feat: inital public commit

2025-08-15 19:54:31 -04:00
commit 00315a990a
55 changed files with 2527 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -0,0 +1,127 @@
+{
+  description = "Koon OS";
+
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05";
+
+    unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable";
+
+    nixos-apple-silicon.url =
+      "github:nix-community/nixos-apple-silicon?ref=release-2025-05-30";
+
+    home-manager = {
+      url = "github:nix-community/home-manager?ref=release-25.05";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    plasma-manager = {
+      url = "github:nix-community/plasma-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.home-manager.follows = "home-manager";
+    };
+
+    nixvim = {
+      url = "github:nix-community/nixvim?ref=nixos-25.05";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    sops-nix = {
+      url = "github:mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    terranix = {
+      url = "github:terranix/terranix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, unstable, nixos-apple-silicon, home-manager
+    , plasma-manager, nixvim, sops-nix, terranix, ... }: {
+
+      packages.aarch64-linux = 
+      let
+        system = "aarch64-linux";
+
+        pkgs = import unstable {
+          inherit system;
+          config = {
+            allowUnfree = true;
+          };
+        };
+
+        terraform = pkgs.terraform.withPlugins (p: [
+          p.pocketid
+          p.local
+        ]);
+        terraformConfiguration = terranix.lib.terranixConfiguration {
+          inherit system;
+          modules = [ ./infra/config.nix ];
+        };
+      in {
+        deploy = pkgs.writeShellScriptBin "deploy" ''
+          echo Deploying Infrastructure...
+
+          export TF_VAR_pocketid_api_token=$(${pkgs.sops}/bin/sops -d --extract '["pocketid-api-token"]' secrets/secrets.yaml)
+
+          cd infra
+
+          cp ${terraformConfiguration} config.tf.json
+
+          ${terraform}/bin/terraform init
+          ${terraform}/bin/terraform apply
+
+          rm -f config.tf.json
+
+          echo Done
+
+          echo Encrypting secrets
+
+          cd ../secrets
+
+          ${pkgs.sops}/bin/sops -e -i sops/oauth.yaml
+
+          echo Done
+        '';
+      };
+
+      nixosConfigurations = {
+        max = let
+          system = "aarch64-linux";
+          pkgs-unstable = import unstable { inherit system; };
+          secrets = import ./secrets;
+        in nixpkgs.lib.nixosSystem {
+          inherit system;
+          specialArgs = { inherit pkgs-unstable secrets; };
+          modules = [
+            ./host/max/default.nix
+            nixos-apple-silicon.nixosModules.apple-silicon-support
+            sops-nix.nixosModules.sops
+            home-manager.nixosModules.home-manager
+            {
+              home-manager.useGlobalPkgs = true;
+              home-manager.useUserPackages = true;
+              home-manager.extraSpecialArgs = { inherit secrets; };
+              home-manager.users.max = { config, pkgs, lib, ... }: {
+                imports = [
+                  sops-nix.homeManagerModules.sops
+                  nixvim.homeManagerModules.nixvim
+                  plasma-manager.homeManagerModules.plasma-manager
+                  ./host/max/home.nix # Import your home.nix here
+                ];
+              };
+            }
+          ];
+        };
+
+        ark = let system = "x86_64-linux";
+        in unstable.lib.nixosSystem {
+          inherit system;
+          modules = [
+            ./host/ark/default.nix 
+            sops-nix.nixosModules.sops
+          ];
+        };
+      };
+    };
+}