From 6dfef30594b4b9921c2dbc30d79eb5f37a08e06c Mon Sep 17 00:00:00 2001 From: Harivansh Rathi Date: Sun, 29 Mar 2026 23:00:59 -0400 Subject: [PATCH 1/2] optimize flake shape and add devshell --- README.md | 17 +++- flake.lock | 34 +++++++ flake.nix | 163 +++++++++++++++++----------------- home/git.nix | 1 + hosts/netty/configuration.nix | 34 ++----- lib/hosts.nix | 21 +++++ modules/base.nix | 30 +++++-- modules/devshells.nix | 23 +++++ 8 files changed, 202 insertions(+), 121 deletions(-) create mode 100644 lib/hosts.nix create mode 100644 modules/devshells.nix diff --git a/README.md b/README.md index 04de368..8ed3e95 100644 --- a/README.md +++ b/README.md @@ -38,13 +38,22 @@ just secrets-sync # shell env vars -> ~/.config/secrets/shell.zsh just secrets-restore-files # SSH keys, AWS, GCloud, Codex, GitHub CLI ``` +## dev + +```bash +nix develop +just check +just fmt +``` + ## layout ``` -hosts/darwin/ - macOS nix-darwin config -hosts/netty/ - NixOS VPS config (disko + hardware) -modules/ - system-level modules (packages, macos defaults, homebrew) -home/ - Home Manager modules (shell, editor, tools) +hosts/darwin/ - macOS host entrypoint +hosts/netty/ - NixOS VPS entrypoint (disko + hardware) +modules/ - shared system modules + devshells +home/ - Home Manager modules +lib/hosts.nix - host metadata used by the flake lib/ - shared package sets and theme system config/ - repo-owned config files (nvim, tmux, etc.) scripts/ - secret management and utility scripts diff --git a/flake.lock b/flake.lock index 7bb5df8..9718ab1 100644 --- a/flake.lock +++ b/flake.lock @@ -76,6 +76,24 @@ "type": "github" } }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1772408722, + "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -226,6 +244,21 @@ "type": "github" } }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1772328832, + "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1767640445, @@ -265,6 +298,7 @@ "agentcomputer-cli": "agentcomputer-cli", "claudeCode": "claudeCode", "disko": "disko", + "flake-parts": "flake-parts", "googleworkspace-cli": "googleworkspace-cli", "home-manager": "home-manager", "nix-darwin": "nix-darwin", diff --git a/flake.nix b/flake.nix index 557a243..a95a5f6 100644 --- a/flake.nix +++ b/flake.nix @@ -3,6 +3,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + flake-parts.url = "github:hercules-ci/flake-parts"; nix-darwin = { url = "github:nix-darwin/nix-darwin/master"; @@ -24,7 +25,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - agentcomputer-cli = { url = "path:/Users/rathi/Documents/GitHub/companion/agentcomputer/apps/cli"; inputs.nixpkgs.follows = "nixpkgs"; @@ -44,96 +44,99 @@ }; }; - outputs = inputs @ { - self, - nixpkgs, - nix-darwin, - home-manager, - claudeCode, - nix-homebrew, - ... - }: let - darwinSystem = "aarch64-darwin"; - linuxSystem = "x86_64-linux"; - username = "rathi"; - darwinConfigName = "darwin"; - darwinMachineHostname = "hari-macbook-pro"; - linuxConfigName = "netty"; - linuxHostname = "netty"; - darwinPkgs = import nixpkgs {system = darwinSystem;}; - linuxPkgs = import nixpkgs { - system = linuxSystem; - config.allowUnfree = true; - }; - in { - formatter.${darwinSystem} = darwinPkgs.alejandra; - formatter.${linuxSystem} = linuxPkgs.alejandra; + outputs = + inputs@{ + self, + flake-parts, + nixpkgs, + nix-darwin, + home-manager, + nix-homebrew, + ... + }: + let + username = "rathi"; + hosts = import ./lib/hosts.nix { inherit username; }; - darwinConfigurations.${darwinConfigName} = nix-darwin.lib.darwinSystem { - system = darwinSystem; - specialArgs = { - inherit inputs self username; - hostname = darwinMachineHostname; - }; - modules = [ - ./hosts/${darwinConfigName} - home-manager.darwinModules.home-manager - nix-homebrew.darwinModules.nix-homebrew - { - users.users.${username}.home = "/Users/${username}"; + mkPkgs = + system: + import nixpkgs { + inherit system; + config.allowUnfree = true; + }; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { - inherit inputs self username; - hostname = darwinMachineHostname; - }; - home-manager.backupFileExtension = "hm-bak"; - home-manager.users.${username} = import ./home; - - nix-homebrew = { - enable = true; - enableRosetta = true; - user = username; - autoMigrate = true; - }; - } - ]; - }; - - nixosConfigurations.${linuxConfigName} = nixpkgs.lib.nixosSystem { - system = linuxSystem; - specialArgs = { - inherit inputs self username; - hostname = linuxHostname; - }; - modules = [ - inputs.disko.nixosModules.disko - ./hosts/${linuxConfigName}/configuration.nix - home-manager.nixosModules.home-manager + mkHomeManagerModule = + host: { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit inputs self username; - hostname = linuxHostname; + hostname = host.hostname; }; home-manager.backupFileExtension = "hm-bak"; - home-manager.users.${username} = import ./home/netty.nix; - } + home-manager.users.${username} = import host.homeModule; + }; + in + flake-parts.lib.mkFlake { inherit inputs; } { + systems = [ + hosts.darwin.system + hosts.netty.system ]; - }; - # Standalone Home Manager config (fallback for non-NixOS Linux) - homeConfigurations.${linuxConfigName} = home-manager.lib.homeManagerConfiguration { - pkgs = linuxPkgs; - extraSpecialArgs = { - inherit inputs self username; - hostname = linuxConfigName; - }; - modules = [ - ./hosts/${linuxConfigName} + imports = [ + ./modules/devshells.nix ]; + + flake = { + darwinConfigurations.${hosts.darwin.name} = nix-darwin.lib.darwinSystem { + system = hosts.darwin.system; + specialArgs = { + inherit inputs self username; + hostname = hosts.darwin.hostname; + }; + modules = [ + ./hosts/${hosts.darwin.name} + home-manager.darwinModules.home-manager + nix-homebrew.darwinModules.nix-homebrew + { + users.users.${username}.home = hosts.darwin.homeDirectory; + + nix-homebrew = { + enable = true; + enableRosetta = true; + user = username; + autoMigrate = true; + }; + } + (mkHomeManagerModule hosts.darwin) + ]; + }; + + nixosConfigurations.${hosts.netty.name} = nixpkgs.lib.nixosSystem { + system = hosts.netty.system; + specialArgs = { + inherit inputs self username; + hostname = hosts.netty.hostname; + }; + modules = [ + inputs.disko.nixosModules.disko + ./hosts/${hosts.netty.name}/configuration.nix + home-manager.nixosModules.home-manager + (mkHomeManagerModule hosts.netty) + ]; + }; + + homeConfigurations.${hosts.netty.name} = home-manager.lib.homeManagerConfiguration { + pkgs = mkPkgs hosts.netty.system; + extraSpecialArgs = { + inherit inputs self username; + hostname = hosts.netty.hostname; + }; + modules = [ + hosts.netty.standaloneHomeModule + ]; + }; + }; }; - }; } diff --git a/home/git.nix b/home/git.nix index 4d68d8f..7eda60b 100644 --- a/home/git.nix +++ b/home/git.nix @@ -2,6 +2,7 @@ programs.git = { enable = true; lfs.enable = true; + signing.format = "openpgp"; settings = { user = { diff --git a/hosts/netty/configuration.nix b/hosts/netty/configuration.nix index 0316d87..9fcbe92 100644 --- a/hosts/netty/configuration.nix +++ b/hosts/netty/configuration.nix @@ -11,6 +11,7 @@ in { imports = [ ./hardware-configuration.nix ./disk-config.nix + ../../modules/base.nix ]; boot.loader.grub = { @@ -52,35 +53,12 @@ in { security.sudo.wheelNeedsPassword = false; - programs.zsh.enable = true; - environment.shells = [pkgs.zsh]; + nix.settings.trusted-users = lib.mkForce [ + "root" + username + ]; - environment.variables = { - EDITOR = "nvim"; - VISUAL = "nvim"; - }; - - nix.settings = { - auto-optimise-store = true; - experimental-features = [ - "nix-command" - "flakes" - ]; - trusted-users = [ - "root" - username - ]; - }; - - nix.gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 14d"; - }; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = packageSets.core ++ packageSets.extras ++ [ + environment.systemPackages = packageSets.extras ++ [ pkgs.bubblewrap pkgs.pnpm ]; diff --git a/lib/hosts.nix b/lib/hosts.nix new file mode 100644 index 0000000..2aaef04 --- /dev/null +++ b/lib/hosts.nix @@ -0,0 +1,21 @@ +{ username }: +{ + darwin = { + name = "darwin"; + kind = "darwin"; + system = "aarch64-darwin"; + hostname = "hari-macbook-pro"; + homeModule = ../home; + homeDirectory = "/Users/${username}"; + }; + + netty = { + name = "netty"; + kind = "nixos"; + system = "x86_64-linux"; + hostname = "netty"; + homeModule = ../home/netty.nix; + standaloneHomeModule = ../hosts/netty; + homeDirectory = "/home/${username}"; + }; +} diff --git a/modules/base.nix b/modules/base.nix index 8af1303..8e1ed86 100644 --- a/modules/base.nix +++ b/modules/base.nix @@ -10,6 +10,7 @@ in { nix.enable = true; nix.settings = { + auto-optimise-store = true; experimental-features = [ "nix-command" "flakes" @@ -18,17 +19,28 @@ in { "@admin" username ]; + use-xdg-base-directories = true; }; - nix.gc = { - automatic = true; - interval = { - Weekday = 7; - Hour = 3; - Minute = 0; - }; - options = "--delete-older-than 14d"; - }; + nix.gc = + { + automatic = true; + options = "--delete-older-than 14d"; + } + // ( + if pkgs.stdenv.isDarwin then + { + interval = { + Weekday = 7; + Hour = 3; + Minute = 0; + }; + } + else + { + dates = "weekly"; + } + ); nixpkgs.config.allowUnfree = true; diff --git a/modules/devshells.nix b/modules/devshells.nix new file mode 100644 index 0000000..925c045 --- /dev/null +++ b/modules/devshells.nix @@ -0,0 +1,23 @@ +{ ... }: +{ + perSystem = + { pkgs, ... }: + { + formatter = pkgs.nixfmt-tree; + + devShells.default = pkgs.mkShell { + packages = with pkgs; [ + deadnix + git + just + nixfmt-tree + nodePackages.prettier + pre-commit + selene + shfmt + statix + stylua + ]; + }; + }; +} From 9a13c35acd51041b952ee2278c59f13e3d91b993 Mon Sep 17 00:00:00 2001 From: Harivansh Rathi Date: Mon, 30 Mar 2026 00:06:09 -0400 Subject: [PATCH 2/2] flake parts --- README.md | 2 + flake.nix | 93 ++-------------------------------- justfile | 3 +- modules/hosts/darwin.nix | 33 ++++++++++++ modules/hosts/netty.nix | 33 ++++++++++++ modules/nixpkgs.nix | 45 ++++++++++++++++ scripts/home-manager-backup.sh | 25 +++++++++ 7 files changed, 144 insertions(+), 90 deletions(-) create mode 100644 modules/hosts/darwin.nix create mode 100644 modules/hosts/netty.nix create mode 100644 modules/nixpkgs.nix create mode 100644 scripts/home-manager-backup.sh diff --git a/README.md b/README.md index 8ed3e95..70b6a25 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,8 @@ just fmt hosts/darwin/ - macOS host entrypoint hosts/netty/ - NixOS VPS entrypoint (disko + hardware) modules/ - shared system modules + devshells +modules/hosts/ - flake-parts host output definitions +modules/nixpkgs.nix - shared flake context (hosts, args, pkgs helpers) home/ - Home Manager modules lib/hosts.nix - host metadata used by the flake lib/ - shared package sets and theme system diff --git a/flake.nix b/flake.nix index a95a5f6..5b340ef 100644 --- a/flake.nix +++ b/flake.nix @@ -45,98 +45,13 @@ }; outputs = - inputs@{ - self, - flake-parts, - nixpkgs, - nix-darwin, - home-manager, - nix-homebrew, - ... - }: - let - username = "rathi"; - hosts = import ./lib/hosts.nix { inherit username; }; - - mkPkgs = - system: - import nixpkgs { - inherit system; - config.allowUnfree = true; - }; - - mkHomeManagerModule = - host: - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { - inherit inputs self username; - hostname = host.hostname; - }; - home-manager.backupFileExtension = "hm-bak"; - home-manager.users.${username} = import host.homeModule; - }; - in + inputs@{ flake-parts, ... }: flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ - hosts.darwin.system - hosts.netty.system - ]; - imports = [ + ./modules/nixpkgs.nix ./modules/devshells.nix + ./modules/hosts/darwin.nix + ./modules/hosts/netty.nix ]; - - flake = { - darwinConfigurations.${hosts.darwin.name} = nix-darwin.lib.darwinSystem { - system = hosts.darwin.system; - specialArgs = { - inherit inputs self username; - hostname = hosts.darwin.hostname; - }; - modules = [ - ./hosts/${hosts.darwin.name} - home-manager.darwinModules.home-manager - nix-homebrew.darwinModules.nix-homebrew - { - users.users.${username}.home = hosts.darwin.homeDirectory; - - nix-homebrew = { - enable = true; - enableRosetta = true; - user = username; - autoMigrate = true; - }; - } - (mkHomeManagerModule hosts.darwin) - ]; - }; - - nixosConfigurations.${hosts.netty.name} = nixpkgs.lib.nixosSystem { - system = hosts.netty.system; - specialArgs = { - inherit inputs self username; - hostname = hosts.netty.hostname; - }; - modules = [ - inputs.disko.nixosModules.disko - ./hosts/${hosts.netty.name}/configuration.nix - home-manager.nixosModules.home-manager - (mkHomeManagerModule hosts.netty) - ]; - }; - - homeConfigurations.${hosts.netty.name} = home-manager.lib.homeManagerConfiguration { - pkgs = mkPkgs hosts.netty.system; - extraSpecialArgs = { - inherit inputs self username; - hostname = hosts.netty.hostname; - }; - modules = [ - hosts.netty.standaloneHomeModule - ]; - }; - }; }; } diff --git a/justfile b/justfile index 8a0c150..ee60ce5 100644 --- a/justfile +++ b/justfile @@ -17,7 +17,8 @@ switch config='darwin': if [[ "{{config}}" == "darwin" ]]; then sudo env PATH="$PATH" nix --extra-experimental-features 'nix-command flakes' run github:nix-darwin/nix-darwin/master#darwin-rebuild -- switch --flake path:.#{{config}} else - nix --extra-experimental-features 'nix-command flakes' run github:nix-community/home-manager -- switch --flake path:.#{{config}} -b hm-bak + backup_ext="hm-bak-$(date +%Y%m%d-%H%M%S)" + nix --extra-experimental-features 'nix-command flakes' run github:nix-community/home-manager -- switch --flake path:.#{{config}} -b "$backup_ext" fi fmt: diff --git a/modules/hosts/darwin.nix b/modules/hosts/darwin.nix new file mode 100644 index 0000000..12320eb --- /dev/null +++ b/modules/hosts/darwin.nix @@ -0,0 +1,33 @@ +{ + hosts, + inputs, + username, + mkSpecialArgs, + mkHomeManagerModule, + ... +}: +let + host = hosts.darwin; +in +{ + flake.darwinConfigurations.${host.name} = inputs.nix-darwin.lib.darwinSystem { + system = host.system; + specialArgs = mkSpecialArgs host; + modules = [ + ../../hosts/${host.name} + inputs.home-manager.darwinModules.home-manager + inputs.nix-homebrew.darwinModules.nix-homebrew + { + users.users.${username}.home = host.homeDirectory; + + nix-homebrew = { + enable = true; + enableRosetta = true; + user = username; + autoMigrate = true; + }; + } + (mkHomeManagerModule host) + ]; + }; +} diff --git a/modules/hosts/netty.nix b/modules/hosts/netty.nix new file mode 100644 index 0000000..a5d090e --- /dev/null +++ b/modules/hosts/netty.nix @@ -0,0 +1,33 @@ +{ + hosts, + inputs, + mkPkgs, + mkSpecialArgs, + mkHomeManagerModule, + ... +}: +let + host = hosts.netty; +in +{ + flake = { + nixosConfigurations.${host.name} = inputs.nixpkgs.lib.nixosSystem { + system = host.system; + specialArgs = mkSpecialArgs host; + modules = [ + inputs.disko.nixosModules.disko + ../../hosts/${host.name}/configuration.nix + inputs.home-manager.nixosModules.home-manager + (mkHomeManagerModule host) + ]; + }; + + homeConfigurations.${host.name} = inputs.home-manager.lib.homeManagerConfiguration { + pkgs = mkPkgs host.system; + extraSpecialArgs = mkSpecialArgs host; + modules = [ + host.standaloneHomeModule + ]; + }; + }; +} diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix new file mode 100644 index 0000000..cbc9007 --- /dev/null +++ b/modules/nixpkgs.nix @@ -0,0 +1,45 @@ +{ + self, + inputs, + lib, + ... +}: +let + username = "rathi"; + hosts = import ../lib/hosts.nix { inherit username; }; + + mkPkgs = + system: + import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; + }; + + mkSpecialArgs = host: { + inherit inputs self username; + hostname = host.hostname; + }; + + mkHomeManagerModule = + host: + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = mkSpecialArgs host; + home-manager.backupCommand = "bash ${../scripts/home-manager-backup.sh}"; + home-manager.users.${username} = import host.homeModule; + }; +in +{ + systems = lib.unique (map (host: host.system) (builtins.attrValues hosts)); + + _module.args = { + inherit + username + hosts + mkPkgs + mkSpecialArgs + mkHomeManagerModule + ; + }; +} diff --git a/scripts/home-manager-backup.sh b/scripts/home-manager-backup.sh new file mode 100644 index 0000000..f093f91 --- /dev/null +++ b/scripts/home-manager-backup.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -euo pipefail + +if [[ $# -eq 0 ]]; then + exit 0 +fi + +target_path="${1:?expected target path}" +base_backup="${target_path}.hm-bak" + +if [[ ! -e "$base_backup" ]]; then + mv "$target_path" "$base_backup" + exit 0 +fi + +timestamp="$(date +%Y%m%d-%H%M%S)" +backup_path="${base_backup}.${timestamp}" +suffix=0 + +while [[ -e "$backup_path" ]]; do + suffix=$((suffix + 1)) + backup_path="${base_backup}.${timestamp}.${suffix}" +done + +mv "$target_path" "$backup_path"