dmask=0022"
    ];
  };
  swapDevices = [ ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }
--- a/host/solo/default.nix
+++ b/host/solo/default.nix
@ -2,18 +2,16 @@
 {
  networking.hostName = "solo";
  services.xserver.enable = true;
  imports = with mod; [
    collections.pc
    software.keyboard
    software.games
    nvidia-gpu
    ./hardware-configuration.nix
  ];
-  powerManagement.enable = true;
+  powerManagement = {
-  powerManagement.cpuFreqGovernor = "performance";
+    enable = true;
    cpuFreqGovernor = "performance";
  };
  # ====== DON'T CHANGE ======
  system.stateVersion = "25.05";
--- a/lib.nix
+++ b/lib.nix
@ -9,7 +9,7 @@ rec {
      name = lib.removeSuffix ".nix" name;
      value =
        if value == "regular" then
-          import (path + "/${name}")
+          builtins.toPath (path + "/${name}")
        else if value == "directory" then
          walk-dir (path + "/${name}")
        else
--- a/mod/collections/pc.nix
+++ b/mod/collections/pc.nix
@ -1,20 +0,0 @@
 { mod, ... }:
 {
  imports = with mod; [
    audio
    boot
    fonts
    gpg
    locale
    network
    nix-configuration
    security
    services
    software.development
    software.editors
    software.programs
    software.shell
    software.window-manager
    users
  ];
 }
--- a/mod/home-manager.nix
+++ b/mod/home-manager.nix
@ -0,0 +1,25 @@
 {
  inputs,
  lib,
  options,
  config,
  ...
 }:
 {
  imports = [
    inputs.home-manager.nixosModules.home-manager
  ];
  config = {
    home.home.stateVersion = config.system.stateVersion;
    home-manager.users."hd" = lib.mkAliasDefinitions options.home;
  };
  options = {
    home = lib.mkOption {
      type = lib.types.attrs;
      default = { };
    };
  };
 }
--- a/mod/nix-configuration.nix
+++ b/mod/nix-configuration.nix
@ -13,42 +13,10 @@
      ];
      trusted-users = [
        "root"
        "@wheel"
      ];
      auto-optimise-store = true;
    };
    programs.nix-ld.enable = true;
    nixpkgs.config.allowUnfree = false;
    nixpkgs.config.allowUnfreePredicate =
      pkg:
      builtins.elem (lib.getName pkg) [
        "nvidia-x11"
        "nvidia-settings"
        "vscode"
        "obsidian"
        "steam"
        "steam-unwrapped"
        "gateway" # jetbrains
        "spotify"
        "rust-rover"
      ];
    home.home.stateVersion = config.system.stateVersion; # is this safe?
  };
  imports = [
    inputs.home-manager.nixosModules.home-manager
  ];
  # I don't think this will ever be multi user,
  # no need to seperate home-manager. `home` is used
  # in users.nix, I should prbably refactor...
  options = {
    home = lib.mkOption {
      type = lib.types.attrs;
      default = { };
    };
  };
 }
--- a/mod/shared/all.nix
+++ b/mod/shared/all.nix
@ -0,0 +1,10 @@
 { mod, ... }:
 {
  imports = with mod; [
    boot
    locale
    nix-configuration
    shell
    users
  ];
 }
--- a/mod/shared/pc.nix
+++ b/mod/shared/pc.nix
@ -0,0 +1,36 @@
 { mod, lib, ... }:
 {
  imports = with mod; [
    shared.all
    audio
    fonts
    gpg
    home-manager
    network
    nix-configuration
    security
    services
    software.development
    software.editors
    software.programs
    software.window-manager
  ];
  nixpkgs.config.allowUnfreePredicate =
    pkg:
    builtins.elem (lib.getName pkg) [
      "nvidia-x11"
      "nvidia-settings"
      "vscode"
      "obsidian"
      "steam"
      "steam-unwrapped"
      "gateway" # jetbrains
      "spotify"
      "rust-rover"
    ];
  programs.nix-ld.enable = true;
 }
--- a/mod/software/shell.nix
+++ b/mod/software/shell.nix
@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, inputs, ... }:
 {
  environment.shells = with pkgs; [
    bashInteractive
@ -18,6 +18,7 @@
    unzip
    wget
    wl-clipboard
    inputs.colmena.packages."x86_64-linux".colmena # todo use overlay
  ];
  programs = {
--- a/mod/software/games.nix
+++ b/mod/software/games.nix
@ -1,7 +0,0 @@
 { pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [
    runelite
  ];
  programs.steam.enable = true;
 }
--- a/mod/users.nix
+++ b/mod/users.nix
@ -5,19 +5,26 @@
  ...
 }:
 {
-  users.users."hd" = {
+  users = {
-    description = "Henri";
+    mutableUsers = false;
-    isNormalUser = true;
+    users."hd" = {
-    createHome = true;
+      description = "Henri";
-    home = "/home/hd";
+      isNormalUser = true;
-    extraGroups = [
+      createHome = true;
-      "networkmanager"
+      home = "/home/hd";
-      "wheel"
+      extraGroups = [ "wheel" ];
-    ];
+      shell = pkgs.fish;
-    shell = pkgs.fish;
+      packages = [ ];
-    packages = [ ];
+      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEG+dd4m98aKEWfFa/7VZUlJNX0axvIlHVihT8w7RLyY hd@solo"
      ];
      hashedPassword = "$y$j9T$L7VT26HQSBsX.nq5hKrZw0$6k43wNsKIO.SI.fqE1opaDuNobmFQrGXE1nzFB5wYg3";
    };
    users.root = {
      hashedPassword = "!";
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEG+dd4m98aKEWfFa/7VZUlJNX0axvIlHVihT8w7RLyY hd@solo"
      ];
    };
  };
  home-manager.users."hd" = lib.mkAliasDefinitions options.home;
  users.users.root.hashedPassword = "!";
 }