diff options
| -rw-r--r-- | nix-conf/home/flake.lock | 161 | ||||
| -rw-r--r-- | nix-conf/home/flake.nix | 117 | ||||
| -rw-r--r-- | nix-conf/home/includes/common.nix | 11 | ||||
| -rw-r--r-- | nix-conf/home/includes/darwin.nix | 9 | ||||
| -rw-r--r-- | nix-conf/home/otm.nix | 3 |
5 files changed, 289 insertions, 12 deletions
diff --git a/nix-conf/home/flake.lock b/nix-conf/home/flake.lock new file mode 100644 index 0000000..305d45d --- /dev/null +++ b/nix-conf/home/flake.lock @@ -0,0 +1,161 @@ +{ + "nodes": { + "darwin-system-certs": { + "flake": false, + "locked": { + "lastModified": 1746337162, + "narHash": "sha256-nnYgKXmhL+DfaiQfk9y5fEZL+pDb7OuB9gsAo1JBv+Q=", + "path": "/private/etc/ssl/cert.pem", + "type": "path" + }, + "original": { + "path": "/private/etc/ssl/cert.pem", + "type": "path" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753470191, + "narHash": "sha256-hOUWU5L62G9sm8NxdiLWlLIJZz9H52VuFiDllHdwmVA=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "a1817d1c0e5eabe7dfdfe4caa46c94d9d8f3fdb6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-stable" + ] + }, + "locked": { + "lastModified": 1753288231, + "narHash": "sha256-WcMW9yUDfER8kz4NdCaaI/ep0Ef91L+Nf7MetNzHZc4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "7b5a978e00273b8676c530c03d315f5b75fae564", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1751313918, + "narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=", + "owner": "nix-darwin", + "repo": "nix-darwin", + "rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf", + "type": "github" + }, + "original": { + "owner": "nix-darwin", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753250450, + "narHash": "sha256-i+CQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fc02ee70efb805d3b2865908a13ddd4474557ecf", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1753250450, + "narHash": "sha256-i+CQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fc02ee70efb805d3b2865908a13ddd4474557ecf", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "darwin-system-certs": "darwin-system-certs", + "home-manager": "home-manager", + "home-manager-stable": "home-manager-stable", + "nix-darwin": "nix-darwin", + "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-unstable": "nixpkgs-unstable", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1752544651, + "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "2c8def626f54708a9c38a5861866660395bb3461", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nix-conf/home/flake.nix b/nix-conf/home/flake.nix new file mode 100644 index 0000000..03af5b7 --- /dev/null +++ b/nix-conf/home/flake.nix @@ -0,0 +1,117 @@ +{ + description = "Home Manager configuration"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + home-manager-stable = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs-stable"; + }; + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nix-darwin = { + url = "github:nix-darwin/nix-darwin/master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + darwin-system-certs = { + url = "/private/etc/ssl/cert.pem"; + flake = false; + }; + }; + + outputs = + { + self, + nixpkgs, + nixpkgs-stable, + nixpkgs-unstable, + nix-darwin, + home-manager, + home-manager-stable, + sops-nix, + ... + }@inputs: + let + darwin-system = "aarch64-darwin"; + linux-system = "x86_64-linux"; + linux-arm-system = "aarch64-linux"; + linux-pkgs = nixpkgs-stable.legacyPackages.${linux-system}; + darwin-overlay-unstable = final: prev: { + unstable = nixpkgs-unstable.legacyPackages.${darwin-system}; + }; + linux-overlay-unstable = final: prev: { + unstable = nixpkgs-unstable.legacyPackages.${linux-system}; + }; + linux-arm-overlay-unstable = final: prev: { + unstable = nixpkgs-unstable.legacyPackages.${linux-arm-system}; + }; + in + { + darwinConfigurations."LDN-DMORGAN" = nix-darwin.lib.darwinSystem { + modules = [ + # TODO move to separate file + ( + { pkgs, ... }: + { + nix.settings.experimental-features = "nix-command flakes"; + nix.settings.trusted-users = [ + "dmorgan" + "@staff" + ]; + nix.settings.ssl-cert-file = "/Users/dmorgan/certs/full-cert.pem"; + system.configurationRevision = self.rev or self.dirtyRev or null; + system.stateVersion = 6; + nixpkgs.hostPlatform = "aarch64-darwin"; + ids.gids.nixbld = 30000; + users.users.dmorgan.home = "/Users/dmorgan"; + fonts.packages = [ + pkgs.aporetic + pkgs.meslo-lgs-nf + pkgs.fira-code + ]; + } + ) + home-manager.darwinModules.home-manager + { + nixpkgs.overlays = [ darwin-overlay-unstable ]; + nixpkgs.config.allowUnfreePredicate = + pkg: builtins.elem (nixpkgs.lib.getName pkg) [ "aspell-dict-en-science" ]; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { + inherit inputs; + system = darwin-system; + }; + users.dmorgan = ./otm.nix; + }; + } + ]; + }; + # WIP: TODO: migrate home configs to nixos config + homeConfigurations."djm-egalmoth" = home-manager-stable.lib.homeManagerConfiguration { + pkgs = linux-pkgs; + extraSpecialArgs = { + inherit inputs; + system = linux-system; + }; + modules = [ + ( + { config, pkgs, ... }: + { + nixpkgs.overlays = [ linux-overlay-unstable ]; + } + ) + ./egalmoth.nix + ]; + }; + }; +} diff --git a/nix-conf/home/includes/common.nix b/nix-conf/home/includes/common.nix index e12558c..7589a9d 100644 --- a/nix-conf/home/includes/common.nix +++ b/nix-conf/home/includes/common.nix @@ -2,24 +2,20 @@ config, lib, pkgs, + inputs, ... }: let hcr = pkgs.callPackage ./scripts/hm-changes-report.nix { inherit config pkgs; }; scr = pkgs.callPackage ./scripts/system-changes-report.nix { inherit config pkgs; }; - unstable = import <unstable> { }; in { imports = [ ./zsh.nix - <sops-nix/modules/home-manager/sops.nix> + inputs.sops-nix.homeManagerModules.sops ]; - nixpkgs.config.allowUnfreePredicate = - pkg: builtins.elem (lib.getName pkg) [ "aspell-dict-en-science" ]; - nix = { - package = pkgs.nix; settings = { extra-experimental-features = [ "nix-command" @@ -381,4 +377,7 @@ in ]; }; }; + + programs.nh.enable = true; } + diff --git a/nix-conf/home/includes/darwin.nix b/nix-conf/home/includes/darwin.nix index e58c756..6a15642 100644 --- a/nix-conf/home/includes/darwin.nix +++ b/nix-conf/home/includes/darwin.nix @@ -73,7 +73,7 @@ in #mpc-cli #mpd #ncmpcpp - nix # on darwin we are not using nixos (duh) + nix nodejs pam-reattach pinentry_mac @@ -90,10 +90,9 @@ in wget ]; - nixpkgs.config.permittedInsecurePackages = [ - "emacs-mac-macport-29.1" - "emacs-mac-macport-with-packages-29.1" - ]; + home.sessionVariables = { + NH_DARWIN_FLAKE = "/etc/nix-darwin"; + }; nix.settings = { sandbox = true; diff --git a/nix-conf/home/otm.nix b/nix-conf/home/otm.nix index 6faf456..bcd8435 100644 --- a/nix-conf/home/otm.nix +++ b/nix-conf/home/otm.nix @@ -2,6 +2,7 @@ config, lib, pkgs, + inputs, ... }: let @@ -91,7 +92,7 @@ let + zscaler-cert; full-cert = - (builtins.readFile /etc/ssl/cert.pem) + aws-cert + internal-cert + internal-staging-cert; + (builtins.readFile inputs.darwin-system-certs) + aws-cert + internal-cert + internal-staging-cert; zscaler-cert-file = pkgs.writeText "zscaler-cert.pem" zscaler-cert; aws-cert-file = pkgs.writeText "aws-cert.pem" aws-cert; |