Apply all pending changes excluding .sops.yaml

2026-05-05 14:20:58 -05:00 · 2026-05-05 14:20:58 -05:00 · 89929ac69a
commit 89929ac69a
parent 7b04942bb2
20 changed files with 439 additions and 167 deletions
--- a/flake.nix
+++ b/flake.nix
@ -39,17 +39,34 @@
    ...
  }: let
    inherit (self) outputs;
-    lib = nixpkgs.lib // home-manager.lib;
+    nixpkgsPkg = import inputs.nixpkgs {
+      system = "x86_64-linux";
+      config = {
+        allowUnfree = true;
+      };
+    };
+    lib = inputs.nixpkgs.lib // home-manager.lib;
+
+    # Helper for consistent specialArgs across all configurations
+    mkSpecialArgs = { }: {
+      inherit inputs outputs;
+    };
+
+    # Helper for nixosSystem configuration
+    mkNixosSystem = { modules, system ? "x86_64-linux" }: lib.nixosSystem {
+      inherit system;
+      specialArgs = mkSpecialArgs { };
+      modules = [ { nixpkgs.config.allowUnfree = true; } ] ++ modules;
+    };
  in {
    inherit lib;
-    nixpkgs.config.allowUnfree = true;
-    config.allowUnfree = true;
-    nixpkgs.config.allowUnfreePredicate = pkg:
-      builtins.elem (lib.getName pkg) ["widevine-cdm"];
+    # Remove redundant allowUnfreePredicate - allowUnfree covers all unfree packages
+    # nixpkgs.config.allowUnfreePredicate = pkg:
+    #   builtins.elem (lib.getName pkg) ["widevine-cdm"];
    colmena = {
      meta = {
-        nixpkgs = import nixpkgs {stdenv.hostPlatform.system = "x86_64-linux";};
-        specialArgs = {inherit inputs outputs;};
+        nixpkgs = nixpkgsPkg;
+        specialArgs = mkSpecialArgs { };
      };
      # ace = import ./hosts/ace/colmena.nix;          # Acer C720
      book = import ./hosts/book/colmena.nix; # Google Pixelbook 2017 w/ nvme.
@ -66,87 +83,32 @@

    nixosConfigurations = {
      # clients
-      ace = lib.nixosSystem {
-        modules = [./hosts/ace];
-        specialArgs = {inherit inputs outputs;};
-      };
-      dragon = lib.nixosSystem {
-        modules = [./hosts/dragon];
-        specialArgs = {inherit inputs outputs;};
-      };
-      book = lib.nixosSystem {
-        modules = [./hosts/book];
-        specialArgs = {inherit inputs outputs;};
-      };
-      loki = lib.nixosSystem {
-        modules = [./hosts/loki];
-        specialArgs = {inherit inputs outputs;};
-      };
-
-      pocket2 = lib.nixosSystem {
-        modules = [./hosts/pocket2];
-        specialArgs = {inherit inputs outputs;};
-      };
-      smaug = lib.nixosSystem {
-        modules = [./hosts/smaug];
-        specialArgs = {inherit inputs outputs;};
-      };
-      t2 = lib.nixosSystem {
-        modules = [./hosts/t2];
-        specialArgs = {inherit inputs outputs;};
-      };
-      pi1 = lib.nixosSystem {
-        modules = [./hosts/pi1];
-        specialArgs = {inherit inputs outputs;};
-      };
+      ace = mkNixosSystem { modules = [./hosts/ace]; };
+      dragon = mkNixosSystem { modules = [./hosts/dragon]; };
+      book = mkNixosSystem { modules = [./hosts/book]; };
+      loki = mkNixosSystem { modules = [./hosts/loki]; };
+      pocket2 = mkNixosSystem { modules = [./hosts/pocket2]; };
+      smaug = mkNixosSystem { modules = [./hosts/smaug]; };
+      t2 = mkNixosSystem { modules = [./hosts/t2]; };
+      pi1 = mkNixosSystem { modules = [./hosts/pi1]; };

      # servers
-      display = lib.nixosSystem {
-        modules = [./hosts/display];
-        specialArgs = {inherit inputs outputs;};
-      };
-      fred = lib.nixosSystem {
-        modules = [./hosts/fred];
-        specialArgs = {inherit inputs outputs;};
-      };
-      vm = lib.nixosSystem {
+      display = mkNixosSystem { modules = [./hosts/display]; };
+      fred = mkNixosSystem { modules = [./hosts/fred]; };
+      vm = mkNixosSystem {
        modules = [
          "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix"
          "${nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix"
          ./hosts/vm
        ];
-        specialArgs = {inherit inputs outputs;};
      };
-      harper2 = lib.nixosSystem {
-        modules = [./hosts/harper2];
-        specialArgs = {inherit inputs outputs;};
-      };
-      harper = lib.nixosSystem {
-        modules = [./hosts/harper];
-        specialArgs = {inherit inputs outputs;};
-      };
-      nuwww = lib.nixosSystem {
-        modules = [./hosts/nuwww];
-        specialArgs = {inherit inputs outputs;};
-      };
-      pihole = lib.nixosSystem {
-        modules = [./hosts/pihole];
-        specialArgs = {inherit inputs outputs;};
-      };
-      www2 = lib.nixosSystem {
-        modules = [./hosts/www2];
-        specialArgs = {inherit inputs outputs;};
-      };
-      w1 = lib.nixosSystem {
-        modules = [./hosts/w1];
-        specialArgs = {inherit inputs outputs;};
-      };
-      # w2 = lib.nixosSystem {
-      #   modules = [./hosts/w2];
-      #   specialArgs = {
-      #     inherit inputs outputs;
-      #   };
-      # };
+      harper2 = mkNixosSystem { modules = [./hosts/harper2]; };
+      harper = mkNixosSystem { modules = [./hosts/harper]; };
+      nuwww = mkNixosSystem { modules = [./hosts/nuwww]; };
+      pihole = mkNixosSystem { modules = [./hosts/pihole]; };
+      www2 = mkNixosSystem { modules = [./hosts/www2]; };
+      w1 = mkNixosSystem { modules = [./hosts/w1]; };
+      # w2 = mkNixosSystem { modules = [./hosts/w2]; };
    };
  };
 }