feat: rework to modular
This commit is contained in:
eric
141
README.md
141
README.md
@@ -1,35 +1,132 @@
|
||||
# nix-nodeiwest
|
||||
|
||||
Employee and workstation flake for NodeiWest.
|
||||
Composable company Nix for NodeiWest workstations and project shells.
|
||||
|
||||
Server deployment moved to the sibling repo `../nix-deployment`.
|
||||
This repo is now structured as a shared SDK:
|
||||
|
||||
This repo now owns:
|
||||
- `modules/` holds focused Home Manager building blocks
|
||||
- `profiles/` bundles those modules into opinionated employee entrypoints
|
||||
- `shells/` exposes reusable flake dev shells for project repos
|
||||
- `systems/` adapts the shared modules into Darwin or standalone Linux Home Manager configs
|
||||
- `lib/` holds the small helpers that keep composition consistent
|
||||
- `templates/` bootstraps downstream user flakes
|
||||
|
||||
- shared Home Manager modules
|
||||
- employee shell packages and environment variables
|
||||
- workstation-side access to the `nodeiwest` helper by consuming it from `../nix-deployment`
|
||||
It does not define users or machines directly. Downstream flakes decide who uses which profile.
|
||||
|
||||
This repo no longer owns:
|
||||
## Layout
|
||||
|
||||
- NixOS server host definitions
|
||||
- Colmena deployment state
|
||||
- Tailscale server bootstrap
|
||||
- k3s bootstrap
|
||||
- OpenBao server or Kubernetes infra manifests
|
||||
|
||||
## Helper Consumption
|
||||
|
||||
The helper package is re-exported from the deployment repo:
|
||||
|
||||
```bash
|
||||
nix run .#nodeiwest-helper -- --help
|
||||
```text
|
||||
.
|
||||
├── flake.nix
|
||||
├── lib/
|
||||
├── modules/
|
||||
│ ├── base/
|
||||
│ ├── dev/
|
||||
│ ├── optional/
|
||||
│ ├── roles/
|
||||
│ ├── secrets/
|
||||
│ └── services/
|
||||
├── profiles/
|
||||
├── shells/
|
||||
├── systems/
|
||||
└── templates/
|
||||
```
|
||||
|
||||
If you import `modules/helpers/home.nix` directly, pass the deployment flake as a special arg:
|
||||
## Flake Interface
|
||||
|
||||
Primary outputs:
|
||||
|
||||
- `homeManagerModules.base.*`: low-level base modules
|
||||
- `homeManagerModules.dev.*`: language and workflow modules
|
||||
- `homeManagerModules.roles.*`: reusable role bundles
|
||||
- `homeManagerModules.profiles.*`: ready-made employee profiles
|
||||
- `homeManagerModules.default`: compatibility shim for the old default home module
|
||||
- `lib.mkSystem`: chooses the Darwin or Linux adapter for a downstream flake
|
||||
- `lib.shells.*`: shell factories for repo-local dev environments
|
||||
- `devShells.<system>.*`: ready-to-use company shells
|
||||
- `templates.user-flake`: starter personal flake
|
||||
|
||||
## Workstation Consumption
|
||||
|
||||
Downstream user flakes own the actual machine definitions. They consume profiles from this repo:
|
||||
|
||||
```nix
|
||||
extraSpecialArgs = {
|
||||
deployment = inputs.deployment;
|
||||
{
|
||||
inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";
|
||||
|
||||
outputs = { company, ... }: {
|
||||
darwinConfigurations.eric = company.lib.mkSystem {
|
||||
target = "darwin";
|
||||
system = "aarch64-darwin";
|
||||
username = "eric";
|
||||
homeDirectory = "/Users/eric";
|
||||
modules = [
|
||||
company.homeManagerModules.profiles.frontend
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
For Linux Home Manager:
|
||||
|
||||
```nix
|
||||
{
|
||||
inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";
|
||||
|
||||
outputs = { company, ... }: {
|
||||
homeConfigurations."eric@work" = company.lib.mkSystem {
|
||||
target = "linux";
|
||||
system = "x86_64-linux";
|
||||
username = "eric";
|
||||
homeDirectory = "/home/eric";
|
||||
modules = [
|
||||
company.homeManagerModules.profiles.backend
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
## Project Shell Consumption
|
||||
|
||||
Project repos should keep their own flake and compose shells from this repo instead of outsourcing project ownership here.
|
||||
|
||||
Use the ready-made shell directly:
|
||||
|
||||
```nix
|
||||
{
|
||||
inputs.company.url = "git+ssh://git@git.dgren.dev/employees/company-nix.git";
|
||||
|
||||
outputs = { nixpkgs, company, ... }:
|
||||
let
|
||||
system = "x86_64-linux";
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
in
|
||||
{
|
||||
devShells.${system}.default = company.lib.shells.node {
|
||||
inherit pkgs;
|
||||
extraPackages = [ pkgs.ffmpeg ];
|
||||
};
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
Or extend the published company shell in place:
|
||||
|
||||
```nix
|
||||
devShells.${system}.default = pkgs.mkShell {
|
||||
inputsFrom = [ company.devShells.${system}.node ];
|
||||
packages = [ pkgs.ffmpeg ];
|
||||
};
|
||||
```
|
||||
|
||||
## Template
|
||||
|
||||
Bootstrap a personal flake with:
|
||||
|
||||
```bash
|
||||
nix flake init -t .#user-flake
|
||||
```
|
||||
|
||||
That template is intentionally small. Add machine-specific modules in the personal repo, not here.
|
||||
|
||||
Reference in New Issue
Block a user