diff --git a/hosts/HyperV/configuration.nix b/HyperV/configuration.nix similarity index 100% rename from hosts/HyperV/configuration.nix rename to HyperV/configuration.nix diff --git a/hosts/HyperV/hardware.nix b/HyperV/hardware.nix similarity index 100% rename from hosts/HyperV/hardware.nix rename to HyperV/hardware.nix diff --git a/hosts/HyperV/hyperv.nix b/HyperV/hyperv.nix similarity index 100% rename from hosts/HyperV/hyperv.nix rename to HyperV/hyperv.nix diff --git a/hosts/HyperV/networking.nix b/HyperV/networking.nix similarity index 100% rename from hosts/HyperV/networking.nix rename to HyperV/networking.nix diff --git a/hosts/HyperV/ssh/ssh_host_ed25519_key b/HyperV/ssh/ssh_host_ed25519_key similarity index 100% rename from hosts/HyperV/ssh/ssh_host_ed25519_key rename to HyperV/ssh/ssh_host_ed25519_key diff --git a/hosts/HyperV/ssh/ssh_host_ed25519_key.pub b/HyperV/ssh/ssh_host_ed25519_key.pub similarity index 100% rename from hosts/HyperV/ssh/ssh_host_ed25519_key.pub rename to HyperV/ssh/ssh_host_ed25519_key.pub diff --git a/hosts/HyperV/ssh/ssh_host_rsa_key b/HyperV/ssh/ssh_host_rsa_key similarity index 100% rename from hosts/HyperV/ssh/ssh_host_rsa_key rename to HyperV/ssh/ssh_host_rsa_key diff --git a/hosts/HyperV/ssh/ssh_host_rsa_key.pub b/HyperV/ssh/ssh_host_rsa_key.pub similarity index 100% rename from hosts/HyperV/ssh/ssh_host_rsa_key.pub rename to HyperV/ssh/ssh_host_rsa_key.pub diff --git a/flake.lock b/flake.lock index 4f1a787..fd94722 100644 --- a/flake.lock +++ b/flake.lock @@ -84,11 +84,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1677509389, - "narHash": "sha256-ry4dkSjIO0WuEbIDpTFV0W2iq2S26kWCv7EX2vKOWEI=", + "lastModified": 1677621055, + "narHash": "sha256-n3D/pZX0cYEpWKcLJSFImo5Dpk3D1RrxKVDmI6lnaIg=", "owner": "nix-community", "repo": "home-manager", - "rev": "ab7c8f4a8427bfcaf01a46bab974298cc27bc1f5", + "rev": "ef7d316578367ed7732a21eede6c79546a36124f", "type": "github" }, "original": { @@ -173,11 +173,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1677341534, - "narHash": "sha256-zqaJuOTnKzg5AubC4rzzJ/IS5kU5n4U7vxosv1Fv8Ug=", + "lastModified": 1677624842, + "narHash": "sha256-4DF9DbDuK4/+KYx0L6XcPBeDHUFVCtzok2fWtwXtb5w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7076110064c09f0b3942f609f2134c1358ef2e50", + "rev": "d70f5cd5c3bef45f7f52698f39e7cc7a89daa7f0", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 89241dc..dfa4642 100644 --- a/flake.nix +++ b/flake.nix @@ -49,18 +49,37 @@ }; - outputs = { self, nixpkgs, home-manager,library, ignore, filter,... }@inputs: + outputs = { self, nixpkgs, home-manager,nixpkgs-unstable,... }@inputs: let + inherit (lib.my) mapModules mapModulesRec mapHosts; inherit (self) outputs; - forEachSystem = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ]; - platforms = ["x86_64-linux"]; - forEachPkgs = f: forEachSystem (sys: f nixpkgs.legacyPackages.${sys}); + system = "x86_64-linux"; + + mkPkgs = pkgs: extraOverlays: import pkgs { + inherit system; + config.allowUnfree = true; # forgive me Stallman senpai + overlays = extraOverlays ++ (lib.attrValues self.overlays); + }; + pkgs = mkPkgs nixpkgs [ self.overlay ]; + pkgs' = mkPkgs nixpkgs-unstable []; + + lib = nixpkgs.lib.extend + (self: super: { my = import ./lib { inherit pkgs inputs outputs; lib = self; }; }); + in { + lib = lib.my; + packages."${system}" = + mapModules ./pkgs (p: pkgs.callPackage p {}); + + devShell."${system}" = + import ./shell.nix { inherit pkgs; }; + + overlay = + final: prev: { + unstable = pkgs'; + my = self.packages."${system}"; + }; - in - rec { - packages = forEachPkgs (pkgs: import ./pkgs { inherit pkgs; }); - devShells = forEachPkgs (pkgs: import ./shell.nix { inherit pkgs; }); overlays = import ./overlays { inherit inputs; }; @@ -71,7 +90,7 @@ name = x; value = import (./modules/nixos + "/${x}"); }) - (builtins.attrNames (builtins.readDir ../modules/nixos))); + (builtins.attrNames (builtins.readDir ./modules/nixos))); ##import our HM modules @@ -83,21 +102,23 @@ }) (builtins.attrNames (builtins.readDir ./modules/home-manager))); + + # nixosConfigurations = + # mapHosts ./hosts {}; + # NixOS configuration entrypoint # Available through 'nixos-rebuild --flake .#your-hostname' nixosConfigurations = { Go3 = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; }; modules = [ - ./hosts/WSL/Go3 - { imports = builtins.attrValues self.nixosModules; } + ./hosts/Go3 ]; }; StuPC = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; }; modules = [ - ./hosts/WSL/StuPC - { imports = builtins.attrValues self.nixosModules; } + ./hosts/StuPC ]; }; diff --git a/home-manager/global/keybase.nix b/home-manager/global/keybase.nix index 0e5fd74..2c3ea7c 100644 --- a/home-manager/global/keybase.nix +++ b/home-manager/global/keybase.nix @@ -1,53 +1,10 @@ { config, pkgs, inputs, lib, hostName, util, ... }: with lib; - +with lib.my; let - inherit - (builtins) - # attrNames - # attrValues - # foldl' - # isPath - # pathExists - readDir - # toString - ; - - inherit - (lib) - # flatten - filterAttrs - # forEach - # getAttrFromPath - # hasPrefix - # hasSuffix - # id - # mapAttrs' - # mapAttrsToList - # mkIf - # nameValuePair - # removeSuffix - ; cfg = config.custom.keybase; username = config.home.username; secretstore = config._secretstore; -# map = import "${inputs.self}/lib/map.nix"; - - # 'sops' Encrypted Secrets - hm_secrets = dir: out_dir: - filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: - if type == "regular" - then - nameValuePair name { - sopsFile = dir + "/${name}"; - format = "binary"; - path = out_dir + "/${name}"; - - } - else nameValuePair "" null) (readDir dir); - - filter = name: func: attrs: filterAttrs name (mapAttrs' func attrs); - in { # imports = [ diff --git a/hosts/WSL/Go3/default.nix b/hosts/Go3/default.nix similarity index 94% rename from hosts/WSL/Go3/default.nix rename to hosts/Go3/default.nix index c7c1702..af18ef9 100644 --- a/hosts/WSL/Go3/default.nix +++ b/hosts/Go3/default.nix @@ -1,9 +1,9 @@ { lib, pkgs, config, inputs, ... }: { imports = [ - ../../common - ../../common/mnt-public.nix - ../../common/user-sstent.nix + ../common.nix + ../mnt-public.nix + ../user-sstent.nix inputs.nixos-wsl.nixosModules.wsl ]; diff --git a/hosts/WSL/StuPC/default.nix b/hosts/StuPC/default.nix similarity index 94% rename from hosts/WSL/StuPC/default.nix rename to hosts/StuPC/default.nix index 300e5a6..9cde4db 100644 --- a/hosts/WSL/StuPC/default.nix +++ b/hosts/StuPC/default.nix @@ -1,9 +1,9 @@ { lib, pkgs, config, inputs, ... }: { imports = [ - ../../common - ../../common/mnt-public.nix - ../../common/user-sstent.nix + ../common.nix + ../mnt-public.nix + ../user-sstent.nix inputs.nixos-wsl.nixosModules.wsl ]; diff --git a/hosts/common/default.nix b/hosts/common.nix similarity index 92% rename from hosts/common/default.nix rename to hosts/common.nix index 9feca08..f22563e 100644 --- a/hosts/common/default.nix +++ b/hosts/common.nix @@ -4,7 +4,7 @@ imports = [ inputs.home-manager.nixosModules.home-manager ./sops.nix - ] ++ (builtins.attrValues outputs.nixosModules); + ]++ (builtins.attrValues outputs.nixosModules); ###dotfiles path variable options._dotfiles = lib.mkOption { diff --git a/hosts/common/mnt-public.nix b/hosts/mnt-public.nix similarity index 100% rename from hosts/common/mnt-public.nix rename to hosts/mnt-public.nix diff --git a/hosts/common/sops.nix b/hosts/sops.nix similarity index 100% rename from hosts/common/sops.nix rename to hosts/sops.nix diff --git a/hosts/common/user-sstent.nix b/hosts/user-sstent.nix similarity index 100% rename from hosts/common/user-sstent.nix rename to hosts/user-sstent.nix diff --git a/lib/hm_secrets.nix b/lib/hm_secrets.nix new file mode 100644 index 0000000..22f8f90 --- /dev/null +++ b/lib/hm_secrets.nix @@ -0,0 +1,31 @@ +{lib, ...}: let + inherit + (builtins) + readDir + ; + + inherit + (lib) + filterAttrs + hasPrefix + hasSuffix + mapAttrs' + nameValuePair + + ; +in rec { + filter = name: func: attrs: filterAttrs name (mapAttrs' func attrs); + + # 'sops' Encrypted Secrets + hm_secrets = dir: out_dir: + filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: + if type == "regular" && hasSuffix ".age" name + then + nameValuePair name { + sopsFile = dir + "/${name}"; + format = "binary"; + path = out_dir + "/${name}"; + + } + else nameValuePair "" null) (readDir dir); +} \ No newline at end of file diff --git a/lib/map.nix b/lib/map.nix deleted file mode 100644 index 4a4aa12..0000000 --- a/lib/map.nix +++ /dev/null @@ -1,123 +0,0 @@ -{lib, ...}: let - inherit - (builtins) - attrNames - attrValues - foldl' - isPath - pathExists - readDir - toString - ; - - inherit - (lib) - flatten - filterAttrs - forEach - getAttrFromPath - hasPrefix - hasSuffix - id - mapAttrs' - mapAttrsToList - mkIf - nameValuePair - removeSuffix - ; -in rec { - ## Mapping Functions ## - array = list: func: forEach list (name: getAttrFromPath [name] func); - filter = name: func: attrs: filterAttrs name (mapAttrs' func attrs); - list = func: foldl' (x: y: x + y + " ") "" (attrNames func); - - ## Files Map - # Top Level - files = dir: func: extension: - filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: let - path = "${toString dir}/${name}"; - in - if - (type == "directory" || type == "symlink") - && ( - if (extension == ".nix") - then pathExists "${path}/default.nix" - else true - ) - then nameValuePair name (func path) - else if - type - == "regular" - && ( - if (extension == ".nix") - then name != "default.nix" - else true - ) - && hasSuffix extension name - then nameValuePair (removeSuffix extension name) (func path) - else nameValuePair "" null) (readDir dir); - - # Recursive - files' = dir: func: extension: - filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: let - path = "${toString dir}/${name}"; - in - if (type == "directory" || type == "symlink") - then nameValuePair name (files' path func) - else if - type - == "regular" - && ( - if (extension == ".nix") - then name != "default.nix" - else true - ) - && hasSuffix extension name - then nameValuePair (removeSuffix extension name) (func path) - else nameValuePair "" null) (readDir dir); - - # Package Patches - patches = patch: - if isPath patch - then - flatten (mapAttrsToList (name: type: - if - type - == "regular" - && (hasSuffix ".diff" name || hasSuffix ".patch" name) - then patch + "/${name}" - else null) (readDir patch)) - else patch; - - # Module Imports - module = dir: attrValues (modules dir id); - module' = dir: attrNames (modules dir id); - modules = dir: func: files dir func ".nix"; - modules' = dir: func: files' dir func ".nix"; - - # 'sops' Encrypted Secrets - secrets = dir: neededForUsers: - filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: - if type == "regular" && hasSuffix ".secret" name - then - nameValuePair name { - sopsFile = dir + "/${name}"; - format = "binary"; - inherit neededForUsers; - } - else nameValuePair "" null) (readDir dir); - - - # 'sops' Encrypted Secrets - hm_secrets = dir: out_dir: - filter (name: type: type != null && !(hasPrefix "_" name)) (name: type: - if type == "regular" && hasSuffix ".age" name - then - nameValuePair name { - sopsFile = dir + "/${name}"; - format = "binary"; - path = out_dir + "/${name}"; - - } - else nameValuePair "" null) (readDir dir); -} \ No newline at end of file diff --git a/modules/nixos/ssh/default.nix b/modules/nixos/ssh/default.nix index f6c9076..7ee6071 100644 --- a/modules/nixos/ssh/default.nix +++ b/modules/nixos/ssh/default.nix @@ -1,13 +1,17 @@ -{ lib, config, pkgs, ... }: { +{ lib, pkgs, config, ... }: +with lib; + +let cfg = config.custom.sshd; +in { #define option to enable this - options.mymods.sshd.enable = lib.mkEnableOption "Enable SSH"; + options.custom.sshd.enable = mkEnableOption "Enable SSH"; - config = lib.mkIf config.mymods.sshd.enable { + config = mkIf cfg.enable { services.openssh = { enable = true; - settings.permitRootLogin = "no"; - settings.passwordAuthentication = false; + permitRootLogin = "no"; + passwordAuthentication = false; }; networking.firewall.allowedTCPPorts = [ 22 ];