From acb5021913e3bded0e299dc680b6d63570959621 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Jul 2025 09:42:07 -0400 Subject: [PATCH 1/4] Refactor. --- flake.nix | 131 ++++++++++++++++++++++-------------------------------- 1 file changed, 54 insertions(+), 77 deletions(-) diff --git a/flake.nix b/flake.nix index 8dadb7e..2d0ad50 100644 --- a/flake.nix +++ b/flake.nix @@ -30,91 +30,68 @@ config.android_sdk.accept_license = true; }; }; + + # Common modules shared across all hosts + commonModules = [ + agenix.nixosModules.default + { + environment.systemPackages = [ agenix.packages.${system}.default ]; + } + ( + { config, pkgs, ... }: + { + nixpkgs.overlays = [ overlayUnstable ]; + } + ) + ]; + + # Common home-manager modules + homeManagerModules = [ + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + } + ]; + + # Helper function to create a host configuration + mkHost = + { + hostPath, + extraModules ? [ ], + includeHomeManager ? true, + specialArgs ? { }, + }: + nixpkgs.lib.nixosSystem { + inherit system specialArgs; + modules = + commonModules + ++ (if includeHomeManager then homeManagerModules else [ ]) + ++ extraModules + ++ [ hostPath ]; + }; in { nixosConfigurations = { - nixbox = nixpkgs.lib.nixosSystem { - inherit system; - modules = [ - agenix.nixosModules.default - { - environment.systemPackages = [ agenix.packages.${system}.default ]; - } - ( - { config, pkgs, ... }: - { - nixpkgs.overlays = [ overlayUnstable ]; - } - ) - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - } - ./hosts/nixbox - ]; + nixbox = mkHost { + hostPath = ./hosts/nixbox; }; - flynode = nixpkgs.lib.nixosSystem { - inherit system; - modules = [ - agenix.nixosModules.default - { - environment.systemPackages = [ agenix.packages.${system}.default ]; - } - ( - { config, pkgs, ... }: - { - nixpkgs.overlays = [ overlayUnstable ]; - } - ) - nixos-hardware.nixosModules.lenovo-thinkpad-z13-gen1 - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - } - ./hosts/flynode - ]; + + flynode = mkHost { + hostPath = ./hosts/flynode; + extraModules = [ nixos-hardware.nixosModules.lenovo-thinkpad-z13-gen1 ]; }; - thewordnerd = nixpkgs.lib.nixosSystem { - inherit system; + + thewordnerd = mkHost { + hostPath = ./hosts/hub; + extraModules = [ simple-nixos-mailserver.nixosModule ]; specialArgs = { inherit inputs; }; - modules = [ - agenix.nixosModules.default - { - environment.systemPackages = [ agenix.packages.${system}.default ]; - } - ( - { config, pkgs, ... }: - { - nixpkgs.overlays = [ overlayUnstable ]; - } - ) - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - } - simple-nixos-mailserver.nixosModule - ./hosts/hub - ]; }; - garden = nixpkgs.lib.nixosSystem { - inherit system; + + garden = mkHost { + hostPath = ./hosts/garden; + includeHomeManager = false; specialArgs = { inherit inputs; }; - modules = [ - agenix.nixosModules.default - { - environment.systemPackages = [ agenix.packages.${system}.default ]; - } - ( - { config, pkgs, ... }: - { - nixpkgs.overlays = [ overlayUnstable ]; - } - ) - ./hosts/garden - ]; }; }; }; From 6a69e169b55f0ce9146adbb3264a97432cc95147 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Jul 2025 10:28:34 -0400 Subject: [PATCH 2/4] Integrate pre-commit. --- .pre-commit-config.yaml | 1 + flake.lock | 66 ++++++++++++++++++++- flake.nix | 47 ++++++++++++--- hosts/flynode/hardware-configuration.nix | 73 ++++++++++++++---------- hosts/garden/hardware-configuration.nix | 19 ++++-- hosts/hub/apps/nextcloud.nix | 2 +- hosts/hub/hardware-configuration.nix | 65 ++++++++++++--------- hosts/nixbox/hardware-configuration.nix | 46 ++++++++++----- roles/flatpak.nix | 2 +- 9 files changed, 235 insertions(+), 86 deletions(-) create mode 120000 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 120000 index 0000000..e894b50 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1 @@ +/nix/store/f0lbp69njxy3wbzlnkahyhwnvr6qa4kh-pre-commit-config.json \ No newline at end of file diff --git a/flake.lock b/flake.lock index 7b4c98b..c345dd1 100644 --- a/flake.lock +++ b/flake.lock @@ -60,6 +60,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1747046372, @@ -76,12 +92,34 @@ } }, "git-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "git-hooks_2": { "inputs": { "flake-compat": [ "simple-nixos-mailserver", "flake-compat" ], - "gitignore": "gitignore", + "gitignore": "gitignore_2", "nixpkgs": [ "simple-nixos-mailserver", "nixpkgs" @@ -102,6 +140,27 @@ } }, "gitignore": { + "inputs": { + "nixpkgs": [ + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { "inputs": { "nixpkgs": [ "simple-nixos-mailserver", @@ -264,6 +323,7 @@ "root": { "inputs": { "agenix": "agenix", + "git-hooks": "git-hooks", "home-manager": "home-manager_2", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", @@ -274,8 +334,8 @@ "simple-nixos-mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat", - "git-hooks": "git-hooks", + "flake-compat": "flake-compat_2", + "git-hooks": "git-hooks_2", "nixpkgs": "nixpkgs_3", "nixpkgs-25_05": "nixpkgs-25_05" }, diff --git a/flake.nix b/flake.nix index 2d0ad50..143389a 100644 --- a/flake.nix +++ b/flake.nix @@ -9,6 +9,10 @@ }; agenix.url = "github:ryantm/agenix"; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; + git-hooks = { + url = "github:cachix/git-hooks.nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -19,11 +23,12 @@ nixos-hardware, agenix, simple-nixos-mailserver, + git-hooks, ... }: let system = "x86_64-linux"; - overlayUnstable = final: prev: { + overlayUnstable = _final: _prev: { unstable = import nixpkgsUnstable { inherit system; config.allowUnfree = true; @@ -37,12 +42,9 @@ { environment.systemPackages = [ agenix.packages.${system}.default ]; } - ( - { config, pkgs, ... }: - { - nixpkgs.overlays = [ overlayUnstable ]; - } - ) + { + nixpkgs.overlays = [ overlayUnstable ]; + } ]; # Common home-manager modules @@ -71,7 +73,7 @@ ++ [ hostPath ]; }; in - { + rec { nixosConfigurations = { nixbox = mkHost { hostPath = ./hosts/nixbox; @@ -94,5 +96,34 @@ specialArgs = { inherit inputs; }; }; }; + + checks.${system} = { + pre-commit-check = git-hooks.lib.${system}.run { + src = ./.; + hooks = { + # Check formatting of flake.nix + nixfmt-rfc-style = { + enable = true; + files = "^flake\\.nix$"; + }; + # Check for dead code in flake.nix + deadnix = { + enable = true; + files = "^flake\\.nix$"; + }; + # Flake-specific checks + flake-checker.enable = true; + }; + }; + }; + + devShells.${system}.default = + let + pkgs = nixpkgs.legacyPackages.${system}; + in + pkgs.mkShell { + inherit (checks.${system}.pre-commit-check) shellHook; + buildInputs = checks.${system}.pre-commit-check.enabledPackages; + }; }; } diff --git a/hosts/flynode/hardware-configuration.nix b/hosts/flynode/hardware-configuration.nix index aeb3788..1c2c205 100644 --- a/hosts/flynode/hardware-configuration.nix +++ b/hosts/flynode/hardware-configuration.nix @@ -1,47 +1,62 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "zpool/root"; - fsType = "zfs"; - }; + fileSystems."/" = { + device = "zpool/root"; + fsType = "zfs"; + }; - fileSystems."/home" = - { device = "zpool/home"; - fsType = "zfs"; - }; + fileSystems."/home" = { + device = "zpool/home"; + fsType = "zfs"; + }; - fileSystems."/var" = - { device = "zpool/var"; - fsType = "zfs"; - }; + fileSystems."/var" = { + device = "zpool/var"; + fsType = "zfs"; + }; - fileSystems."/nix" = - { device = "zpool/nix"; - fsType = "zfs"; - }; + fileSystems."/nix" = { + device = "zpool/nix"; + fsType = "zfs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/001D-B2B7"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/c9a2faf8-4e35-4946-a70f-c84d0fa359df"; } + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/001D-B2B7"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/c9a2faf8-4e35-4946-a70f-c84d0fa359df"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/garden/hardware-configuration.nix b/hosts/garden/hardware-configuration.nix index b584d72..a318f39 100644 --- a/hosts/garden/hardware-configuration.nix +++ b/hosts/garden/hardware-configuration.nix @@ -6,9 +6,20 @@ efiInstallAsRemovable = true; device = "nodev"; }; - fileSystems."/boot" = { device = "/dev/disk/by-uuid/FAAB-A09E"; fsType = "vfat"; }; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/FAAB-A09E"; + fsType = "vfat"; + }; + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; - + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; + } diff --git a/hosts/hub/apps/nextcloud.nix b/hosts/hub/apps/nextcloud.nix index e0511be..8e51e1e 100644 --- a/hosts/hub/apps/nextcloud.nix +++ b/hosts/hub/apps/nextcloud.nix @@ -58,7 +58,7 @@ # The nextcloud-setup service blocks container startup when it needs to perform upgrades, # creating a circular dependency: the network can't be configured until the container is ready, # but the container can't be ready without network access for the upgrade. - # + # # To upgrade Nextcloud when changing major versions: # 1. Uncomment the lines below to disable nextcloud-setup # 2. Run: nixos-rebuild switch diff --git a/hosts/hub/hardware-configuration.nix b/hosts/hub/hardware-configuration.nix index f5be4cb..abfc4a3 100644 --- a/hosts/hub/hardware-configuration.nix +++ b/hosts/hub/hardware-configuration.nix @@ -1,43 +1,56 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "zpool/root"; - fsType = "zfs"; - }; + fileSystems."/" = { + device = "zpool/root"; + fsType = "zfs"; + }; - fileSystems."/nix" = - { device = "zpool/nix"; - fsType = "zfs"; - }; + fileSystems."/nix" = { + device = "zpool/nix"; + fsType = "zfs"; + }; - fileSystems."/var" = - { device = "zpool/var"; - fsType = "zfs"; - }; + fileSystems."/var" = { + device = "zpool/var"; + fsType = "zfs"; + }; - fileSystems."/home" = - { device = "zpool/home"; - fsType = "zfs"; - }; + fileSystems."/home" = { + device = "zpool/home"; + fsType = "zfs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/8ADD-D5B1"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/8ADD-D5B1"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; swapDevices = [ ]; diff --git a/hosts/nixbox/hardware-configuration.nix b/hosts/nixbox/hardware-configuration.nix index b981b65..1bcb0ef 100644 --- a/hosts/nixbox/hardware-configuration.nix +++ b/hosts/nixbox/hardware-configuration.nix @@ -1,28 +1,46 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "ahci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/a0df6959-f878-48d0-aabe-5f46915c1921"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/a0df6959-f878-48d0-aabe-5f46915c1921"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/7EEE-698D"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7EEE-698D"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; swapDevices = [ ]; diff --git a/roles/flatpak.nix b/roles/flatpak.nix index 5014f01..2f335d3 100644 --- a/roles/flatpak.nix +++ b/roles/flatpak.nix @@ -4,4 +4,4 @@ environment.profileRelativeSessionVariables.PATH = [ "$HOME/.local/share/flatpak/exports/bin" ]; -} \ No newline at end of file +} From b8659e0b6c2f70bb646d5af22a78edbe303456f0 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Jul 2025 14:53:52 -0400 Subject: [PATCH 3/4] Correctly integrate pre-commit. --- .envrc | 1 + .gitignore | 2 ++ .pre-commit-config.yaml | 1 - 3 files changed, 3 insertions(+), 1 deletion(-) delete mode 120000 .pre-commit-config.yaml diff --git a/.envrc b/.envrc index 2c76fa5..a1a301f 100644 --- a/.envrc +++ b/.envrc @@ -1 +1,2 @@ +use flake export BASH_DEFAULT_TIMEOUT_MS=100000000 diff --git a/.gitignore b/.gitignore index 1b8d10d..1269213 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ *.iso result +/.pre-commit-config.yaml +.direnv diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml deleted file mode 120000 index e894b50..0000000 --- a/.pre-commit-config.yaml +++ /dev/null @@ -1 +0,0 @@ -/nix/store/f0lbp69njxy3wbzlnkahyhwnvr6qa4kh-pre-commit-config.json \ No newline at end of file From 0c93d3010df42b85defbffce4c647a32ab924d46 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Jul 2025 14:54:13 -0400 Subject: [PATCH 4/4] Bump dependencies. --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index c345dd1..0b43700 100644 --- a/flake.lock +++ b/flake.lock @@ -210,11 +210,11 @@ ] }, "locked": { - "lastModified": 1752544374, - "narHash": "sha256-ReX0NG6nIAEtQQjLqeu1vUU2jjZuMlpymNtb4VQYeus=", + "lastModified": 1752780124, + "narHash": "sha256-5dn97vIYxn6VozKePOQSDxVCsrl38nDdMJXx86KIJH0=", "owner": "nix-community", "repo": "home-manager", - "rev": "2e00ed310c218127e02ffcf28ddd4e0f669fde3e", + "rev": "c718918222bdb104397762dea67e6b397a7927fe", "type": "github" }, "original": { @@ -226,11 +226,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1752048960, - "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", + "lastModified": 1752666637, + "narHash": "sha256-P8J72psdc/rWliIvp8jUpoQ6qRDlVzgSDDlgkaXQ0Fw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", + "rev": "d1bfa8f6ccfb5c383e1eba609c1eb67ca24ed153", "type": "github" }, "original": { @@ -274,11 +274,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1752480373, - "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=", + "lastModified": 1752687322, + "narHash": "sha256-RKwfXA4OZROjBTQAl9WOZQFm7L8Bo93FQwSJpAiSRvo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08", + "rev": "6e987485eb2c77e5dcc5af4e3c70843711ef9251", "type": "github" }, "original": { @@ -290,11 +290,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1752436162, - "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=", + "lastModified": 1752620740, + "narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8", + "rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e", "type": "github" }, "original": {