Some cleanup, prep for stabilizing on 24.05 when it releases for server hosts

2024-03-28 13:10:51 -05:00 · 2024-03-28 13:10:51 -05:00 · d571fabd4f
commit d571fabd4f
parent c6fdb6838a
6 changed files with 114 additions and 40 deletions
--- a/flake.lock
+++ b/flake.lock
@ -332,6 +332,22 @@
        "type": "github"
      }
    },
+    "nixpkgs-next": {
+      "locked": {
+        "lastModified": 1711646189,
+        "narHash": "sha256-+fnMLzJhiLAY/2ACsWPnLkstUpR0PKEVjlsCWH2aFGg=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "5d44454602e6964b5e582edc81098aac06f8ecbe",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "staging-next",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1711124224,
@ -445,6 +461,7 @@
        "home-manager": "home-manager",
        "hyprland": "hyprland",
        "nixpkgs": "nixpkgs_3",
+        "nixpkgs-next": "nixpkgs-next",
        "nixpkgs-stable": "nixpkgs-stable",
        "nixpkgsForIosevka": "nixpkgsForIosevka",
        "pre-commit-hooks": "pre-commit-hooks",
@ -499,7 +516,7 @@
          "nixpkgs"
        ],
        "nixpkgs-stable": [
-          "nixpkgs"
+          "nixpkgs-stable"
        ]
      },
      "locked": {
--- a/flake.nix
+++ b/flake.nix
@ -4,6 +4,8 @@

    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";

+    nixpkgs-next.url = "github:nixos/nixpkgs/staging-next";
+
    # I have this as a separate input so I don't rebuild the font every time I
    # want to upgrade nixpkgs
    nixpkgsForIosevka.url = "github:nixos/nixpkgs?rev=5863c27340ba4de8f83e7e3c023b9599c3cb3c80";
@ -24,7 +26,7 @@

    sops-nix.url = "github:Mic92/sops-nix";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
-    sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
+    sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs-stable";

    hardware.url = "github:nixos/nixos-hardware";
    # hardware.inputs.nixpkgs.follows = "nixpkgs";
@ -46,6 +48,7 @@
  outputs = {
    self,
    nixpkgs,
+    nixpkgs-next,
    nixpkgsForIosevka,
    home-manager,
    hardware,
@ -118,25 +121,48 @@

    # NixOS configuration entrypoint
    # Available through 'nixos-rebuild --flake .#your-hostname'
-    nixosConfigurations = builtins.mapAttrs (name: {
-      system,
-      modules,
-      ...
-    }:
-      nixpkgs.lib.nixosSystem {
-        inherit system;
-        specialArgs = {
-          inherit inputs outputs system api-lyte-dev hardware;
+    nixosConfigurations =
+      (builtins.mapAttrs (name: {
+          system,
+          modules,
+          ...
+        }:
+        # let
+        # commonModules =
+        # in
+          nixpkgs.lib.nixosSystem {
+            inherit system;
+            specialArgs = {
+              # TODO: avoid special args and actually pass inputs to modules?
+              inherit inputs outputs hardware;
+            };
+            # extraSpecialArgs = {
+            #   inherit inputs outputs system api-lyte-dev;
+            # };
+            modules =
+              [
+                self.nixosModules.common
+              ]
+              ++ modules;
+          }) (import ./nixos))
+      // {
+        # TODO: stabilize "appliance"-type hosts on stable nixpkgs ASAP to avoid breakages
+        beefcake = nixpkgs-next.lib.nixosSystem {
+          system = "x86_64-linux";
+          specialArgs = {
+            inherit inputs outputs api-lyte-dev hardware;
+          };
+          modules = [self.nixosModules.common ./nixos/beefcake.nix];
        };
-        # extraSpecialArgs = {
-        #   inherit inputs outputs system api-lyte-dev;
+        # rascal = {
+        #   system = "x86_64-linux";
+        #   modules = [./rascal.nix];
        # };
-        modules =
-          [
-            self.nixosModules.common
-          ]
-          ++ modules;
-      }) (import ./nixos);
+        # router = {
+        #   system = "x86_64-linux";
+        #   modules = [./router.nix];
+        # };
+      };

    # Standalone home-manager configuration entrypoint
    # Available through 'home-manager --flake .#your-username@your-hostname'
--- a/modules/home-manager/hyprland.nix
+++ b/modules/home-manager/hyprland.nix
@ -268,7 +268,10 @@
      # }

      # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
-      # windowrulev2 = float,class:^.*(kitty|firefox|org.wezfurlong.wezterm).*$
+      windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
+      windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
+      windowrulev2 = opacity 1.0 0.9,floating:1
+
      windowrulev2 = opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$
      windowrulev2 = noanim,class:^(xwaylandvideobridge)$
      windowrulev2 = noinitialfocus,class:^(xwaylandvideobridge)$
--- a/modules/nixos/common.nix
+++ b/modules/nixos/common.nix
@ -18,10 +18,10 @@ in {
      inputs.disko.nixosModules.disko
      inputs.home-manager.nixosModules.home-manager
    ]
-    ++ (with outputs.nixosModules; [
-      avahi
-      daniel
-    ]);
+    ++ [
+      ./avahi.nix
+      ./daniel.nix
+    ];

  hardware.enableRedistributableFirmware = true;

--- a/nixos/beefcake.nix
+++ b/nixos/beefcake.nix
@ -125,6 +125,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
      };
    }
    {
+      # nix binary cache
      services.nix-serve = {
        enable = true;
        secretKeyFile = "/var/cache-priv-key.pem";
@ -138,6 +139,26 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
        80
        443
      ];
+
+      # regularly build this flake so we have stuff in the cache
+      systemd.timers."build-lytedev-flake" = {
+        wantedBy = ["timers.target"];
+        timerConfig = {
+          OnBootSec = "30m"; # 30 minutes after booting
+          OnUnitActiveSec = "1d"; # every day afterwards
+          Unit = "build-lytedev-flake.service";
+        };
+      };
+
+      systemd.services."build-lytedev-flake" = {
+        script = ''
+          nixos-rebuild build --flake git+https://git.lyte.dev/lytedev/nix.git
+        '';
+        serviceConfig = {
+          Type = "oneshot";
+          User = "daniel"; # might have to run as me for git ssh access to the repo
+        };
+      };
    }
    {
      services.headscale = {
--- a/nixos/default.nix
+++ b/nixos/default.nix
@ -3,38 +3,45 @@
    system = "x86_64-linux";
    modules = [./base.nix];
  };
-  beefcake = {
-    system = "x86_64-linux";
-    modules = [./beefcake.nix];
-  };
+
+  # workstation
  dragon = {
    system = "x86_64-linux";
    modules = [./dragon.nix];
  };
+
+  # primary laptop
  foxtrot = {
    system = "x86_64-linux";
    modules = [./foxtrot.nix];
  };
-  musicbox = {
-    system = "x86_64-linux";
-    modules = [./musicbox.nix];
-  };
-  rascal = {
-    system = "x86_64-linux";
-    modules = [./rascal.nix];
-  };
-  router = {
-    system = "x86_64-linux";
-    modules = [./router.nix];
-  };
+
+  # entertainment convertible laptop
  thablet = {
    system = "x86_64-linux";
    modules = [./thablet.nix];
  };
+
+  # thinkpad backup laptop
  thinker = {
    system = "x86_64-linux";
    modules = [./thinker.nix];
  };
+
+  # TODO: stabilize these machines on nixpkgs-stable
+  # owned offsite backup
+  rascal = {
+    system = "x86_64-linux";
+    modules = [./rascal.nix];
+  };
+
+  # TODO: deploy this to the actual router
+  # home gateway
+  router = {
+    system = "x86_64-linux";
+    modules = [./router.nix];
+  };
+
  # htpifour = {
  #   system = "aarch64-linux";
  #   modules = [./htpifour.nix];