flake: Replace nixpkgs overrides with cleaner ones

flake.lock

@@ -173,6 +173,22 @@
         "type": "github"
       }
     },
+    "nixpkgs-unstable": {
+      "locked": {
+        "lastModified": 1728018373,
+        "narHash": "sha256-NOiTvBbRLIOe5F6RbHaAh6++BNjsb149fGZd1T4+KBg=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "bc947f541ae55e999ffdb4013441347d83b00feb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1698318101,
@@ -214,8 +230,8 @@
         "nix-minecraft": "nix-minecraft",
         "nixpkgs": "nixpkgs_3",
         "nixpkgs-2211": "nixpkgs-2211",
-        "sops-nix": "sops-nix",
+        "nixpkgs-unstable": "nixpkgs-unstable",
-        "unstable": "unstable"
+        "sops-nix": "sops-nix"
       }
     },
     "sops-nix": {
@@ -253,22 +269,6 @@
         "repo": "default",
         "type": "github"
       }
-    },
-    "unstable": {
-      "locked": {
-        "lastModified": 1726755586,
-        "narHash": "sha256-PmUr/2GQGvFTIJ6/Tvsins7Q43KTMvMFhvG6oaYK+Wk=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "c04d5652cfa9742b1d519688f65d1bbccea9eb7e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -3,7 +3,7 @@
 
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
-    unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
     nixpkgs-2211.url = "https://github.com/NixOS/nixpkgs/archive/34bfa9403e42eece93d1a3740e9d8a02fceafbca.tar.gz"; # old nixpgks for e.g. remmina
 
     nix-darwin.url = "github:lnl7/nix-darwin/master";
@@ -29,132 +29,76 @@
     , nix-darwin
     , nixpkgs
     , nixpkgs-2211
+    , nixpkgs-unstable
     , sops-nix
-    , unstable
     , extra-config
   , ... }@inputs:
     let
       pkgs-overlay = final: prev: {
-        unstable = unstable.legacyPackages.${prev.system};
+        unstable = import nixpkgs-unstable {
-        nixpkgs-2211 = nixpkgs-2211.legacyPackages.${prev.system};
+          system = prev.system;
-
+          config.allowUnfree = true;
-        python311 = prev.python311.override {
-          packageOverrides = self: super: {
-            # k5test is broken on darwin, as of 24.05
-            gssapi = super.gssapi.overrideAttrs (old: {
-              doInstallCheck = false;
-            });
-          };
         };
 
-        tlclient = final.unstable.tlclient.overrideAttrs (finalAttrs: previousAttrs: {
+        nixpkgs-2211 = import nixpkgs-2211 {
-          # nixpkgs.config.allowUnfreePredicate doesn't work for the unstable overlay, as it is a different "nixpkgs"
+          system = prev.system;
-          meta.license.free = true;
+          config.allowUnfree = true;
-        });
+        };
       };
     in
     {
-      nixosConfigurations = {
+      nixosConfigurations = let
+        normalSys = name: config: nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          specialArgs = {
+            inherit inputs;
+          };
+          modules = [
+            ({ config, pkgs, ... }: {
+              # Make "pkgs.unstable" etc. available
+              nixpkgs.overlays = [ pkgs-overlay ] ++ config.overlays or [ ];
+            })
+
+            ./hosts/${name}/configuration.nix
+            sops-nix.nixosModules.sops
+            home-manager.nixosModules.home-manager {
+              home-manager.useGlobalPkgs = true;
+              home-manager.useUserPackages = true;
+              home-manager.users."felixalb" = import ./hosts/${name}/home.nix;
+            }
+          ] ++ config.modules or [ ];
+        };
+      in {
+
         # Networking / VPN Gateway
-        burnham = nixpkgs.lib.nixosSystem {
+        burnham = normalSys "burnham" {
-          system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
-          };
           modules = [
-            # Overlays-module makes "pkgs.unstable" available in configuration.nix
-            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
-
-            ./hosts/burnham/configuration.nix
             ./common/domeneshop-dyndns.nix
-            sops-nix.nixosModules.sops
-            home-manager.nixosModules.home-manager {
-              home-manager.useGlobalPkgs = true;
-              home-manager.useUserPackages = true;
-              home-manager.users."felixalb" = import ./hosts/burnham/home.nix;
-            }
           ];
         };
+
         # Media / storage server
-        challenger = nixpkgs.lib.nixosSystem {
+        challenger = normalSys "challenger" {
-          system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
-          };
           modules = [
-            # Overlays-module makes "pkgs.unstable" available in configuration.nix
-            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
-
-            ./hosts/challenger/configuration.nix
             extra-config.nixosModules.default
-            sops-nix.nixosModules.sops
-            home-manager.nixosModules.home-manager {
-              home-manager.useGlobalPkgs = true;
-              home-manager.useUserPackages = true;
-              home-manager.users."felixalb" = import ./hosts/challenger/home.nix;
-            }
           ];
         };
+
         # General application server
-        defiant = nixpkgs.lib.nixosSystem {
+        defiant = normalSys "defiant" {
-          system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
-          };
           modules = [
-            # Overlays-module makes "pkgs.unstable" available in configuration.nix
-            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
-
-            ./hosts/defiant/configuration.nix
             ./common/domeneshop-dyndns.nix
-            sops-nix.nixosModules.sops
             matrix-synapse-next.nixosModules.default
-            home-manager.nixosModules.home-manager {
-              home-manager.useGlobalPkgs = true;
-              home-manager.useUserPackages = true;
-              home-manager.users."felixalb" = import ./hosts/defiant/home.nix;
-            }
           ];
         };
+
         # Work desktop
-        felixalbpc = nixpkgs.lib.nixosSystem {
+        felixalbpc = normalSys "felixalbpc" { };
-          system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
-          };
-          modules = [
-            # Overlays-module makes "pkgs.unstable" available in configuration.nix
-            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
 
-            ./hosts/felixalbpc/configuration.nix
-            sops-nix.nixosModules.sops
-            home-manager.nixosModules.home-manager {
-              home-manager.useGlobalPkgs = true;
-              home-manager.useUserPackages = true;
-              home-manager.users."felixalb" = import ./hosts/felixalbpc/home.nix;
-            }
-          ];
-        };
         # Web host
-        malcolm = nixpkgs.lib.nixosSystem {
+        malcolm = normalSys "malcolm" { };
-          system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
       };
-          modules = [
-            # Overlays-module makes "pkgs.unstable" available in configuration.nix
-            ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
 
-            ./hosts/malcolm/configuration.nix
-            sops-nix.nixosModules.sops
-            home-manager.nixosModules.home-manager {
-              home-manager.useGlobalPkgs = true;
-              home-manager.useUserPackages = true;
-              home-manager.users."felixalb" = import ./hosts/malcolm/home.nix;
-            }
-          ];
-        };
-      };
       # Daily driver macbook
       darwinConfigurations.worf = nix-darwin.lib.darwinSystem {
         system = "aarch64-darwin";
@@ -162,14 +106,14 @@
           inherit inputs;
         };
         modules = [
-          ./hosts/worf/configuration.nix
           ({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
+
+          ./hosts/worf/configuration.nix
           home-manager.darwinModules.home-manager {
             home-manager.useGlobalPkgs = true;
             home-manager.useUserPackages = true;
             home-manager.users."felixalb" = import ./hosts/worf/home.nix;
           }
-          # sops-nix.nixosModules.sops
         ];
       };
 

hosts/challenger/configuration.nix

@@ -39,6 +39,7 @@
   environment.variables = { EDITOR = "vim"; };
   environment.systemPackages = with pkgs; [
     zfs
+    unstable.ncdu
   ];
 
   virtualisation.docker.enable = true;

hosts/defiant/configuration.nix

@@ -11,13 +11,13 @@
       # Infrastructure
       ./backup.nix
       ./libvirt.nix
+      ./services/dyndns.nix
       ./services/nginx.nix
       ./services/pihole.nix
       ./services/postgresql.nix
       ./services/wireguard.nix
 
       # Services
-      ./services/dyndns.nix
       ./services/flame.nix
       ./services/gitea.nix
       ./services/hedgedoc.nix

hosts/felixalbpc/home.nix

@@ -26,7 +26,7 @@ in {
     openstackclient
     pwgen
     rofi-rbw-x11
-    tlclient
+    unstable.tlclient
     traceroute
     w3m