Convention-over-configuration layout (#62)

.envrc

@@ -1 +1,4 @@
-use flake
+watch_file \
+  flake-parts/devshell.nix \
+  flake-module.nix
+use flake

.gitignore

@@ -1,3 +1,2 @@
-result
-.direnv
-*.qcow2
+/result
+/.direnv

README.md

@@ -25,16 +25,16 @@ To use this repository as base configuration for your new machine running:
   - X1 Carbon: https://srid.ca/x1c7-install
   - Windows (via WSL): https://github.com/nix-community/NixOS-WSL
 - Clone this repo anywhere
-- Edit `flake.nix` to use your system hostname as a key of the `nixosConfigurations` set
-- Edit `users/config.nix` to contain your users
+- Rename `./modules/nixos/??.nix` to match your current system hostname
+- Edit `config.nix` to set your primary user information
 - Run `nix run`. That's it. Re-open your terminal.
 
 ### macOS
 
 - [Install Nix](https://nixos.asia/en/install)
 - Clone this repo anywhere
-- Edit `flake.nix` to use your system hostname as a key of the `darwinConfigurations` set
-- Edit `users/config.nix` to contain your users
+- Rename `./modules/darwin/??.nix` to match your current system hostname
+- Edit `config.nix` to set your primary user information
 - Run `nix run`.[^cleanup] That's it. Re-open your terminal.
 
 [^cleanup]: You might have to `rm -rf /etc/nix/nix.conf`, so our flake.nix can do its thing.
@@ -45,11 +45,14 @@ Start from `flake.nix` (see [Flakes](https://nixos.wiki/wiki/Flakes)). [`flake-p
 
 ### Directory layout
 
-- `home`: home-manager config (shared between Linux and macOS)
-- `nixos`: nixos modules for Linux
-- `nix-darwin`: nix-darwin modules for macOS
-- `users`: user information
-- `systems`: top-level configuration.nix('ish) for various systems
+>[!TIP]
+> See `flake-module.nix` for autowiring of flake outputs based on this directory structure.
+
+- `configurations`: top-level `flake.{}Configurations` for various systems (`nixos`, `darwin`, `home`)
+- `modules`: top-level `flake.{}Modiules` for various systems (`nixos`, `darwin`, `home`, `flake-parts`)
+- `overlays`: Overlays
+- `packages`: Packages
+- `secrets`: agenix secrets configuration
 
 ## Tips
 

config.nix

@@ -0,0 +1,12 @@
+# Configuration for this repo
+# See ./modules/flake-parts/config.nix for module options.
+{
+  me = {
+    username = "srid";
+    fullname = "Sridhar Ratnakumar";
+    email = "srid@srid.ca";
+    # Legacy
+    # "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYQ003p7fB5ICQehLwhDBomY9WzkNBeijkSw9ADGU+ECrPakeIH3pntUWRJH1W93vKnLqpkn6HLGEXD9MCR0s98uhh8hT7uAYCxQTbEeKT3PYkfz3oe7XaR8rE601sds0ZyFwH7l8cvK97pGr+uhFXAaohiV6VqmLVXhManEjZZ8GfYWBD9BCmIJk43G3OGa5QYFeHqztprXaJNU5dFPv2Uq2C+L6EvfCfkK2OO1BLZgL+Rai5jjyy6k0fcfsxxd9BdGUwqDhcBeyTIzX9rePMugf/xD+6uNRxTU+vjVpGUtFOw6rpgmVyFv9mn3QMNdQBc5hYKVbIQwMNGTzGgcQv srid@nixos"
+    sshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHQRxPoqlThDrkR58pKnJgmeWPY9/wleReRbZ2MOZRyd";
+  };
+}

configurations/darwin/appreciate.nix

@@ -1,3 +1,4 @@
+# Configuration for my M1 Macbook Max (using nix-darwin)
 { flake, ... }:
 
 let
@@ -7,8 +8,7 @@ in
 {
   imports = [
     self.darwinModules.default
-    "${self}/nix-darwin/zsh-completion-fix.nix"
-    "${self}/nixos/github-runner.nix"
+    "${self}/modules/nixos/shared/github-runner.nix"
   ];
 
   nixpkgs.hostPlatform = "aarch64-darwin";
@@ -17,9 +17,8 @@ in
   security.pam.enableSudoTouchIdAuth = true;
 
   # For home-manager to work.
-  users.users.${flake.config.people.myself} = {
-    name = flake.config.people.myself;
-    home = "/Users/${flake.config.people.myself}";
+  users.users.${flake.config.me.username} = {
+    home = "/Users/${flake.config.me.username}";
   };
 
   system.keyboard = {

configurations/home/srid@ubuntu.nix

@@ -0,0 +1,13 @@
+# My Ubuntu VM
+{ flake, ... }:
+let
+  inherit (flake.inputs) self;
+in
+{
+  imports = [
+    self.homeModules.default
+    self.homeModules.linux-only
+  ];
+  home.username = "srid";
+  home.homeDirectory = "/home/srid";
+}

configurations/nixos/immediacy.nix

@@ -1,3 +1,4 @@
+# Hetzner dedicated: AX41-NVMe
 { flake, ... }:
 
 let
@@ -8,14 +9,12 @@ in
   imports = [
     inputs.disko.nixosModules.disko
     self.nixosModules.default
-    "${self}/nixos/disko/trivial.nix"
-    "${self}/nixos/nix.nix"
-    "${self}/nixos/self/primary-as-admin.nix"
-    "${self}/nixos/docker.nix"
-    "${self}/nixos/actualism-app.nix"
-    "${self}/nixos/hedgedoc.nix"
-    "${self}/nixos/github-runner.nix"
-    "${self}/nixos/server/harden/basics.nix"
+    "${self}/modules/nixos/linux/disko/trivial.nix"
+    "${self}/modules/nixos/linux/docker.nix"
+    "${self}/modules/nixos/linux/actualism-app.nix"
+    "${self}/modules/nixos/linux/hedgedoc.nix"
+    "${self}/modules/nixos/linux/server/harden/basics.nix"
+    "${self}/modules/nixos/shared/github-runner.nix"
   ];
 
   nixos-flake.sshTarget = "srid@immediacy";

flake-module.nix

@@ -0,0 +1,52 @@
+# An opinionated module that creates flake outputs based on a known directory structure.
+#
+# cf. Convention over configuration
+#
+# TODO: Upstream this in some fashion. To srid/nixos-flake?
+# cf. https://github.com/juspay/nix-dev-home/issues/86
+{ inputs, self, ... }:
+let
+  inherit (inputs.nixpkgs) lib;
+  forAllNixFiles = dir: f:
+    lib.pipe dir [
+      builtins.readDir
+      (lib.filterAttrs (_: type: type == "regular"))
+      (lib.mapAttrs' (fn: _:
+        let name = lib.removeSuffix ".nix" fn; in
+        lib.nameValuePair name (f "${dir}/${fn}")
+      ))
+    ];
+in
+{
+  flake = {
+    darwinConfigurations =
+      forAllNixFiles "${self}/configurations/darwin"
+        (fn: self.nixos-flake.lib.mkMacosSystem { home-manager = true; } fn);
+
+    nixosConfigurations =
+      forAllNixFiles "${self}/configurations/nixos"
+        (fn: self.nixos-flake.lib.mkLinuxSystem { home-manager = true; } fn);
+
+    darwinModules =
+      forAllNixFiles "${self}/modules/darwin"
+        (fn: fn);
+
+    nixosModules =
+      forAllNixFiles "${self}/modules/nixos"
+        (fn: fn);
+
+    homeModules =
+      forAllNixFiles "${self}/modules/home"
+        (fn: fn);
+
+    overlays =
+      forAllNixFiles "${self}/overlays"
+        (fn: import fn self.nixos-flake.lib.specialArgsFor.common);
+  };
+
+  perSystem = { pkgs, ... }: {
+    legacyPackages.homeConfigurations =
+      forAllNixFiles "${self}/configurations/home"
+        (fn: self.nixos-flake.lib.mkHomeConfiguration pkgs fn);
+  };
+}

flake.nix

@@ -36,81 +36,21 @@
   outputs = inputs@{ self, ... }:
     inputs.flake-parts.lib.mkFlake { inherit inputs; } {
       systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ];
-      imports = [
-        inputs.treefmt-nix.flakeModule
-        inputs.nixos-flake.flakeModule
-        inputs.nixos-flake.flakeModule
-        ./users
-        ./home
-        ./nixos
-        ./nix-darwin
+      imports = (with builtins;
+        map
+          (fn: ./modules/flake-parts/${fn})
+          (attrNames (readDir ./modules/flake-parts))) ++
+      [
+        ./flake-module.nix
       ];
 
-
-      flake = {
-        # Configuration for my M1 Macbook Max (using nix-darwin)
-        darwinConfigurations.appreciate =
-          self.nixos-flake.lib.mkMacosSystem
-            { home-manager = true; }
-            ./systems/darwin.nix;
-
-        # Hetzner dedicated
-        nixosConfigurations.immediacy =
-          self.nixos-flake.lib.mkLinuxSystem
-            { home-manager = true; }
-            ./systems/ax41.nix;
-      };
-
-      perSystem = { self', inputs', pkgs, system, config, ... }: {
-        # My Ubuntu VM
-        legacyPackages.homeConfigurations."srid@ubuntu" =
-          self.nixos-flake.lib.mkHomeConfiguration pkgs {
-            imports = [
-              self.homeModules.common-linux
-            ];
-            home.username = "srid";
-            home.homeDirectory = "/home/srid";
-          };
-
-        # Flake inputs we want to update periodically
-        # Run: `nix run .#update`.
-        nixos-flake = {
-          primary-inputs = [
-            "nixpkgs"
-            "home-manager"
-            "nix-darwin"
-            "nixos-flake"
-            "nix-index-database"
-            "nixvim"
-            "omnix"
-          ];
-        };
-
-        treefmt.config = {
-          projectRootFile = "flake.nix";
-          programs.nixpkgs-fmt.enable = true;
-        };
-
-        packages.default = self'.packages.activate;
-
-        devShells.default = pkgs.mkShell {
-          name = "nixos-config-shell";
-          meta.description = "Dev environment for nixos-config";
-          inputsFrom = [ config.treefmt.build.devShell ];
-          packages = with pkgs; [
-            just
-            colmena
-            nixd
-            inputs'.ragenix.packages.default
-          ];
-        };
+      perSystem = { self', pkgs, lib, system, ... }: {
         # Make our overlay available to the devShell
+        # "Flake parts does not yet come with an endorsed module that initializes the pkgs argument.""
+        # So we must do this manually; https://flake.parts/overlays#consuming-an-overlay
         _module.args.pkgs = import inputs.nixpkgs {
           inherit system;
-          overlays = [
-            inputs.nuenv.overlays.default
-            (import ./packages/overlay.nix { inherit system; flake = { inherit inputs; }; })
-          ];
+          overlays = lib.attrValues self.overlays;
         };
       };
     };

home/default.nix

@@ -1,45 +0,0 @@
-{ self, inputs, ... }:
-{
-  flake = {
-    homeModules = {
-      common = {
-        home.stateVersion = "22.11";
-        imports = [
-          inputs.nixvim.homeManagerModules.nixvim
-          inputs.nix-index-database.hmModules.nix-index
-          ./tmux.nix
-          ./neovim.nix
-          # ./helix.nix
-          ./ssh.nix
-          ./starship.nix
-          ./terminal.nix
-          ./nix.nix
-          ./git.nix
-          ./direnv.nix
-          ./zellij.nix
-          # ./nushell.nix
-          ./just.nix
-          # ./powershell.nix
-          ./juspay.nix
-        ];
-      };
-      common-linux = {
-        imports = [
-          self.homeModules.common
-          ./bash.nix
-          ./vscode-server.nix
-        ];
-      };
-      common-darwin = {
-        imports = [
-          self.homeModules.common
-          ./zsh.nix
-          # ./bash.nix
-          ./wezterm
-          ./himalaya.nix
-          ./_1password.nix
-        ];
-      };
-    };
-  };
-}

modules/darwin/default.nix

@@ -0,0 +1,20 @@
+# Configuration common to all macOS systems
+{ flake, ... }:
+let
+  inherit (flake) config inputs;
+  inherit (inputs) self;
+in
+{
+  imports = [
+    {
+      home-manager.users.${config.me.username} = { };
+      home-manager.sharedModules = [
+        self.homeModules.default
+        self.homeModules.darwin-only
+      ];
+    }
+    self.nixosModules.common
+    inputs.ragenix.darwinModules.default
+    ./all/zsh-completion-fix.nix
+  ];
+}

modules/flake-parts/config.nix

@@ -0,0 +1,35 @@
+# Top-level configuration for everything in this repo.
+#
+# Values are set in 'config.nix' in repo root.
+{ lib, ... }:
+let
+  userSubmodule = lib.types.submodule {
+    options = {
+      username = lib.mkOption {
+        type = lib.types.str;
+      };
+      fullname = lib.mkOption {
+        type = lib.types.str;
+      };
+      email = lib.mkOption {
+        type = lib.types.str;
+      };
+      sshKey = lib.mkOption {
+        type = lib.types.str;
+        description = ''
+          SSH public key
+        '';
+      };
+    };
+  };
+in
+{
+  imports = [
+    ../../config.nix
+  ];
+  options = {
+    me = lib.mkOption {
+      type = userSubmodule;
+    };
+  };
+}

modules/flake-parts/devshell.nix

@@ -0,0 +1,24 @@
+{ inputs, ... }:
+{
+  imports = [
+    inputs.treefmt-nix.flakeModule
+  ];
+  perSystem = { inputs', config, pkgs, ... }: {
+    devShells.default = pkgs.mkShell {
+      name = "nixos-config-shell";
+      meta.description = "Dev environment for nixos-config";
+      inputsFrom = [ config.treefmt.build.devShell ];
+      packages = with pkgs; [
+        just
+        colmena
+        nixd
+        inputs'.ragenix.packages.default
+      ];
+    };
+
+    treefmt.config = {
+      projectRootFile = "flake.nix";
+      programs.nixpkgs-fmt.enable = true;
+    };
+  };
+}

modules/flake-parts/nixos-flake.nix

@@ -0,0 +1,23 @@
+{ inputs, ... }:
+{
+  imports = [
+    inputs.nixos-flake.flakeModule
+  ];
+  perSystem = { self', ... }: {
+    packages.default = self'.packages.activate;
+
+    # Flake inputs we want to update periodically
+    # Run: `nix run .#update`.
+    nixos-flake = {
+      primary-inputs = [
+        "nixpkgs"
+        "home-manager"
+        "nix-darwin"
+        "nixos-flake"
+        "nix-index-database"
+        "nixvim"
+        "omnix"
+      ];
+    };
+  };
+}

modules/home/all/_1password.nix

@@ -1,7 +1,4 @@
-{ flake, config, pkgs, lib, ... }:
-let
-  userConfig = flake.config.people.users.${config.home.username};
-in
+{ flake, pkgs, lib, ... }:
 {
   home.packages = with pkgs; [
     _1password
@@ -25,13 +22,13 @@ in
   };
 
   # https://developer.1password.com/docs/ssh/git-commit-signing/
-  # 
+  #
   # For this to work on GitHub, you must have added the SSH pub key as a signing key, see
   # https://1password.community/discussion/comment/667515/#Comment_667515
   programs.git.includes = [{
     condition = "gitdir:~/code/**"; # Personal repos only
     contents = {
-      user.signingKey = userConfig.sshKey;
+      user.signingKey = flake.config.me.sshKey;
       gpg.format = "ssh";
       gpg.ssh.program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign";
       commit.gpgsign = true;

modules/home/all/git.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, flake, ... }:
+{ pkgs, flake, ... }:
 {
   home.packages = with pkgs; [
     git-filter-repo
@@ -7,8 +7,8 @@
   programs.git = {
     package = pkgs.gitAndTools.gitFull;
     enable = true;
-    userName = flake.config.people.users.${config.home.username}.name;
-    userEmail = flake.config.people.users.${config.home.username}.email;
+    userName = flake.config.me.fullname;
+    userEmail = flake.config.me.email;
     aliases = {
       co = "checkout";
       ci = "commit";

modules/home/all/neovim.nix

@@ -1,6 +1,12 @@
-{ pkgs, ... }:
+{ flake, ... }:
 
+let
+  inherit (flake) inputs;
+in
 {
+  imports = [
+    inputs.nixvim.homeManagerModules.nixvim
+  ];
   programs.nixvim = {
     enable = true;
 

modules/home/all/terminal.nix

@@ -1,7 +1,13 @@
-{ pkgs, ... }:
-
 # Platform-independent terminal setup
+{ flake, pkgs, ... }:
+
+let
+  inherit (flake) inputs;
+in
 {
+  imports = [
+    inputs.nix-index-database.hmModules.nix-index
+  ];
   home.packages = with pkgs; [
     # Unixy tools
     ripgrep

modules/home/darwin-only.nix

@@ -0,0 +1,8 @@
+{
+  imports = [
+    ./all/zsh.nix
+    ./all/wezterm
+    ./all/himalaya.nix
+    ./all/_1password.nix
+  ];
+}

modules/home/default.nix

@@ -0,0 +1,19 @@
+{
+  home.stateVersion = "22.11";
+  imports = [
+    ./all/tmux.nix
+    ./all/neovim.nix
+    # ./helix.nix
+    ./all/ssh.nix
+    ./all/starship.nix
+    ./all/terminal.nix
+    ./all/nix.nix
+    ./all/git.nix
+    ./all/direnv.nix
+    ./all/zellij.nix
+    # ./nushell.nix
+    ./all/just.nix
+    # ./powershell.nix
+    ./all/juspay.nix
+  ];
+}

modules/home/linux-only.nix

@@ -0,0 +1,6 @@
+{
+  imports = [
+    ./all/bash.nix
+    ./all/vscode-server.nix
+  ];
+}

modules/nixos/common.nix

@@ -0,0 +1,8 @@
+# Common to Linux & darwin
+{
+  imports = [
+    ./shared/nix.nix
+    ./shared/primary-as-admin.nix
+    ./shared/caches.nix
+  ];
+}

modules/nixos/default.nix

@@ -0,0 +1,23 @@
+# Configuration common to all Linux systems
+{ flake, ... }:
+
+let
+  inherit (flake) config inputs;
+  inherit (inputs) self;
+in
+{
+  imports = [
+    {
+      users.users.${config.me.username}.isNormalUser = true;
+      home-manager.users.${config.me.username} = { };
+      home-manager.sharedModules = [
+        self.homeModules.default
+        self.homeModules.linux-only
+      ];
+    }
+    self.nixosModules.common
+    inputs.ragenix.nixosModules.default # Used in github-runner.nix & hedgedoc.nix
+    ./linux/self-ide.nix
+    ./linux/current-location.nix
+  ];
+}

modules/nixos/linux/docker.nix

@@ -1,7 +1,7 @@
 { flake, ... }: {
   virtualisation.docker.enable = true;
 
-  users.users.${flake.config.people.myself} = {
+  users.users.${flake.config.me.username} = {
     extraGroups = [ "docker" ];
   };
 }

modules/nixos/linux/gui/desktopish/monitor-brightness.nix

@@ -15,7 +15,7 @@
 
   security.sudo.extraRules = [
     {
-      users = [ flake.config.people.myself ];
+      users = [ flake.config.me.username ];
       commands = [
         {
           command = "${pkgs.ddcutil}/bin/ddcutil";
@@ -25,7 +25,7 @@
     }
   ];
 
-  users.users.${flake.config.people.myself} = {
+  users.users.${flake.config.me.username} = {
     extraGroups = [ "i2c" ];
   };