moved install iso from a package to a host

made funnier functions gave more modules disable options updated lint command
2025-12-10 00:43:56 -05:00 · 2023-07-28 19:38:59 -04:00 · 2023-07-28 19:38:59 -04:00 · c4e6bcb664
commit c4e6bcb664
parent ccbc3cc2af
9 changed files with 132 additions and 120 deletions
--- a/flake.nix
+++ b/flake.nix
@ -39,17 +39,18 @@
      inputs.nixpkgs.follows = "unstable";
    };
  };
-  outputs = inputs @ {
+
-    unstable,
+  outputs = inputs: let
    nixos-generators,
    ...
  }: let
    lib = import ./lib inputs;
  in
-    lib.withSystem (
+    lib.gerg-utils {
-      system: let
+      allowUnfree = true;
-        pkgs = unstable.legacyPackages.${system};
+    } (
-      in {
+      {
        pkgs,
        system,
        ...
      }: {
        inherit lib;
        nixosConfigurations =
          lib.mkHosts
@ -58,6 +59,7 @@
            "gerg-desktop"
            "game-laptop"
            "moms-laptop"
            "iso"
          ];
        nixosModules = lib.mkModules ./modules;
@ -77,17 +79,7 @@
          ];
        };
-        packages.${system} =
+        packages.${system} = lib.mkPackages ./packages pkgs;
          {
            nixos-iso = nixos-generators.nixosGenerate {
              inherit system;
              format = "install-iso";
              modules = [
                (import ./installer inputs)
              ];
            };
          }
          // lib.mkPackages ./packages pkgs;
      }
    );
 }
--- a/hosts/gerg-desktop/main.nix
+++ b/hosts/gerg-desktop/main.nix
@ -1,7 +1,6 @@
 {nvim-flake, ...}: {
  pkgs,
  config,
  lib,
  ...
 }: {
  local = {
@ -64,9 +63,9 @@
        ;
      inherit (nvim-flake.packages.${pkgs.system}) neovim;
      lint = pkgs.writeShellScriptBin "lint" ''
-        deadnix -e "$1"
+        deadnix -e "''${1:-.}"
-        statix fix "$1"
+        statix fix -- "''${1:-.}"
-        alejandra "$1"
+        alejandra "''${1:-.}"
      '';
    };
    etc = {
--- a/installer/default.nix
+++ b/installer/default.nix
@ -1,25 +1,36 @@
-{disko, ...}: {
+{
  disko,
  nixos-generators,
  ...
 }: {
  lib,
  modulesPath,
  pkgs,
  ...
 }: {
  ##Build wtih nix build .#nixosConfigurations.iso.config.formats.iso
  local = {
    hardware = {
      gpuAcceleration.disable = true;
      sound.disable = true;
    };
    bootConfig = {
      disable = true;
      stage2patch.disable = true;
    };
  };
  imports = [
    "${modulesPath}/profiles/minimal.nix"
    "${modulesPath}/installer/cd-dvd/installation-cd-base.nix"
    nixos-generators.nixosModules.all-formats
  ];
  environment = {
    noXlibs = lib.mkOverride 500 false;
    defaultPackages = [];
    systemPackages = [
      pkgs.gitMinimal
      pkgs.neovim
      disko.packages.${pkgs.system}.default
    ];
    variables = {
      EDITOR = "nvim";
    };
  };
  documentation = {
    man.enable = lib.mkOverride 500 false;
@ -32,12 +43,7 @@
    edition = lib.mkForce "gerg-minimal";
    isoName = lib.mkForce "NixOS.iso";
  };
-  nix = {
+
    settings = {
      experimental-features = ["nix-command" "flakes" "repl-flake"];
      auto-optimise-store = true;
    };
  };
  sound.enable = false;
  _file = ./default.nix;
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -31,9 +31,19 @@ inputs @ {
 in {
  inherit importAll mkModules listNixFilesRecursive;
-  withSystem = f:
+  gerg-utils = config: f:
    lib.fold lib.recursiveUpdate {}
-    (map f ["x86_64-linux"]);
+    (map (system:
      f {
        inherit system;
        pkgs =
          if config == {}
          then unstable.legacyPackages.${system}
          else
            import unstable {
              inherit system config;
            };
      }) ["x86_64-linux"]);
  #"x86_64-darwin" "aarch64-linux" "aarch64-darwin"
  mkHosts = system: names:
--- a/modules/boot/misc.nix
+++ b/modules/boot/misc.nix
@ -1,72 +1,78 @@
 {self, ...}: {
  lib,
  pkgs,
  config,
  ...
 }: {
-  environment.etc = {
+  options.local.bootConfig.disable = lib.mkEnableOption "";
-    "issue" = {
+  config =
-      text = "[?12l[?25h";
+    lib.mkIf (!config.local.bootConfig.disable)
-      mode = "0444";
+    {
-    };
+      environment.etc = {
-  };
+        "issue" = {
-  boot = {
+          text = "[?12l[?25h";
-    blacklistedKernelModules = ["pcspkr"];
+          mode = "0444";
-    kernelParams = [
+        };
-      "acpi_call"
+      };
-      "pti=auto"
+      boot = {
-      "randomize_kstack_offset=on"
+        blacklistedKernelModules = ["pcspkr"];
-      "vsyscall=none"
+        kernelParams = [
-      "slab_nomerge"
+          "acpi_call"
-      "module.sig_enforce=1"
+          "pti=auto"
-      "lockdown=confidentiality"
+          "randomize_kstack_offset=on"
-      "page_poison=1"
+          "vsyscall=none"
-      "page_alloc.shuffle=1"
+          "slab_nomerge"
-      "sysrq_always_enabled=0"
+          "module.sig_enforce=1"
-      "idle=nomwait"
+          "lockdown=confidentiality"
-      "rootflags=noatime"
+          "page_poison=1"
-      "iommu=pt"
+          "page_alloc.shuffle=1"
-      "usbcore.autosuspend=-1"
+          "sysrq_always_enabled=0"
-      "noresume"
+          "idle=nomwait"
-      "acpi_backlight=native"
+          "rootflags=noatime"
-      "logo.nologo"
+          "iommu=pt"
-      "fbcon=nodefer"
+          "usbcore.autosuspend=-1"
-      "bgrt_disable"
+          "noresume"
-      "quiet"
+          "acpi_backlight=native"
-      "systemd.show_status=false"
+          "logo.nologo"
-      "rd.udev.log_level=3"
+          "fbcon=nodefer"
-      "vt.global_cursor_default=0"
+          "bgrt_disable"
-    ];
+          "quiet"
-    consoleLogLevel = 3;
+          "systemd.show_status=false"
-    initrd.verbose = false;
+          "rd.udev.log_level=3"
-    plymouth = {
+          "vt.global_cursor_default=0"
-      enable = lib.mkDefault true;
+        ];
-      theme = "breeze";
+        consoleLogLevel = 3;
-      logo = "${self.packages.${pkgs.system}.images}/logo.png";
+        initrd.verbose = false;
-    };
+        plymouth = {
-    loader = {
+          enable = lib.mkDefault true;
-      grub = {
+          theme = "breeze";
-        configurationLimit = 10;
+          logo = "${self.packages.${pkgs.system}.images}/logo.png";
-        extraConfig = ''
+        };
-          GRUB_TIMEOUT_STYLE=hidden
+        loader = {
          grub = {
            configurationLimit = 10;
            extraConfig = ''
              GRUB_TIMEOUT_STYLE=hidden
            '';
          };
          systemd-boot = {
            configurationLimit = 10;
            enable = lib.mkDefault true;
            consoleMode = "max";
            editor = false;
          };
          efi.canTouchEfiVariables = lib.mkDefault true;
          timeout = 0;
        };
      };
      systemd.services.efibootmgr = {
        serviceConfig.Type = "oneshot";
        path = [pkgs.efibootmgr];
        wantedBy = ["default.target"];
        script = ''
          efibootmgr -t 0
        '';
      };
      systemd-boot = {
        configurationLimit = 10;
        enable = lib.mkDefault true;
        consoleMode = "max";
        editor = false;
      };
      efi.canTouchEfiVariables = lib.mkDefault true;
      timeout = 0;
    };
  };
  systemd.services.efibootmgr = {
    serviceConfig.Type = "oneshot";
    path = [pkgs.efibootmgr];
    wantedBy = ["default.target"];
    script = ''
      efibootmgr -t 0
    '';
  };
  _file = ./misc.nix;
 }
--- a/modules/boot/stage2patch.nix
+++ b/modules/boot/stage2patch.nix
@ -30,6 +30,11 @@ let
      '';
  };
 in {
-  system.build.bootStage2 = lib.mkForce bootStage2;
+  options.local.bootConfig.stage2patch.disable = lib.mkEnableOption "";
  config =
    lib.mkIf (!config.local.bootConfig.stage2patch.disable)
    {
      system.build.bootStage2 = lib.mkForce bootStage2;
    };
  _file = ./stage2patch.nix;
 }
--- a/modules/hardware.nix
+++ b/modules/hardware.nix
@ -6,18 +6,8 @@ _: {
  cfg = config.local.hardware;
 in {
  options.local.hardware = {
-    gpuAcceleration = {
+    gpuAcceleration.disable = lib.mkEnableOption "";
-      disable = lib.mkOption {
+    sound.disable = lib.mkEnableOption "";
        type = lib.types.bool;
        default = false;
      };
    };
    sound = {
      disable = lib.mkOption {
        type = lib.types.bool;
        default = false;
      };
    };
  };
  config = lib.mkMerge [
    (
--- a/modules/misc.nix
+++ b/modules/misc.nix
@ -31,7 +31,7 @@ _: {
      enable = true;
      hostKeys = lib.mkForce [];
      settings = {
-        PermitRootLogin = "no";
+        PermitRootLogin = lib.mkDefault "no";
        PasswordAuthentication = false;
        KbdInteractiveAuthentication = false;
      };
--- a/modules/sops.nix
+++ b/modules/sops.nix
@ -5,17 +5,21 @@
 }: {
  pkgs,
  config,
  lib,
  ...
 }: {
  imports = [
    sops-nix.nixosModules.sops
  ];
-  environment.systemPackages = [
+  options.local.sops.disable = lib.mkEnableOption "";
-    pkgs.sops
+  config = lib.mkIf (!config.local.sops.disable) {
-  ];
+    environment.systemPackages = [
-  sops = {
+      pkgs.sops
-    defaultSopsFile = "${self}/hosts/${config.networking.hostName}/secrets.yaml";
+    ];
-    age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+    sops = {
      defaultSopsFile = "${self}/hosts/${config.networking.hostName}/secrets.yaml";
      age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
    };
  };
  _file = ./sops.nix;
 }