From b93de743aced7d7fdd891289f8768bc757a92b4b Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 17:58:53 +0200 Subject: [PATCH 01/13] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Update=20flake=20inp?= =?UTF-8?q?uts=20(2025-07-28)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 886aa27..83b78b3 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1753471400, - "narHash": "sha256-HFoF82El1cjuiz5se+SeawMwWseUUtYBimq3Iu6G2D0=", + "lastModified": 1753702336, + "narHash": "sha256-IVFUQV6egGQHnm+I183OT+4ct/ka1IWA5u/0A9I/YV4=", "owner": "catppuccin", "repo": "nix", - "rev": "bc6d2b7b57dd29389538f8c4465e408c07187404", + "rev": "b32de96c3c5384c83b0f4d741ec58a7f97c9ab11", "type": "github" }, "original": { @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1753617834, - "narHash": "sha256-WEVfKrdIdu5CpppJ0Va3vzP0DKlS+ZTLbBjugMO2Drg=", + "lastModified": 1753709185, + "narHash": "sha256-fU0XPSNudRJHvbeMK2qWBXEbfd77t7r+e9V2L9ON5kI=", "owner": "nix-community", "repo": "home-manager", - "rev": "72cc1e3134a35005006f06640724319caa424737", + "rev": "20cf285e9f8e5e3968abca80081c03ea96e7ea73", "type": "github" }, "original": { @@ -160,11 +160,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1753429684, - "narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=", + "lastModified": 1753549186, + "narHash": "sha256-Znl7rzuxKg/Mdm6AhimcKynM7V3YeNDIcLjBuoBcmNs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7fd36ee82c0275fb545775cc5e4d30542899511d", + "rev": "17f6bd177404d6d43017595c5264756764444ab8", "type": "github" }, "original": { From bcaad1ab811b170d37e92ecdfc9c6f2c713865c5 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:22:37 +0200 Subject: [PATCH 02/13] =?UTF-8?q?=F0=9F=94=A5=20Remove=20some=20leftovers?= =?UTF-8?q?=20from=20previous=20experiments?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build-modules.yml | 37 ----------------------------- modules/flake/modules.nix | 15 ------------ 2 files changed, 52 deletions(-) delete mode 100644 .github/workflows/build-modules.yml delete mode 100644 modules/flake/modules.nix diff --git a/.github/workflows/build-modules.yml b/.github/workflows/build-modules.yml deleted file mode 100644 index 413d75a..0000000 --- a/.github/workflows/build-modules.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: "Nix: build nixos-/home modules" - -on: - workflow_dispatch: - # push: - # paths: - # - "modules/**.nix" - # - "**.lock" - # - ".github/workflows/build-modules.yml" - -jobs: - check-flake: - name: Validate x86_64-linux - runs-on: ubuntu-latest - strategy: - matrix: - outputs: [nixosModules, homeModules] - - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ github.ref_name }} - persist-credentials: false - - - name: Install Lix - uses: ./.github/actions/install-lix - - - name: Setup Attic cache - uses: ryanccn/attic-action@v0.3.2 - with: - endpoint: https://cache.thevoid.cafe - cache: puzzlevision - token: ${{ secrets.ATTIC_TOKEN }} - - - name: Buid flake - run: nix build .#nixosModules.puzzlevision diff --git a/modules/flake/modules.nix b/modules/flake/modules.nix deleted file mode 100644 index a9448b8..0000000 --- a/modules/flake/modules.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ self, ... }: -{ - flake = { - # TODO: figure out why this isn't working correctly - nixosModules.puzzlevision = self.lib.mkModule { - class = "nixos"; - modules = self.lib.dirToModuleList ../nixos; - }; - - homeModules.puzzlevision = self.lib.mkModule { - class = "home"; - modules = self.lib.dirToModuleList ../home; - }; - }; -} From 83fcfe791616bd3243745ef8ded73cdfa4218041 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:24:10 +0200 Subject: [PATCH 03/13] =?UTF-8?q?=F0=9F=91=B7=20Nix=20->=20Lix,=20and=20sc?= =?UTF-8?q?an=20more=20file=20types=20for=20exposed=20secrets?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/actions/install-lix/action.yml | 2 +- .github/workflows/check-leaks.yml | 2 ++ .github/workflows/deadnix.yml | 4 ++-- .github/workflows/validate.yml | 5 +---- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/actions/install-lix/action.yml b/.github/actions/install-lix/action.yml index c41afc1..3e0ffac 100644 --- a/.github/actions/install-lix/action.yml +++ b/.github/actions/install-lix/action.yml @@ -1,4 +1,4 @@ -# Taken from: https://github.com/isabelroses/dotfiles/blob/9335e5728eaaa9bdcb0d5c3130a5d7c8dddbb6e3/.github/actions/install-lix/action.yml :3 +# Derived from: https://github.com/isabelroses/dotfiles/blob/9335e5728eaaa9bdcb0d5c3130a5d7c8dddbb6e3/.github/actions/install-lix/action.yml :3 name: Install Lix description: "Install Lix for the specified system" diff --git a/.github/workflows/check-leaks.yml b/.github/workflows/check-leaks.yml index 08d6f1f..244096b 100644 --- a/.github/workflows/check-leaks.yml +++ b/.github/workflows/check-leaks.yml @@ -7,6 +7,8 @@ on: paths: - "**.nix" - ".github/workflows/check-leaks.yml" + - "**.yaml" + - "**.md" permissions: contents: read diff --git a/.github/workflows/deadnix.yml b/.github/workflows/deadnix.yml index e7a32dd..b4e5211 100644 --- a/.github/workflows/deadnix.yml +++ b/.github/workflows/deadnix.yml @@ -14,8 +14,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@main - - - name: Install lix + + - name: Install Lix uses: ./.github/actions/install-lix - uses: phucleeuwu/deadnix-action@v1 diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 4f3e1b3..05c56a9 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -16,11 +16,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - with: - ref: ${{ github.ref_name }} - persist-credentials: false - - name: Install Nix + - name: Install Lix uses: ./.github/actions/install-lix - name: Validate Flake From 7d17d31ed8e58f6dd99d231b938630e14fc4794c Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:26:34 +0200 Subject: [PATCH 04/13] =?UTF-8?q?=E2=9A=A1=EF=B8=8F=20Add=20back=20Swapfil?= =?UTF-8?q?e=20and=20remove=20old=20extraHosts=20entry?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- systems/x86_64-nixos/puzzlevision/default.nix | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/systems/x86_64-nixos/puzzlevision/default.nix b/systems/x86_64-nixos/puzzlevision/default.nix index f897aa2..d8a861c 100644 --- a/systems/x86_64-nixos/puzzlevision/default.nix +++ b/systems/x86_64-nixos/puzzlevision/default.nix @@ -34,17 +34,13 @@ archetypes.laptop.enable = true; }; - networking.extraHosts = '' - 127.0.0.1 dev.bl-projekte.de - ''; - # Configure 8GB SWAP partition - # swapDevices = [ - # { - # device = "/swapfile"; - # size = 8 * 1024; - # } - # ]; + swapDevices = [ + { + device = "/swapfile"; + size = 8 * 1024; + } + ]; boot = { # Configure additional kernel modules. From 1a09cad6562e3604e913996282644428da7d3559 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:27:23 +0200 Subject: [PATCH 05/13] =?UTF-8?q?=E2=9C=A8=20Add=20Minegrub=20theme?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.nix | 1 + modules/flake/default.nix | 3 --- modules/flake/systems.nix | 1 + systems/x86_64-nixos/puzzlevision/default.nix | 11 +++++++++++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index 44ab739..83a7179 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,7 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; easy-hosts.url = "github:tgirlcloud/easy-hosts"; sops-nix.url = "github:Mic92/sops-nix"; + minegrub-theme.url = "github:Lxtharia/minegrub-theme"; flake-parts = { url = "github:hercules-ci/flake-parts"; diff --git a/modules/flake/default.nix b/modules/flake/default.nix index 1edda45..bc8eafb 100644 --- a/modules/flake/default.nix +++ b/modules/flake/default.nix @@ -3,9 +3,6 @@ # Automagically imports libs from "/lib/lib-name" and exposes them to the `flake.lib` output. ./lib.nix - # Exposes nixosModules and homeModules on flake outputs. - ./modules.nix - # Automagically imports systems from "/systems/arch-classname/system-name". ./systems.nix ]; diff --git a/modules/flake/systems.nix b/modules/flake/systems.nix index 6819c18..346ff1d 100644 --- a/modules/flake/systems.nix +++ b/modules/flake/systems.nix @@ -18,6 +18,7 @@ (lib.optionals (class == "nixos") [ inputs.home-manager.nixosModules.default inputs.sops-nix.nixosModules.sops + inputs.minegrub-theme.nixosModules.default ]) ++ (self.lib.dirToModuleList ../${class}); # Import modules based on current classname. }; diff --git a/systems/x86_64-nixos/puzzlevision/default.nix b/systems/x86_64-nixos/puzzlevision/default.nix index d8a861c..da2fc54 100644 --- a/systems/x86_64-nixos/puzzlevision/default.nix +++ b/systems/x86_64-nixos/puzzlevision/default.nix @@ -51,6 +51,17 @@ blacklistedKernelModules = [ "rtw88_8821ce" # Block the default network-card driver. ]; + + # Grub configuration + loader.grub = { + # Minecraft bootloader theme + minegrub-theme = { + enable = true; + splash = "100% Flakes!"; + background = "background_options/1.18 - [Caves And Cliffs 2].png"; + boot-options-count = 4; + }; + }; }; networking.hostName = "puzzlevision"; From 795cdb46ba7dda234a546641d2375f75262054d7 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:28:55 +0200 Subject: [PATCH 06/13] =?UTF-8?q?=F0=9F=92=A5=20Update=20system=20state=20?= =?UTF-8?q?version?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- systems/x86_64-nixos/puzzlevision/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/x86_64-nixos/puzzlevision/default.nix b/systems/x86_64-nixos/puzzlevision/default.nix index da2fc54..20f3332 100644 --- a/systems/x86_64-nixos/puzzlevision/default.nix +++ b/systems/x86_64-nixos/puzzlevision/default.nix @@ -65,5 +65,5 @@ }; networking.hostName = "puzzlevision"; - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } From 3e43b52795a7af67fe7365f62e2869829f905234 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:29:43 +0200 Subject: [PATCH 07/13] =?UTF-8?q?=F0=9F=91=B7=20Add=20flake.lock=20validat?= =?UTF-8?q?ion=20pipeline=20(tgirlcloud/locker)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/validate-lock.yml | 22 ++ flake.lock | 481 +++++++++++++++------------- 2 files changed, 280 insertions(+), 223 deletions(-) create mode 100644 .github/workflows/validate-lock.yml diff --git a/.github/workflows/validate-lock.yml b/.github/workflows/validate-lock.yml new file mode 100644 index 0000000..eee89ce --- /dev/null +++ b/.github/workflows/validate-lock.yml @@ -0,0 +1,22 @@ +name: "Nix: validate flake.lock" + +on: + workflow_dispatch: + push: + paths: + - "**.lock" + +jobs: + check-flake: + name: Check Lockfile + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Lix + uses: ./.github/actions/install-lix + + - name: Check flake.lock + run: nix run github:tgirlcloud/locker diff --git a/flake.lock b/flake.lock index 83b78b3..12ca147 100644 --- a/flake.lock +++ b/flake.lock @@ -1,225 +1,260 @@ { - "nodes": { - "catppuccin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753702336, - "narHash": "sha256-IVFUQV6egGQHnm+I183OT+4ct/ka1IWA5u/0A9I/YV4=", - "owner": "catppuccin", - "repo": "nix", - "rev": "b32de96c3c5384c83b0f4d741ec58a7f97c9ab11", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "nix", - "type": "github" - } - }, - "easy-hosts": { - "locked": { - "lastModified": 1752516011, - "narHash": "sha256-YDLW+UdELQndUk2FNe6HixNqkMUPZi+zKuQNEHW6Czo=", - "owner": "tgirlcloud", - "repo": "easy-hosts", - "rev": "72dc72f9198fedbf091a1a705c24f0cff4f4b6bb", - "type": "github" - }, - "original": { - "owner": "tgirlcloud", - "repo": "easy-hosts", - "type": "github" - } - }, - "flake-compat": { - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "revCount": 69, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753121425, - "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753709185, - "narHash": "sha256-fU0XPSNudRJHvbeMK2qWBXEbfd77t7r+e9V2L9ON5kI=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "20cf285e9f8e5e3968abca80081c03ea96e7ea73", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "nixcord": { - "inputs": { - "flake-compat": "flake-compat", - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1753581565, - "narHash": "sha256-ci4ue5LefosqA2Cv+yqufb2E7/KIfIRXOS0mXA/3C9E=", - "owner": "kaylorben", - "repo": "nixcord", - "rev": "cd1d051aeb24912007cef00329b3f5c394e52042", - "type": "github" - }, - "original": { - "owner": "kaylorben", - "repo": "nixcord", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1749494155, - "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "88331c17ba434359491e8d5889cce872464052c2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1748740939, - "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "656a64127e9d791a334452c6b6606d17539476e2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1753549186, - "narHash": "sha256-Znl7rzuxKg/Mdm6AhimcKynM7V3YeNDIcLjBuoBcmNs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "17f6bd177404d6d43017595c5264756764444ab8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1744868846, - "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "catppuccin": "catppuccin", - "easy-hosts": "easy-hosts", - "flake-parts": "flake-parts", - "home-manager": "home-manager", - "nixcord": "nixcord", - "nixpkgs": "nixpkgs_2", - "sops-nix": "sops-nix" - } - }, - "sops-nix": { - "inputs": { - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1752544651, - "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", - "owner": "Mic92", - "repo": "sops-nix", - "rev": "2c8def626f54708a9c38a5861866660395bb3461", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "sops-nix", - "type": "github" - } - } - }, - "root": "root", - "version": 7 + "nodes": { + "catppuccin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753702336, + "narHash": "sha256-IVFUQV6egGQHnm+I183OT+4ct/ka1IWA5u/0A9I/YV4=", + "owner": "catppuccin", + "repo": "nix", + "rev": "b32de96c3c5384c83b0f4d741ec58a7f97c9ab11", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nix", + "type": "github" + } + }, + "easy-hosts": { + "locked": { + "lastModified": 1752516011, + "narHash": "sha256-YDLW+UdELQndUk2FNe6HixNqkMUPZi+zKuQNEHW6Czo=", + "owner": "tgirlcloud", + "repo": "easy-hosts", + "rev": "72dc72f9198fedbf091a1a705c24f0cff4f4b6bb", + "type": "github" + }, + "original": { + "owner": "tgirlcloud", + "repo": "easy-hosts", + "type": "github" + } + }, + "flake-compat": { + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753709185, + "narHash": "sha256-fU0XPSNudRJHvbeMK2qWBXEbfd77t7r+e9V2L9ON5kI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "20cf285e9f8e5e3968abca80081c03ea96e7ea73", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "minegrub-theme": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1752413064, + "narHash": "sha256-bcWxBAAvf5hp0TmMbYrwU4SlBxc5sB/T2VsIBdX1gDk=", + "owner": "Lxtharia", + "repo": "minegrub-theme", + "rev": "040b163268be6e7cf743ba990177525dc47ed944", + "type": "github" + }, + "original": { + "owner": "Lxtharia", + "repo": "minegrub-theme", + "type": "github" + } + }, + "nixcord": { + "inputs": { + "flake-compat": "flake-compat", + "flake-parts": "flake-parts_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1753581565, + "narHash": "sha256-ci4ue5LefosqA2Cv+yqufb2E7/KIfIRXOS0mXA/3C9E=", + "owner": "kaylorben", + "repo": "nixcord", + "rev": "cd1d051aeb24912007cef00329b3f5c394e52042", + "type": "github" + }, + "original": { + "owner": "kaylorben", + "repo": "nixcord", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1689850295, + "narHash": "sha256-fUYf6WdQlhd2H+3aR8jST5dhFH1d0eE22aes8fNIfyk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5df4d78d54f7a34e9ea1f84a22b4fd9baebc68d0", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1749494155, + "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "88331c17ba434359491e8d5889cce872464052c2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1753549186, + "narHash": "sha256-Znl7rzuxKg/Mdm6AhimcKynM7V3YeNDIcLjBuoBcmNs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "17f6bd177404d6d43017595c5264756764444ab8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1744868846, + "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "catppuccin": "catppuccin", + "easy-hosts": "easy-hosts", + "flake-parts": "flake-parts", + "home-manager": "home-manager", + "minegrub-theme": "minegrub-theme", + "nixcord": "nixcord", + "nixpkgs": "nixpkgs_3", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1752544651, + "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "2c8def626f54708a9c38a5861866660395bb3461", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 } From f4c0982a4d8c5cd1faa96de7934e785a30b393d4 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:42:02 +0200 Subject: [PATCH 08/13] =?UTF-8?q?=F0=9F=91=B7=20Use=20tgirlcloud/pkgs=20re?= =?UTF-8?q?po=20for=20locker=20pipeline?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/actions/install-lix/action.yml | 4 ++-- .github/workflows/validate-lock.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/install-lix/action.yml b/.github/actions/install-lix/action.yml index 3e0ffac..b61570c 100644 --- a/.github/actions/install-lix/action.yml +++ b/.github/actions/install-lix/action.yml @@ -13,5 +13,5 @@ runs: diagnostic-endpoint: "" extra-conf: | experimental-features = flakes nix-command - substituters = https://nix-community.cachix.org https://catppuccin.cachix.org https://cache.nixos.org/ - trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= catppuccin.cachix.org-1:noG/4HkbhJb+lUAdKrph6LaozJvAeEEZj4N732IysmU= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= + substituters = https://nix-community.cachix.org https://catppuccin.cachix.org https://cache.nixos.org/ https://cache.tgirl.cloud + trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= catppuccin.cachix.org-1:noG/4HkbhJb+lUAdKrph6LaozJvAeEEZj4N732IysmU= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= tgirlcloud:vcV9oxS9pLXyeu1dVnBabLalLlw0yJzu6PakQM372t0= diff --git a/.github/workflows/validate-lock.yml b/.github/workflows/validate-lock.yml index eee89ce..220f83a 100644 --- a/.github/workflows/validate-lock.yml +++ b/.github/workflows/validate-lock.yml @@ -19,4 +19,4 @@ jobs: uses: ./.github/actions/install-lix - name: Check flake.lock - run: nix run github:tgirlcloud/locker + run: nix run github:tgirlcloud/pkgs#locker From 880ae420ea2a6f17d5663064cd5a9587c51308ff Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 21:51:05 +0200 Subject: [PATCH 09/13] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Update=20flake=20inp?= =?UTF-8?q?uts=20(2025-07-28)=20and=20remove=20lockfile=20duplicates?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/actions/install-lix/action.yml | 2 +- flake.lock | 443 +++++++++++-------------- flake.nix | 14 +- 3 files changed, 198 insertions(+), 261 deletions(-) diff --git a/.github/actions/install-lix/action.yml b/.github/actions/install-lix/action.yml index b61570c..2170b8d 100644 --- a/.github/actions/install-lix/action.yml +++ b/.github/actions/install-lix/action.yml @@ -13,5 +13,5 @@ runs: diagnostic-endpoint: "" extra-conf: | experimental-features = flakes nix-command - substituters = https://nix-community.cachix.org https://catppuccin.cachix.org https://cache.nixos.org/ https://cache.tgirl.cloud + substituters = https://nix-community.cachix.org https://catppuccin.cachix.org https://cache.nixos.org/ https://cache.tgirl.cloud/tgirlcloud trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= catppuccin.cachix.org-1:noG/4HkbhJb+lUAdKrph6LaozJvAeEEZj4N732IysmU= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= tgirlcloud:vcV9oxS9pLXyeu1dVnBabLalLlw0yJzu6PakQM372t0= diff --git a/flake.lock b/flake.lock index 12ca147..af0d66b 100644 --- a/flake.lock +++ b/flake.lock @@ -1,260 +1,187 @@ { - "nodes": { - "catppuccin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753702336, - "narHash": "sha256-IVFUQV6egGQHnm+I183OT+4ct/ka1IWA5u/0A9I/YV4=", - "owner": "catppuccin", - "repo": "nix", - "rev": "b32de96c3c5384c83b0f4d741ec58a7f97c9ab11", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "nix", - "type": "github" - } - }, - "easy-hosts": { - "locked": { - "lastModified": 1752516011, - "narHash": "sha256-YDLW+UdELQndUk2FNe6HixNqkMUPZi+zKuQNEHW6Czo=", - "owner": "tgirlcloud", - "repo": "easy-hosts", - "rev": "72dc72f9198fedbf091a1a705c24f0cff4f4b6bb", - "type": "github" - }, - "original": { - "owner": "tgirlcloud", - "repo": "easy-hosts", - "type": "github" - } - }, - "flake-compat": { - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "revCount": 69, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753121425, - "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753709185, - "narHash": "sha256-fU0XPSNudRJHvbeMK2qWBXEbfd77t7r+e9V2L9ON5kI=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "20cf285e9f8e5e3968abca80081c03ea96e7ea73", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "minegrub-theme": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1752413064, - "narHash": "sha256-bcWxBAAvf5hp0TmMbYrwU4SlBxc5sB/T2VsIBdX1gDk=", - "owner": "Lxtharia", - "repo": "minegrub-theme", - "rev": "040b163268be6e7cf743ba990177525dc47ed944", - "type": "github" - }, - "original": { - "owner": "Lxtharia", - "repo": "minegrub-theme", - "type": "github" - } - }, - "nixcord": { - "inputs": { - "flake-compat": "flake-compat", - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1753581565, - "narHash": "sha256-ci4ue5LefosqA2Cv+yqufb2E7/KIfIRXOS0mXA/3C9E=", - "owner": "kaylorben", - "repo": "nixcord", - "rev": "cd1d051aeb24912007cef00329b3f5c394e52042", - "type": "github" - }, - "original": { - "owner": "kaylorben", - "repo": "nixcord", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1689850295, - "narHash": "sha256-fUYf6WdQlhd2H+3aR8jST5dhFH1d0eE22aes8fNIfyk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5df4d78d54f7a34e9ea1f84a22b4fd9baebc68d0", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1748740939, - "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "656a64127e9d791a334452c6b6606d17539476e2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1749494155, - "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "88331c17ba434359491e8d5889cce872464052c2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1753549186, - "narHash": "sha256-Znl7rzuxKg/Mdm6AhimcKynM7V3YeNDIcLjBuoBcmNs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "17f6bd177404d6d43017595c5264756764444ab8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1744868846, - "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "catppuccin": "catppuccin", - "easy-hosts": "easy-hosts", - "flake-parts": "flake-parts", - "home-manager": "home-manager", - "minegrub-theme": "minegrub-theme", - "nixcord": "nixcord", - "nixpkgs": "nixpkgs_3", - "sops-nix": "sops-nix" - } - }, - "sops-nix": { - "inputs": { - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "lastModified": 1752544651, - "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", - "owner": "Mic92", - "repo": "sops-nix", - "rev": "2c8def626f54708a9c38a5861866660395bb3461", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "sops-nix", - "type": "github" - } - } - }, - "root": "root", - "version": 7 + "nodes": { + "catppuccin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753702336, + "narHash": "sha256-IVFUQV6egGQHnm+I183OT+4ct/ka1IWA5u/0A9I/YV4=", + "owner": "catppuccin", + "repo": "nix", + "rev": "b32de96c3c5384c83b0f4d741ec58a7f97c9ab11", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nix", + "type": "github" + } + }, + "easy-hosts": { + "locked": { + "lastModified": 1752516011, + "narHash": "sha256-YDLW+UdELQndUk2FNe6HixNqkMUPZi+zKuQNEHW6Czo=", + "owner": "tgirlcloud", + "repo": "easy-hosts", + "rev": "72dc72f9198fedbf091a1a705c24f0cff4f4b6bb", + "type": "github" + }, + "original": { + "owner": "tgirlcloud", + "repo": "easy-hosts", + "type": "github" + } + }, + "flake-compat": { + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753732062, + "narHash": "sha256-vojVM0SgFP8crFh1LDDXkzaI9/er/1cuRfbNPhfBHyc=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f49e872f55e36e67ebcb906ff65f86c7a1538f7c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "minegrub-theme": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1752413064, + "narHash": "sha256-bcWxBAAvf5hp0TmMbYrwU4SlBxc5sB/T2VsIBdX1gDk=", + "owner": "Lxtharia", + "repo": "minegrub-theme", + "rev": "040b163268be6e7cf743ba990177525dc47ed944", + "type": "github" + }, + "original": { + "owner": "Lxtharia", + "repo": "minegrub-theme", + "type": "github" + } + }, + "nixcord": { + "inputs": { + "flake-compat": "flake-compat", + "flake-parts": [ + "flake-parts" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753581565, + "narHash": "sha256-ci4ue5LefosqA2Cv+yqufb2E7/KIfIRXOS0mXA/3C9E=", + "owner": "kaylorben", + "repo": "nixcord", + "rev": "cd1d051aeb24912007cef00329b3f5c394e52042", + "type": "github" + }, + "original": { + "owner": "kaylorben", + "repo": "nixcord", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1753549186, + "narHash": "sha256-Znl7rzuxKg/Mdm6AhimcKynM7V3YeNDIcLjBuoBcmNs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "17f6bd177404d6d43017595c5264756764444ab8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "catppuccin": "catppuccin", + "easy-hosts": "easy-hosts", + "flake-parts": "flake-parts", + "home-manager": "home-manager", + "minegrub-theme": "minegrub-theme", + "nixcord": "nixcord", + "nixpkgs": "nixpkgs", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1752544651, + "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "2c8def626f54708a9c38a5861866660395bb3461", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 } diff --git a/flake.nix b/flake.nix index 83a7179..972e9fd 100644 --- a/flake.nix +++ b/flake.nix @@ -21,8 +21,11 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; easy-hosts.url = "github:tgirlcloud/easy-hosts"; - sops-nix.url = "github:Mic92/sops-nix"; - minegrub-theme.url = "github:Lxtharia/minegrub-theme"; + + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; flake-parts = { url = "github:hercules-ci/flake-parts"; @@ -41,6 +44,13 @@ nixcord = { url = "github:kaylorben/nixcord"; + inputs.flake-parts.follows = "flake-parts"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + minegrub-theme = { + url = "github:Lxtharia/minegrub-theme"; + inputs.nixpkgs.follows = "nixpkgs"; }; }; From 353573e280e8110a95aacd55f0ba2b3658c45ad1 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 22:19:54 +0200 Subject: [PATCH 10/13] =?UTF-8?q?=F0=9F=93=9D=20Update=20README.md=20to=20?= =?UTF-8?q?reflect=20recent=20changes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 45 +++++++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 75910ae..c5941e3 100644 --- a/README.md +++ b/README.md @@ -11,22 +11,18 @@
-## 🚧 State of development -All the basic functionality of v2 should be working correctly, including: +## 💡 How does this work? +At its core, version 2 of my NixOS flake was aimed at improving the following regions of my previous setup: -- The custom lib implementation at self.lib, recursively built from the contents of the `lib` directory. +- Implementing my own custom library at self.lib, recursively built from the contents of the `lib` directory. - Loading of systems from the `systems` directory, using easy-hosts. - - A basic workstation archetype for desktop systems. -- Creating users in your systems through ${self.namespace}.users, -automatically maps home-manager configurations from the `homes` directory to their corresponding users. + - Archetypes for various systems, as seen in [Jake Hamilton's](https://github.com/jakehamilton) flake. +- Creating users in my systems through a unified NixOS module, with automated home-manager setups derived from the `homes` directory. -Since I am actively using this configuration on my main workstation, things are evolving quickly, -leftover issues are actively being resolved and the list of modules is ever-growing. -Nonetheless, one should still consider this implementation experimental. +Since I am actively using this configuration on my main workstation and Server, things have mostly stabilized, +leftover issues are sparse and the list of modules is nearing completion (for my purposes that is). -My next goal is to setup an attic binary cache, -with a build/release workflow that runs in regular intervals. -(similar to isabelroses's workflow setup) +As such, I personally consider this flake production ready. ## 🚀 Deployment To deploy a system run the following command in your terminal of choice. @@ -97,15 +93,23 @@ To be specific, it does the following: 2. Installs nix with some experimental features (flakes, nix-command, recursive-nix, pipe-operator) 3. Runs `nix flake check` on the codebase -## 📝 Goals and improvements -The main goals of this rewritten flake are: +#### ↪️ `Nix: validate flake.lock` +This workflow can be found in `.github/workflows/validate-lock.yml`. +It simply scans flake lockfiles for duplicate entries using `nix run github:tgirlcloud/pkgs#locker`. +Under the hood it makes use of the locker lockfile linter, created by the [tgirlcloud](https://github.com/tgirlcloud) team (mostly [isabelroses](https://github.com/isabelroses). -- using flake-parts in place of Snowfall lib -- significantly improving the re-usability of all modules -- avoiding anti-patterns, such as `with lib; with lib.${namespace};` -- improved secrets management -- keeping external assets closer to their related nix file, e.g. wallpapers in -the desktop modules folder +To be specific, it does the following: +1. Checks out current branch +2. Installs nix with some experimental features (flakes, nix-command) +3. Runs `nix run github:tgirlcloud/pkgs#locker` on the codebase + +## 📝 Future goals and improvements (2025-07-28) +Some of my future goals for this flake are: + +- Implementing an automated release workflow with semver versioning, e.g. 2.3.0. +- Experimenting with various window-managers, especially Niri, though not set in stone yet. +- Researching performance best-practices for hardware and implementing patches based on those. +- Further refining my usage of the Nix language, through language best-practices and CLI dev tools. ## 🏗️ Structure The structure this flake aims to build on is relatively simple to grasp. @@ -131,5 +135,6 @@ and documentations such as: - [flake-parts](https://flake.parts) - [NixOS and Flakes book](https://nixos-and-flakes.thiscute.world) +- [The official NixOS wiki](https://wiki.nixos.org) many thanks to their hard work! From b0ba265eb02833cbd3f787cf3b05ed0597b6a90f Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 22:21:41 +0200 Subject: [PATCH 11/13] =?UTF-8?q?=F0=9F=93=9D=20Slightly=20reword=20intro?= =?UTF-8?q?=20section=20of=20README.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c5941e3..a2a3bf5 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@
-## 💡 How does this work? +## 💡 Why the need for a second version? | What's the status? | Is this stable? At its core, version 2 of my NixOS flake was aimed at improving the following regions of my previous setup: - Implementing my own custom library at self.lib, recursively built from the contents of the `lib` directory. From b872948a7a29e643495f556380fbca933f58585d Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 22:27:22 +0200 Subject: [PATCH 12/13] =?UTF-8?q?=F0=9F=93=9D=20Update=20README=20intro=20?= =?UTF-8?q?wording=20one=20last=20time...?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a2a3bf5..08919f4 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@
-## 💡 Why the need for a second version? | What's the status? | Is this stable? +## 💡 Why the need for a second version? At its core, version 2 of my NixOS flake was aimed at improving the following regions of my previous setup: - Implementing my own custom library at self.lib, recursively built from the contents of the `lib` directory. From 8f2edb8a0f18885be89e6a3bff9988b8f59bde00 Mon Sep 17 00:00:00 2001 From: Jo Date: Mon, 28 Jul 2025 22:33:15 +0200 Subject: [PATCH 13/13] =?UTF-8?q?=F0=9F=93=9D=20Update=20CI/CD=20section?= =?UTF-8?q?=20and=20fix=20typo?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 08919f4..df3a877 100644 --- a/README.md +++ b/README.md @@ -73,7 +73,7 @@ nix-shell -p sops --run "sops updatekeys secrets/example.yaml" ``` ## 👷 CI/CD coverage -Currently, this repository houses 2 workflows, which are executed when pushing to the v2 branch. +Currently, this repository houses 4 workflows, which are executed when pushing to the v2 branch. #### ↪️ `Nix: check for unused code` This workflow can be found in `.github/workflows/deadnix.yml`, @@ -96,13 +96,18 @@ To be specific, it does the following: #### ↪️ `Nix: validate flake.lock` This workflow can be found in `.github/workflows/validate-lock.yml`. It simply scans flake lockfiles for duplicate entries using `nix run github:tgirlcloud/pkgs#locker`. -Under the hood it makes use of the locker lockfile linter, created by the [tgirlcloud](https://github.com/tgirlcloud) team (mostly [isabelroses](https://github.com/isabelroses). +Under the hood it makes use of the locker lockfile linter, created by the [tgirlcloud](https://github.com/tgirlcloud) team (mostly [isabelroses](https://github.com/isabelroses)). To be specific, it does the following: 1. Checks out current branch 2. Installs nix with some experimental features (flakes, nix-command) 3. Runs `nix run github:tgirlcloud/pkgs#locker` on the codebase +#### ↪️ `Trufflehog: check for exposed secrets` +This workflow can be found in `.github/workflows/check-leaks.yml`. +It runs the Trufflehog security tools on the entire repository, and tries to detect any leaked credentials. +This is a last barrier of defense to minimise damage, in case of an emergency. + ## 📝 Future goals and improvements (2025-07-28) Some of my future goals for this flake are: