diff --git a/flake.lock b/flake.lock index 6c1016c..904c787 100644 --- a/flake.lock +++ b/flake.lock @@ -2,17 +2,16 @@ "nodes": { "dibbler": { "inputs": { - "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1769362210, - "narHash": "sha256-QCQD7Ofin5UYL0i5Sv34gfJ0p5pv1hwZspE/Ufe84L8=", + "lastModified": 1769400154, + "narHash": "sha256-K0OeXzFCUZTkCBxUDr3U3ah0odS/urtNVG09WDl+HAA=", "ref": "main", - "rev": "1d01e1b2cb8fb2adee96c0b4f065c43c45eae290", - "revCount": 229, + "rev": "8e84669d9bf963d5e46bac37fe9b0aa8e8be2d01", + "revCount": 230, "type": "git", "url": "https://git.pvv.ntnu.no/Projects/dibbler.git" }, @@ -61,23 +60,6 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "id": "flake-utils", - "type": "indirect" - } - }, "gergle": { "inputs": { "nixpkgs": [ @@ -479,21 +461,6 @@ "repo": "sops-nix", "type": "github" } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index e127b82..2d59513 100644 --- a/flake.nix +++ b/flake.nix @@ -69,37 +69,54 @@ in { inputs = lib.mapAttrs (_: src: src.outPath) inputs; - pkgs = forAllSystems (system: - import nixpkgs { - inherit system; - config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) - [ - "nvidia-x11" - "nvidia-settings" - ]; - }); + pkgs = forAllSystems (system: import nixpkgs { + inherit system; + config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) + [ + "nvidia-x11" + "nvidia-settings" + ]; + }); nixosConfigurations = let - unstablePkgs = nixpkgs-unstable.legacyPackages.x86_64-linux; - nixosConfig = nixpkgs: name: configurationPath: extraArgs@{ - system ? "x86_64-linux", + localSystem ? "x86_64-linux", # buildPlatform + crossSystem ? "x86_64-linux", # hostPlatform specialArgs ? { }, modules ? [ ], overlays ? [ ], enableDefaults ? true, ... }: + let + commonPkgsConfig = { + inherit localSystem crossSystem; + config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) + [ + "nvidia-x11" + "nvidia-settings" + ]; + overlays = (lib.optionals enableDefaults [ + # Global overlays go here + inputs.roowho2.overlays.default + ]) ++ overlays; + }; + + pkgs = import nixpkgs commonPkgsConfig; + unstablePkgs = import nixpkgs-unstable commonPkgsConfig; + in lib.nixosSystem (lib.recursiveUpdate { - inherit system; + system = crossSystem; + + inherit pkgs; specialArgs = { - inherit unstablePkgs inputs; + inherit inputs unstablePkgs; values = import ./values.nix; fp = path: ./${path}; } // specialArgs; @@ -113,22 +130,10 @@ sops-nix.nixosModules.sops inputs.roowho2.nixosModules.default ]) ++ modules; - - pkgs = import nixpkgs { - inherit system; - config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) - [ - "nvidia-x11" - "nvidia-settings" - ]; - overlays = (lib.optionals enableDefaults [ - # Global overlays go here - inputs.roowho2.overlays.default - ]) ++ overlays; - }; } (builtins.removeAttrs extraArgs [ - "system" + "localSystem" + "crossSystem" "modules" "overlays" "specialArgs" @@ -163,7 +168,6 @@ bekkalokk = stableNixosConfig "bekkalokk" { overlays = [ (final: prev: { - heimdal = unstablePkgs.heimdal; mediawiki-extensions = final.callPackage ./packages/mediawiki-extensions { }; simplesamlphp = final.callPackage ./packages/simplesamlphp { }; bluemap = final.callPackage ./packages/bluemap.nix { }; @@ -221,17 +225,37 @@ inputs.gergle.overlays.default ]; }; - skrott = stableNixosConfig "skrott" { - system = "aarch64-linux"; + } + // + (let + skrottConfig = { modules = [ (nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64.nix") inputs.dibbler.nixosModules.default ]; overlays = [ inputs.dibbler.overlays.default + (final: prev: { + atool = prev.emptyDirectory; + neovim = prev.vim; + micro = prev.vim; + }) ]; }; - } + in { + skrott = stableNixosConfig "skrott" (skrottConfig // { + localSystem = "x86_64-linux"; + crossSystem = "aarch64-linux"; + }); + skrott-x86_64 = stableNixosConfig "skrott" (skrottConfig // { + localSystem = "x86_64-linux"; + crossSystem = "x86_64-linux"; + }); + skrott-native = stableNixosConfig "skrott" (skrottConfig // { + localSystem = "aarch64-linux"; + crossSystem = "aarch64-linux"; + }); + }) // (let machineNames = map (i: "lupine-${toString i}") (lib.range 1 5); @@ -295,6 +319,7 @@ # Skrott is exception { skrott = self.nixosConfigurations.skrott.config.system.build.sdImage; + skrott-native = self.nixosConfigurations.skrott-native.config.system.build.sdImage; } // # Nix-topology diff --git a/hosts/skrott/configuration.nix b/hosts/skrott/configuration.nix index b203032..896a379 100644 --- a/hosts/skrott/configuration.nix +++ b/hosts/skrott/configuration.nix @@ -1,10 +1,13 @@ -{ config, pkgs, lib, fp, values, ... }: { +{ config, pkgs, lib, modulesPath, fp, values, ... }: { imports = [ - # ./hardware-configuration.nix + (modulesPath + "/profiles/perlless.nix") (fp /base) ]; + # Disable import of a bunch of tools we don't need from nixpkgs. + disabledModules = [ "profiles/base.nix" ]; + sops.defaultSopsFile = fp /secrets/skrott/skrott.yaml; boot = { @@ -16,6 +19,8 @@ }; # Now turn off a bunch of stuff lol + # TODO: can we reduce further? + # See also https://nixcademy.com/posts/minimizing-nixos-images/ system.autoUpgrade.enable = lib.mkForce false; services.irqbalance.enable = lib.mkForce false; services.logrotate.enable = lib.mkForce false; @@ -25,10 +30,16 @@ services.udisks2.enable = lib.mkForce false; services.thermald.enable = lib.mkForce false; services.promtail.enable = lib.mkForce false; - boot.supportedFilesystems.zfs = lib.mkForce false; + # There aren't really that many firmware updates for rbpi3 anyway + services.fwupd.enable = lib.mkForce false; + documentation.enable = lib.mkForce false; - # TODO: can we reduce further? + environment.enableAllTerminfo = lib.mkForce false; + + programs.neovim.enable = lib.mkForce false; + programs.zsh.enable = lib.mkForce false; + programs.git.package = pkgs.gitMinimal; sops.secrets = { "dibbler/postgresql/password" = {