{ description = "NixOS configuration"; inputs = { # Pinned stable channel; the single source of truth for every host. nixpkgs.url = "nixpkgs/nixos-26.05"; # Bleeding-edge channel, used only to pull individual packages via overlay. nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Home-manager release matched to the stable nixpkgs; `follows` keeps a single nixpkgs eval. home-manager.url = "github:nix-community/home-manager/release-26.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; # WSL module for the EDaaS host; flake input avoids the impure NIX_PATH lookup. nixos-wsl.url = "github:nix-community/NixOS-WSL"; nixos-wsl.inputs.nixpkgs.follows = "nixpkgs"; # Apple Silicon (Asahi) support for the MacBook host. nixos-apple-silicon.url = "github:nix-community/nixos-apple-silicon"; nixos-apple-silicon.inputs.nixpkgs.follows = "nixpkgs"; # nix-darwin: manage macOS hosts from this same flake. nix-darwin.url = "github:nix-darwin/nix-darwin/nix-darwin-26.05"; nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; # nix-homebrew: declaratively own and install the Homebrew prefix on macOS. nix-homebrew.url = "github:zhaofengli/nix-homebrew"; # Provides mkFlake: the systems/perSystem scaffolding used below. flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; }; outputs = inputs@{ flake-parts, nixpkgs, nixpkgs-unstable, home-manager, nixos-wsl, nixos-apple-silicon, nix-darwin, nix-homebrew, ... }: flake-parts.lib.mkFlake { inherit inputs; } ( { lib, ... }: let # claude-code tracks nixpkgs-unstable regardless of the pinned nixpkgs. overlays = [ (final: prev: { claude-code = (import nixpkgs-unstable { inherit (prev.stdenv.hostPlatform) system; config.allowUnfree = true; }).claude-code; }) ]; # Unfree packages permitted to be built (replaces blanket allowUnfree). unfreePackages = [ "claude-code" "lens" "lens-desktop" ]; # nixpkgs + nix-daemon settings shared by NixOS and Darwin hosts. commonModule = { nixpkgs.overlays = overlays; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) unfreePackages; nix.settings.experimental-features = [ "nix-command" "flakes" ]; # Make `nix shell nixpkgs#...` and use the pinned nixpkgs. nix.registry.nixpkgs.flake = nixpkgs; nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; }; # Shared scaffolding for every NixOS host: common user, settings, home-manager. baseModules = [ ./lyrathorpe/user.nix commonModule home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; # Back up pre-existing dotfiles (e.g. .zshrc) instead of aborting # activation when home-manager would overwrite them. home-manager.backupFileExtension = "backup"; } ]; # mkHost :: { system, username, fullName, modules, homeModules } -> nixosSystem # Builds one machine by appending its host-specific modules to the shared # baseModules. The user identity (username/fullName) is threaded through # specialArgs so user.nix and the home modules stay host-agnostic, and the # home-manager profile is keyed by the host's username. mkHost = { system, username, fullName, modules, homeModules, }: nixpkgs.lib.nixosSystem { inherit system; specialArgs = { inherit inputs username fullName; }; modules = baseModules ++ modules ++ [ { home-manager.extraSpecialArgs = { inherit inputs username fullName; }; home-manager.users.${username}.imports = homeModules; } ]; }; # Shared scaffolding for every Darwin (macOS) host. darwinBaseModules = [ commonModule nix-homebrew.darwinModules.nix-homebrew home-manager.darwinModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; # Back up pre-existing dotfiles (e.g. .zshrc) instead of aborting # activation when home-manager would overwrite them. home-manager.backupFileExtension = "backup"; } ]; # mkDarwinHost :: { system, username, fullName, modules, homeModules } -> darwinSystem # Darwin counterpart of mkHost. macOS already owns the login user, so we # only attach the platform and home-manager; no NixOS user module here. mkDarwinHost = { system, username, fullName, modules, homeModules, }: nix-darwin.lib.darwinSystem { specialArgs = { inherit inputs username fullName; }; modules = darwinBaseModules ++ modules ++ [ { nixpkgs.hostPlatform = system; # macOS owns the account; point home-manager at its home dir. users.users.${username}.home = "/Users/${username}"; home-manager.extraSpecialArgs = { inherit inputs username fullName; }; home-manager.users.${username}.imports = homeModules; } ]; }; # Host table — declarative registry of every machine. To add a host: # give it a name, its `system`, the owning user, and the module lists. # mapAttrs below turns each entry into a nixosConfiguration of the same name. hosts = { lyrathorpe-mbp = { system = "aarch64-linux"; username = "lyrathorpe"; fullName = "Lyra Thorpe"; modules = [ ./system/machine/MBP-Asahi/configuration.nix nixos-apple-silicon.nixosModules.default ./lyrathorpe/swaywm.nix ]; homeModules = [ ./lyrathorpe/home ./lyrathorpe/home/desktop.nix ]; }; lyrathorpe-x1c = { system = "x86_64-linux"; username = "lyrathorpe"; fullName = "Lyra Thorpe"; modules = [ ./system/machine/X1/configuration.nix ./lyrathorpe/swaywm.nix ]; homeModules = [ ./lyrathorpe/home ./lyrathorpe/home/desktop.nix ]; }; emmathorpe-edaas = { system = "x86_64-linux"; username = "emmathorpe"; fullName = "Emma Thorpe"; modules = [ ./system/machine/EDaaS/configuration.nix nixos-wsl.nixosModules.default ./lyrathorpe/swaywm.nix ]; homeModules = [ ./lyrathorpe/home ./system/modules/work/default.nix ]; }; }; # Darwin host table — macOS machines built via mkDarwinHost. The shared # ./lyrathorpe/home modules (shell, git, editor) are reused; the Linux-only # desktop/sway modules are intentionally left out. darwinHosts = { lyrathorpe-mac = { system = "aarch64-darwin"; username = "lyrathorpe"; fullName = "Lyra Thorpe"; modules = [ ./system/machine/Darwin/configuration.nix ]; homeModules = [ ./lyrathorpe/home ]; }; }; in { systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ]; # perSystem is evaluated once per entry in `systems`; `pkgs` is the # nixpkgs instance for that system. Outputs here become per-system # attrsets automatically (e.g. devShells..default). perSystem = { pkgs, ... }: { # `nix fmt` formatter for the repo. formatter = pkgs.nixfmt; # `nix develop` shell with the tooling needed to hack on this flake. devShells.default = pkgs.mkShellNoCC { packages = with pkgs; [ nixfmt nil git ]; }; checks.formatting = pkgs.runCommandLocal "check-formatting" { nativeBuildInputs = [ pkgs.nixfmt ]; } '' # Generated hardware-configuration.nix files are excluded. nixfmt --check $(find ${./.} -name '*.nix' -not -name 'hardware-configuration.nix') && touch $out ''; }; # Realise the host tables: each entry becomes a {nixos,darwin}Configuration. flake.nixosConfigurations = lib.mapAttrs (_name: mkHost) hosts; flake.darwinConfigurations = lib.mapAttrs (_name: mkDarwinHost) darwinHosts; } ); }