flake.nix

@@ -64,17 +64,9 @@
           system = "x86_64-linux";
           hostName = "wsl-dev";
         }
-        // flakeLib.mkNixosConfiguration {
-          inherit inputs nixpkgs outputs flakeLib overlays vars;
-          system = "x86_64-linux";
-          hostName = "pi-installer";
-          modules = [
-              inputs.raspberry-pi-nix.nixosModules.sd-image
-          ];
-        }
         // flakeLib.mkNixosConfiguration {
           inherit inputs outputs nixpkgs vars flakeLib overlays;
-          system = "aarch64-linux";
+            system = "aarch64-linux";
           hostName = "pi0";
         }
         // flakeLib.mkNixosConfiguration {
@@ -139,17 +131,8 @@
           description = "";
         };
       };
-      images = {
-        pi-installer = self.outputs.nixosConfigurations.pi-installer.config.system.build.sdImage;
-      };
     }
-    // flake-utils.lib.eachDefaultSystem (system: let 
+    // flake-utils.lib.eachDefaultSystem (system: { });
-      pkgs = import nixpkgs {
-        inherit system;
-      };
-    in { 
-      devShells.default = pkgs.mkShell {};
-    });
 
   inputs = {
     # System
@@ -176,9 +159,9 @@
       inputs.systems.follows = "systems";
     };
     sops-nix = {
-      url = "github:Mic92/sops-nix";
+        url = "github:Mic92/sops-nix";
-      inputs.nixpkgs.follows = "nixpkgs";
+        inputs.nixpkgs.follows = "nixpkgs";
-    };
+      };
     nixos-wsl = {
       url = "github:nix-community/NixOS-WSL";
       inputs = {

lib/mkNixosConfiguration.nix

@@ -1,13 +1,13 @@
-{ inputs
+{
-, outputs
+  inputs,
-, flakeLib
+  outputs,
-, overlays
+  flakeLib,
-, system
+  overlays,
-, hostName
+  system,
-, nixpkgs
+  hostName,
-, vars
+  nixpkgs,
-, modules ? [ ]
+  vars,
-, ...
+  ...
 }: {
   ${hostName} = nixpkgs.lib.nixosSystem {
     inherit system;
@@ -21,6 +21,6 @@
     };
     modules = [
       ../profiles/nixos/${hostName}/configuration.nix
-    ] ++ modules;
+    ];
   };
 }

modules/home-manager/base/nixpkgs.nix

@@ -1,6 +1,5 @@
-{pkgs, ...}: {
+{
   nixpkgs = {
     config.allowUnfree = true;
   };
-  nix.package = pkgs.nix;
 }

modules/home-manager/binary-cache/default.nix

@@ -3,7 +3,7 @@ _: {
     # package = pkgs.nix;
     settings = {
       substituters = [
-        "http://nix-cache.gaja-group.intranet:5000"
+        "http://nixcache.odie.home.arpa"
         "https://nix-community.cachix.org"
         "https://cache.nixos.org/"
       ];

modules/home-manager/desktop/theme/gtk.nix

@@ -19,7 +19,7 @@
         package = pkgs.papirus-icon-theme;
       };
       theme = {
-        name = "catppuccin-mocha-blue-standard+default";
+        name = "Catppuccin-Mocha-Standard-Blue-Dark";
         package = pkgs.catppuccin-gtk;
       };
     };

modules/home-manager/sops/default.nix

@@ -1,12 +1,12 @@
-{ inputs, vars, ... }: {
+{ inputs, ... }: {
   imports = [
     inputs.sops-nix.homeManagerModules.sops
   ];
 
   sops = {
-    #age.keyFile = "/home/${vars.username}/.sops-key.txt"; # must have no password!
+    age.keyFile = "/home/user/.age-key.txt"; # must have no password!
     # It's also possible to use a ssh key, but only when it has no password:
-    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    #age.sshKeyPaths = [ "/home/user/path-to-ssh-key" ];
     defaultSopsFile = ../../../secrets/general.yaml;
     secrets.hello = {
       # sopsFile = ./secrets.yml.enc; # optionally define per-secret files

modules/nixos/base/nixos/default.nix

@@ -12,22 +12,23 @@
         automatic = true;
       };
       channel.enable = false;
+
       registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
       nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
       settings = {
-        trusted-users = [ "@wheel" ];
+        trusted-users = [ "root" "@wheel" ];
         experimental-features = [ "nix-command" "flakes" ];
         auto-optimise-store = true;
         substituters = [
-          "https://nix-community.cachix.org"
           "http://nix-cache.gaja-group.intranet:5000"
+          "https://nix-community.cachix.org"
+          "https://cache.nixos.org"
         ];
         trusted-public-keys = [
           "nix-cache.gaja-group.intranet:EcUsafvI9NUrnab3DA71s2PGjAYMgct0FOvCwdYuStw="
           "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
         ];
         nix-path = config.nix.nixPath;
-        flake-registry = "";
       };
       gc = {
         automatic = true;
@@ -37,7 +38,10 @@
       buildMachines = [
         {
           hostName = "nix-cache.gaja-group.intranet";
+          #system = "x86_64-linux";
           protocol = "ssh-ng";
+          # if the builder supports building for multiple architectures,
+          # replace the previous line by, e.g.,
           systems = [ "x86_64-linux" "aarch64-linux" ];
           maxJobs = 4;
           speedFactor = 2;
@@ -46,6 +50,7 @@
         }
       ];
       distributedBuilds = true;
+      # optional, useful when the builder has a faster internet connection than yours
       extraOptions = ''
         builders-use-substitutes = true
       '';

modules/nixos/base/raspberry-pi/cec/default.nix

@@ -11,14 +11,5 @@
     environment.systemPackages = with pkgs; [
       libcec
     ];
-
-    nixpkgs = {
-      overlays = [
-        (final: prev: {
-          makeModulesClosure = x: prev.makeModulesClosure (x // { allowMissing = true; });
-          libcec = prev.libcec.override { withLibraspberrypi = true; };
-        })
-      ];
-    };
   };
 }

modules/nixos/desktop/fonts/default.nix

@@ -7,8 +7,7 @@
       noto-fonts
       noto-fonts-emoji
       sarasa-gothic
-      nerd-fonts.symbols-only
+      (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
-      #(nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
     ];
     fontconfig = {
       antialias = true;

profiles/home-manager/odie@pi0/home.nix

@@ -1,7 +1,6 @@
 { outputs, ... }: {
   imports = [
     outputs.homeManagerModules.base
-    outputs.homeManagerModules.shell
     outputs.homeManagerModules.user
   ];
 }

profiles/home-manager/odie@wanaheim/home.nix

@@ -12,7 +12,6 @@
     outputs.homeManagerModules.games
     outputs.homeManagerModules.user
     outputs.homeManagerModules.binary-cache
-    outputs.homeManagerModules.sops
   ];
   home.stateVersion = "23.11";
   desktop = {

profiles/nixos/pi-installer/configuration.nix

@@ -1,30 +0,0 @@
-{ nixpkgs
-, pkgs
-, outputs
-, vars
-, ...
-}:
-{
-  imports = [
-    #inputs.nixos-hardware.nixosModules.raspberry-pi-4
-    outputs.nixosModules.base
-    outputs.nixosModules.raspberry-pi
-    ./hardware-configuration.nix
-  ];
-
-  networking = {
-    inherit (vars) hostName domain;
-  };
-  security.rtkit.enable = true;
-
-  environment.systemPackages = with pkgs; [
-    libraspberrypi
-    raspberrypi-eeprom
-    nfs-utils
-  ];
-
-  users.users.odie.initialPassword = "odie";
-
-  programs.zsh.enable = true;
-
-}

profiles/nixos/pi-installer/hardware-configuration.nix

@@ -1,83 +0,0 @@
-{ lib, pkgs, ... }: {
-  boot = {
-    loader = {
-      systemd-boot.enable = false;
-    };
-  };
-
-  swapDevices = [{
-    device = "/var/lib/swapfile";
-    size = 4 * 1024;
-  }];
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-label/NIXOS_SD";
-      fsType = "ext4";
-      options = [ "noatime" ];
-    };
-  };
-
-  raspberry-pi-nix = {
-    board = "bcm2711";
-    uboot.enable = true;
-  };
-
-  hardware = {
-    raspberry-pi = {
-      enable = true;
-      config = {
-        pi4 = {
-          options = {
-            arm_boost = {
-              enable = true;
-              value = true;
-            };
-            gpu_mem = {
-              enable = true;
-              value = "256";
-            };
-          };
-          dt-overlays = {
-            vc4-kms-v3d = {
-              enable = true;
-              params = { cma-256 = { enable = true; }; };
-            };
-          };
-        };
-        all = {
-          options = {
-            arm_64bit = {
-              enable = true;
-              value = true;
-            };
-          };
-          base-dt-params = {
-            BOOT_UART = {
-              value = 1;
-              enable = true;
-            };
-            uart_2ndstage = {
-              value = 1;
-              enable = true;
-            };
-          };
-          dt-overlays = {
-            disable-bt = {
-              enable = true;
-              params = { };
-            };
-            vc4-kms-v3d = {
-              enable = true;
-              params = { };
-            };
-          };
-        };
-      };
-    };
-  };
-  system.stateVersion = "25.05";
-
-  nixpkgs.hostPlatform.system = "aarch64-linux";
-  #nixpkgs.buildPlatform.system = "x86_64-linux";
-}

profiles/nixos/wanaheim/configuration.nix

@@ -3,11 +3,10 @@
 }: {
   imports = [
     inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t410
-    inputs.nur.modules.nixos.default
+    inputs.nur.nixosModules.nur
     outputs.nixosModules.base
     outputs.nixosModules.desktop
     outputs.nixosModules.wsl
-    outputs.nixosModules.sops
     ./hardware-configuration.nix
   ];
 

remote-deploy.sh

@@ -5,6 +5,6 @@ set -e
 HOSTNAME=$1
 
 GC_FORCE_UNMAP_ON_GCOLLECT=1 nix build -L ".#nixosConfigurations.${HOSTNAME}.config.system.build.toplevel"
-nix copy --no-check-sigs --to "ssh-ng://root@${HOSTNAME}" "./result"
+#nix copy --no-check-sigs --to "ssh-ng://root@${HOSTNAME}" "./result"
-ssh "root@${HOSTNAME}" nix-env -p /nix/var/nix/profiles/system --set "$(readlink ./result)"
+#ssh "root@${HOSTNAME}" nix-env -p /nix/var/nix/profiles/system --set "$(readlink ./result)"
-ssh "root@${HOSTNAME}" /nix/var/nix/profiles/system/bin/switch-to-configuration switch
+#ssh "root@${HOSTNAME}" /nix/var/nix/profiles/system/bin/switch-to-configuration switch