diff --git a/Taskfile.yaml b/Taskfile.yaml index 01ef6e7..166364c 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -17,3 +17,14 @@ tasks: silent: true cmds: - task -l + + lint: + desc: Run statix lint + cmds: + - statix check . + + check: + desc: Check project files + cmds: + - task: lint + - task: pc-run diff --git a/flake.nix b/flake.nix index ab0caed..0c33439 100644 --- a/flake.nix +++ b/flake.nix @@ -23,10 +23,19 @@ nixpkgs, sops-nix, ... - } @ inputs: + } @ inputs: let + inherit (self) outputs; + forAllSystems = nixpkgs.lib.genAttrs [ + "aarch64-linux" + # "i686-linux" + "x86_64-linux" + # "aarch64-darwin" + # "x86_64-darwin" + ]; + in with inputs; { # Use nixpkgs-fmt for 'nix fmt' - formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt; + formatter = forAllSystems (system: nixpkgs.legacyPackages."${system}".nixpkgs-fmt); # Each subdirectory in ./machines is a host. Add them all to # nixosConfigurations. Host configurations need a file called diff --git a/iso/README.md b/images/README.md similarity index 100% rename from iso/README.md rename to images/README.md diff --git a/iso/iso.nix b/images/iso.nix similarity index 100% rename from iso/iso.nix rename to images/iso.nix diff --git a/images/rpi/flake.lock b/images/rpi/flake.lock new file mode 100644 index 0000000..bbb9452 --- /dev/null +++ b/images/rpi/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixos": { + "locked": { + "lastModified": 1688392541, + "narHash": "sha256-lHrKvEkCPTUO+7tPfjIcb7Trk6k31rz18vkyqmkeJfY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixos": "nixos" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/images/rpi/flake.nix b/images/rpi/flake.nix new file mode 100644 index 0000000..9eaeb76 --- /dev/null +++ b/images/rpi/flake.nix @@ -0,0 +1,28 @@ +{ + description = "A flake to build a basic NixOS iso"; + inputs.nixos.url = "github:nixos/nixpkgs/nixos-22.11"; + outputs = { + self, + nixos, + }: { + nixosConfigurations = let + exampleBase = { + isoImage.squashfsCompression = "gzip -Xcompression-level 1"; + systemd.services.sshd.wantedBy = nixos.lib.mkForce ["multi-user.target"]; + users.users.root.openssh.authorizedKeys.keys = [""]; + }; + in { + x86 = nixos.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + "${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" + exampleBase + ]; + }; + example = nixos.lib.nixosSystem { + system = "x86_64-linux"; + modules = [exampleBase]; + }; + }; + }; +} diff --git a/nixos/hosts/common/nixos/packages.nix b/nixos/hosts/common/nixos/packages.nix index 91a0133..1832144 100644 --- a/nixos/hosts/common/nixos/packages.nix +++ b/nixos/hosts/common/nixos/packages.nix @@ -17,7 +17,11 @@ gh # TODO Move + nil + nixpkgs-fmt + statix ]; + programs.direnv = { # TODO move to home-manager enable = true; diff --git a/nixos/hosts/common/optional/editors/vscode/default.nix b/nixos/hosts/common/optional/editors/vscode/default.nix index fcbe88d..59fd27d 100644 --- a/nixos/hosts/common/optional/editors/vscode/default.nix +++ b/nixos/hosts/common/optional/editors/vscode/default.nix @@ -1,8 +1,7 @@ -{ - config, - pkgs, - lib, - ... +{ config +, pkgs +, lib +, ... }: { # Enable vscode & addons environment.systemPackages = with pkgs; [ @@ -11,6 +10,8 @@ vscodeExtensions = with vscode-extensions; [ bbenoist.nix + mkhl.direnv + ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ { diff --git a/nixpkgs.nix b/nixpkgs.nix new file mode 100644 index 0000000..041de40 --- /dev/null +++ b/nixpkgs.nix @@ -0,0 +1,8 @@ +# A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file +# This is useful to avoid using channels when using legacy nix commands +let lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; +in +import (fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; + sha256 = lock.narHash; +}) diff --git a/shell.nix b/shell.nix index 0677706..aefda51 100644 --- a/shell.nix +++ b/shell.nix @@ -14,5 +14,14 @@ }: pkgs.mkShell { # Enable experimental features without having to specify the argument NIX_CONFIG = "experimental-features = nix-command flakes"; - nativeBuildInputs = with pkgs; [ nix home-manager git nil nixpkgs-fmt go-task sops ]; + nativeBuildInputs = with pkgs; [ + nix + home-manager + git + nil + nixpkgs-fmt + go-task + sops + pre-commit + ]; }