From 6dfef30594b4b9921c2dbc30d79eb5f37a08e06c Mon Sep 17 00:00:00 2001 From: Harivansh Rathi Date: Sun, 29 Mar 2026 23:00:59 -0400 Subject: [PATCH] optimize flake shape and add devshell --- README.md | 17 +++- flake.lock | 34 +++++++ flake.nix | 163 +++++++++++++++++----------------- home/git.nix | 1 + hosts/netty/configuration.nix | 34 ++----- lib/hosts.nix | 21 +++++ modules/base.nix | 30 +++++-- modules/devshells.nix | 23 +++++ 8 files changed, 202 insertions(+), 121 deletions(-) create mode 100644 lib/hosts.nix create mode 100644 modules/devshells.nix diff --git a/README.md b/README.md index 04de368..8ed3e95 100644 --- a/README.md +++ b/README.md @@ -38,13 +38,22 @@ just secrets-sync # shell env vars -> ~/.config/secrets/shell.zsh just secrets-restore-files # SSH keys, AWS, GCloud, Codex, GitHub CLI ``` +## dev + +```bash +nix develop +just check +just fmt +``` + ## layout ``` -hosts/darwin/ - macOS nix-darwin config -hosts/netty/ - NixOS VPS config (disko + hardware) -modules/ - system-level modules (packages, macos defaults, homebrew) -home/ - Home Manager modules (shell, editor, tools) +hosts/darwin/ - macOS host entrypoint +hosts/netty/ - NixOS VPS entrypoint (disko + hardware) +modules/ - shared system modules + devshells +home/ - Home Manager modules +lib/hosts.nix - host metadata used by the flake lib/ - shared package sets and theme system config/ - repo-owned config files (nvim, tmux, etc.) scripts/ - secret management and utility scripts diff --git a/flake.lock b/flake.lock index 7bb5df8..9718ab1 100644 --- a/flake.lock +++ b/flake.lock @@ -76,6 +76,24 @@ "type": "github" } }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1772408722, + "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -226,6 +244,21 @@ "type": "github" } }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1772328832, + "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1767640445, @@ -265,6 +298,7 @@ "agentcomputer-cli": "agentcomputer-cli", "claudeCode": "claudeCode", "disko": "disko", + "flake-parts": "flake-parts", "googleworkspace-cli": "googleworkspace-cli", "home-manager": "home-manager", "nix-darwin": "nix-darwin", diff --git a/flake.nix b/flake.nix index 557a243..a95a5f6 100644 --- a/flake.nix +++ b/flake.nix @@ -3,6 +3,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + flake-parts.url = "github:hercules-ci/flake-parts"; nix-darwin = { url = "github:nix-darwin/nix-darwin/master"; @@ -24,7 +25,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - agentcomputer-cli = { url = "path:/Users/rathi/Documents/GitHub/companion/agentcomputer/apps/cli"; inputs.nixpkgs.follows = "nixpkgs"; @@ -44,96 +44,99 @@ }; }; - outputs = inputs @ { - self, - nixpkgs, - nix-darwin, - home-manager, - claudeCode, - nix-homebrew, - ... - }: let - darwinSystem = "aarch64-darwin"; - linuxSystem = "x86_64-linux"; - username = "rathi"; - darwinConfigName = "darwin"; - darwinMachineHostname = "hari-macbook-pro"; - linuxConfigName = "netty"; - linuxHostname = "netty"; - darwinPkgs = import nixpkgs {system = darwinSystem;}; - linuxPkgs = import nixpkgs { - system = linuxSystem; - config.allowUnfree = true; - }; - in { - formatter.${darwinSystem} = darwinPkgs.alejandra; - formatter.${linuxSystem} = linuxPkgs.alejandra; + outputs = + inputs@{ + self, + flake-parts, + nixpkgs, + nix-darwin, + home-manager, + nix-homebrew, + ... + }: + let + username = "rathi"; + hosts = import ./lib/hosts.nix { inherit username; }; - darwinConfigurations.${darwinConfigName} = nix-darwin.lib.darwinSystem { - system = darwinSystem; - specialArgs = { - inherit inputs self username; - hostname = darwinMachineHostname; - }; - modules = [ - ./hosts/${darwinConfigName} - home-manager.darwinModules.home-manager - nix-homebrew.darwinModules.nix-homebrew - { - users.users.${username}.home = "/Users/${username}"; + mkPkgs = + system: + import nixpkgs { + inherit system; + config.allowUnfree = true; + }; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { - inherit inputs self username; - hostname = darwinMachineHostname; - }; - home-manager.backupFileExtension = "hm-bak"; - home-manager.users.${username} = import ./home; - - nix-homebrew = { - enable = true; - enableRosetta = true; - user = username; - autoMigrate = true; - }; - } - ]; - }; - - nixosConfigurations.${linuxConfigName} = nixpkgs.lib.nixosSystem { - system = linuxSystem; - specialArgs = { - inherit inputs self username; - hostname = linuxHostname; - }; - modules = [ - inputs.disko.nixosModules.disko - ./hosts/${linuxConfigName}/configuration.nix - home-manager.nixosModules.home-manager + mkHomeManagerModule = + host: { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit inputs self username; - hostname = linuxHostname; + hostname = host.hostname; }; home-manager.backupFileExtension = "hm-bak"; - home-manager.users.${username} = import ./home/netty.nix; - } + home-manager.users.${username} = import host.homeModule; + }; + in + flake-parts.lib.mkFlake { inherit inputs; } { + systems = [ + hosts.darwin.system + hosts.netty.system ]; - }; - # Standalone Home Manager config (fallback for non-NixOS Linux) - homeConfigurations.${linuxConfigName} = home-manager.lib.homeManagerConfiguration { - pkgs = linuxPkgs; - extraSpecialArgs = { - inherit inputs self username; - hostname = linuxConfigName; - }; - modules = [ - ./hosts/${linuxConfigName} + imports = [ + ./modules/devshells.nix ]; + + flake = { + darwinConfigurations.${hosts.darwin.name} = nix-darwin.lib.darwinSystem { + system = hosts.darwin.system; + specialArgs = { + inherit inputs self username; + hostname = hosts.darwin.hostname; + }; + modules = [ + ./hosts/${hosts.darwin.name} + home-manager.darwinModules.home-manager + nix-homebrew.darwinModules.nix-homebrew + { + users.users.${username}.home = hosts.darwin.homeDirectory; + + nix-homebrew = { + enable = true; + enableRosetta = true; + user = username; + autoMigrate = true; + }; + } + (mkHomeManagerModule hosts.darwin) + ]; + }; + + nixosConfigurations.${hosts.netty.name} = nixpkgs.lib.nixosSystem { + system = hosts.netty.system; + specialArgs = { + inherit inputs self username; + hostname = hosts.netty.hostname; + }; + modules = [ + inputs.disko.nixosModules.disko + ./hosts/${hosts.netty.name}/configuration.nix + home-manager.nixosModules.home-manager + (mkHomeManagerModule hosts.netty) + ]; + }; + + homeConfigurations.${hosts.netty.name} = home-manager.lib.homeManagerConfiguration { + pkgs = mkPkgs hosts.netty.system; + extraSpecialArgs = { + inherit inputs self username; + hostname = hosts.netty.hostname; + }; + modules = [ + hosts.netty.standaloneHomeModule + ]; + }; + }; }; - }; } diff --git a/home/git.nix b/home/git.nix index 4d68d8f..7eda60b 100644 --- a/home/git.nix +++ b/home/git.nix @@ -2,6 +2,7 @@ programs.git = { enable = true; lfs.enable = true; + signing.format = "openpgp"; settings = { user = { diff --git a/hosts/netty/configuration.nix b/hosts/netty/configuration.nix index 0316d87..9fcbe92 100644 --- a/hosts/netty/configuration.nix +++ b/hosts/netty/configuration.nix @@ -11,6 +11,7 @@ in { imports = [ ./hardware-configuration.nix ./disk-config.nix + ../../modules/base.nix ]; boot.loader.grub = { @@ -52,35 +53,12 @@ in { security.sudo.wheelNeedsPassword = false; - programs.zsh.enable = true; - environment.shells = [pkgs.zsh]; + nix.settings.trusted-users = lib.mkForce [ + "root" + username + ]; - environment.variables = { - EDITOR = "nvim"; - VISUAL = "nvim"; - }; - - nix.settings = { - auto-optimise-store = true; - experimental-features = [ - "nix-command" - "flakes" - ]; - trusted-users = [ - "root" - username - ]; - }; - - nix.gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 14d"; - }; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = packageSets.core ++ packageSets.extras ++ [ + environment.systemPackages = packageSets.extras ++ [ pkgs.bubblewrap pkgs.pnpm ]; diff --git a/lib/hosts.nix b/lib/hosts.nix new file mode 100644 index 0000000..2aaef04 --- /dev/null +++ b/lib/hosts.nix @@ -0,0 +1,21 @@ +{ username }: +{ + darwin = { + name = "darwin"; + kind = "darwin"; + system = "aarch64-darwin"; + hostname = "hari-macbook-pro"; + homeModule = ../home; + homeDirectory = "/Users/${username}"; + }; + + netty = { + name = "netty"; + kind = "nixos"; + system = "x86_64-linux"; + hostname = "netty"; + homeModule = ../home/netty.nix; + standaloneHomeModule = ../hosts/netty; + homeDirectory = "/home/${username}"; + }; +} diff --git a/modules/base.nix b/modules/base.nix index 8af1303..8e1ed86 100644 --- a/modules/base.nix +++ b/modules/base.nix @@ -10,6 +10,7 @@ in { nix.enable = true; nix.settings = { + auto-optimise-store = true; experimental-features = [ "nix-command" "flakes" @@ -18,17 +19,28 @@ in { "@admin" username ]; + use-xdg-base-directories = true; }; - nix.gc = { - automatic = true; - interval = { - Weekday = 7; - Hour = 3; - Minute = 0; - }; - options = "--delete-older-than 14d"; - }; + nix.gc = + { + automatic = true; + options = "--delete-older-than 14d"; + } + // ( + if pkgs.stdenv.isDarwin then + { + interval = { + Weekday = 7; + Hour = 3; + Minute = 0; + }; + } + else + { + dates = "weekly"; + } + ); nixpkgs.config.allowUnfree = true; diff --git a/modules/devshells.nix b/modules/devshells.nix new file mode 100644 index 0000000..925c045 --- /dev/null +++ b/modules/devshells.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + perSystem = + { pkgs, ... }: + { + formatter = pkgs.nixfmt-tree; + + devShells.default = pkgs.mkShell { + packages = with pkgs; [ + deadnix + git + just + nixfmt-tree + nodePackages.prettier + pre-commit + selene + shfmt + statix + stylua + ]; + }; + }; +}