1 files changed, 163 insertions, 0 deletions
diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix
new file mode 100644
index 0000000..0898457
--- /dev/null
+++ b/modules/common/common/nix/default.nix
@@ -0,0 +1,163 @@
+{
+  config,
+  inputs,
+  lib,
+  localUsername ? lib.my.username,
+  pkgs,
+  pkgsPR,
+  this,
+  ...
+}:
+with lib; {
+  _module.args = let
+    importNixpkgs = nixpkgs:
+      import nixpkgs {inherit (config.nixpkgs) config localSystem;};
+  in rec {
+    pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure!
+    pkgsMaster = importNixpkgs inputs.nixpkgs-master;
+    pkgsStable = importNixpkgs inputs.nixpkgs-stable;
+    pkgsRev = rev: hash:
+      importNixpkgs (pkgs.fetchFromGitHub {
+        owner = "NixOS";
+        repo = "nixpkgs";
+        inherit rev hash;
+      });
+    pkgsPR = pr: pkgsRev "refs/pull/${toString pr}/head";
+  };
+
+  nix = let
+    filteredInputs = filterAttrs (n: _: n != "self") inputs;
+  in {
+    settings = {
+      # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc
+      experimental-features = concatStringsSep " " [
+        "ca-derivations"
+        "flakes"
+        "nix-command"
+        "recursive-nix"
+      ];
+      keep-derivations =
+        if this.isHeadful
+        then "true"
+        else "false";
+      keep-outputs =
+        if this.isHeadful
+        then "true"
+        else "false";
+      flake-registry = "${inputs.flake-registry}/flake-registry.json";
+      warn-dirty = false;
+    };
+
+    nixPath =
+      mapAttrsToList (n: v: "${n}=${v}") filteredInputs
+      ++ ["nixfiles=${config.my.home}/src/nixfiles"];
+
+    registry =
+      mapAttrs (_: flake: {inherit flake;}) filteredInputs
+      // {nixfiles.flake = inputs.self;};
+
+    settings = {
+      trusted-users = ["root" localUsername];
+
+      substituters = [
+        "https://azahi.cachix.org"
+        "https://cache.iog.io"
+        "https://cachix.cachix.org"
+        "https://nix-community.cachix.org"
+        "https://pre-commit-hooks.cachix.org"
+      ];
+      trusted-public-keys = [
+        "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s="
+        "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
+        "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="
+      ];
+    };
+  };
+
+  nixpkgs.overlays = with inputs; [
+    self.overlays.default
+    (_: super:
+      {
+        nix-bash-completions = super.nix-bash-completions.overrideAttrs (_: _: {
+          postPatch = ''
+            substituteInPlace _nix \
+              --replace 'nix nixos-option' 'nixos-option'
+          '';
+        });
+
+        helm = with super;
+          kubernetes-helm-wrapped.override {
+            plugins = with kubernetes-helmPlugins; [helm-secrets];
+          };
+
+        alejandra = super.alejandra.overrideAttrs (_: _: {
+          patches = [./patches/alejandra-no-ads.patch];
+        });
+
+        logcli = super.grafana-loki.overrideAttrs (_: _: {
+          subPackages = ["cmd/logcli"];
+        });
+
+        inherit (pkgsPR "215704" "sha256-o2F/ZAugljJKlVIAHMTBK6+Lj6BiBwteA5OuaWPKXm0=") dendrite;
+
+        inherit (pkgsPR "216465" "sha256-ik3e+KM27hGkKWTOOUWj1YtiqHTJvl04dx0/X08P1A0=") amdvlk;
+      }
+      // (with super; let
+        np = nodePackages;
+      in {
+        # Normalises package names. This is done purely for aesthetics.
+        css-language-server = np.vscode-css-languageserver-bin;
+        dhall-language-server = dhall-lsp-server;
+        dockerfile-language-server = np.dockerfile-language-server-nodejs;
+        editorconfig = editorconfig-core-c;
+        go-language-server = gopls;
+        html-language-server = np.vscode-html-languageserver-bin;
+        inherit (np) bash-language-server;
+        inherit (np) vim-language-server;
+        inherit (np) yaml-language-server;
+        json-language-server = np.vscode-json-languageserver-bin;
+        k3d = kube3d;
+        kubelogin = kubelogin-oidc;
+        lua-language-server = sumneko-lua-language-server;
+        nix-language-server = rnix-lsp;
+        omnisharp = omnisharp-roslyn;
+        telepresence = telepresence2;
+        tor-browser = tor-browser-bundle-bin;
+      }))
+    emacs-overlay.overlay
+    nur.overlay
+  ];
+
+  environment.systemPackages = with pkgs;
+    optionals this.isHeadful [
+      nix-top
+      nix-tree
+    ];
+
+  hm.home = {
+    packages = with pkgs; [nix-index];
+
+    file.".nix-defexpr/default.nix".text =
+      optionalString this.isHeadful
+      (
+        let
+          hostname = strings.escapeNixIdentifier this.hostname;
+        in ''
+          let
+            self = builtins.getFlake "nixfiles";
+            configurations = self.nixosConfigurations;
+            local = configurations.${hostname};
+          in rec {
+            inherit self;
+            inherit (self) inputs lib;
+            inherit (lib) my;
+            this = my.configurations.${hostname};
+            inherit (local) config;
+            inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
+          } // configurations // local._module.args
+        ''
+      );
+  };
+}