2024-09-13 14:55:27 -07:00
description = "Joey's Flake";
inputs = {
# Package repositories:
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
2024-09-13 14:55:27 -07:00
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
# Applications:
hyprland = {
url = "github:hyprwm/Hyprland";
inputs.nixpkgs.follows = "nixpkgs-unstable";
nixgl.url = "github:nix-community/nixGL";
nix-flatpak.url = "github:gmodena/nix-flatpak";
stylix = {
url = "github:danth/stylix/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
zen-browser.url = "github:0xc000022070/zen-browser-flake";
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs";
2025-01-02 15:27:44 -08:00
ghostty.url = "github:ghostty-org/ghostty";
2024-09-13 14:55:27 -07:00
outputs = inputs@{
2025-01-02 15:27:44 -08:00
flake = {
gitServer.http = "https://gitea.jafner.tools";
gitServer.ssh = "ssh://git@gitea.jafner.tools:2225";
owner = "Jafner";
repoName = "Jafner.net";
branch = "main";
repoPath = "Git/Jafner.net";
path = "dotfiles/flake.nix";
usr.joey = {
realname = "Joey Hafner";
email = "joey@jafner.net";
encryptKey = "$HOME/.keys/joey@jafner.net.encrypt.gpg";
ageKey = "$HOME/.keys/joey.author.key";
usr.admin = {
realname = "admin";
email = "noreply@jafner.net";
jafnerKeys = let file = (import inputs.nixpkgs { system = "x86_64-linux"; }).fetchurl {
url = "https://github.com/Jafner.keys";
sha256 = "1i3Vs6mPPl965g3sRmbXGzx6zQBs5geBCgNx2zfpjF4=";
}; in inputs.nixpkgs.lib.splitString "\n" (builtins.readFile file);
in {
2024-09-13 14:55:27 -07:00
nixosConfigurations = {
desktop = let
sys = {
username = "joey";
hostname = "desktop";
signingKey = "B0BBF464024BCEAE";
shellPackage = "zsh";
kernelPackage = "linux_zen"; # Read more: https://nixos.wiki/wiki/Linux_kernel; Other options: https://mynixos.com/nixpkgs/packages/linuxKernel.packages;
wallpaper = ./assets/romb-3840x2160.png;
arch = "x86_64-linux";
flakeDir = "Git/Jafner.net/dotfiles";
authorizedKeys = jafnerKeys;
dockerData = "/home/joey/docker/data";
ssh = {
path = "/home/joey/.ssh";
privateKey = ".ssh/joey.desktop@jafner.net";
publicKey = ".ssh/joey.desktop@jafner.net.pub";
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
overlays = [ nixgl.overlay ];
config = { allowUnfreePredicate = (_: true); };
pkgs-unstable = import nixpkgs-unstable {
inherit system;
overlays = [ nixgl.overlay ];
config = { allowUnfreePredicate = (_: true); };
2025-01-22 17:04:26 -08:00
in nixpkgs.lib.nixosSystem {
modules = [
home-manager.sharedModules = [
home-manager.extraSpecialArgs = { inherit pkgs pkgs-unstable inputs; inherit sys usr flake; };
2024-09-13 14:55:27 -07:00
inherit system;
specialArgs = { inherit pkgs pkgs-unstable inputs sys usr flake; };
# build with:
# nix build .#nixosConfigurations.iso.config.system.build.isoImage
2025-01-22 17:04:26 -08:00
iso = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
2025-01-22 17:04:26 -08:00
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
in nixpkgs.lib.nixosSystem {
modules = [
2025-01-22 17:04:26 -08:00
system.stateVersion = "24.11";
environment.systemPackages = with pkgs; [
users.users."${sys.username}" = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
description = "${sys.username}";
openssh.authorizedKeys.keys = sys.authorizedKeys;
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
security.sudo = {
enable = true;
extraRules = [{
commands = [
command = "ALL";
options = [ "NOPASSWD" ];
groups = [ "wheel" ];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
2025-01-22 17:04:26 -08:00
inherit system pkgs;
specialArgs = { inherit sys; };
# build with:
# nix build .#nixosConfigurations.cloudimage.config.system.build.digitalOceanImage
2025-01-22 17:04:26 -08:00
cloudimage = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
2025-01-22 17:04:26 -08:00
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
in nixpkgs.lib.nixosSystem {
modules = [
system.stateVersion = "24.11";
environment.systemPackages = with pkgs; [
2025-01-22 17:04:26 -08:00
users.users."${sys.username}" = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
description = "${sys.username}";
openssh.authorizedKeys.keys = sys.authorizedKeys;
2025-01-22 17:04:26 -08:00
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
security.sudo = {
enable = true;
extraRules = [{
commands = [
command = "ALL";
options = [ "NOPASSWD" ];
groups = [ "wheel" ];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
2025-01-22 17:04:26 -08:00
inherit system pkgs;
specialArgs = { inherit sys; };
artificer = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
in nixpkgs.lib.nixosSystem {
modules = [
inherit system pkgs;
specialArgs = { inherit sys; };
fighter = let
sys = {
username = "admin";
hostname = "fighter";
authorizedKeys = jafnerKeys;
shellPackage = "bash";
networking = {
ifname = "enp3s0";
mac = "00:02:C9:56:BF:9A";
ip = "";
2025-02-05 23:22:10 -08:00
ssh = {
2025-02-05 23:25:25 -08:00
privateKey = ".ssh/admin@fighter";
2025-02-05 23:22:10 -08:00
dataDirs = {
appdata = "/appdata";
library = {
digitalModels = "/mnt/3DPrinting";
av = "/mnt/av";
books = "/mnt/books";
movies = "/mnt/movies";
music = "/mnt/music";
shows = "/mnt/shows";
torrenting = "/mnt/torrenting";
kernelPackage = "linux_6_12"; # Read more: https://nixos.wiki/wiki/Linux_kernel; Other options: https://mynixos.com/nixpkgs/packages/linuxKernel.packages;
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); allowUnfree = true; };
in nixpkgs.lib.nixosSystem {
modules = [
2025-02-06 01:38:06 -08:00
inherit system pkgs;
2025-02-06 01:35:10 -08:00
specialArgs = { inherit sys flake; };
deploy = {
nodes = {
artificer = {
hostname = "";
profilesOrder = [ "system" ];
profiles.system = {
user = "root";
sshUser = "admin";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.artificer;
fastConnection = true;
interactiveSudo = false;
autoRollback = true;
magicRollback = true;
remoteBuild = true;
confirmTimeout = 60;
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
2024-09-13 14:55:27 -07:00