1a7e86e99e
1. Security: Navidrome no longer exposed to network (localhost only) 2. Maintainability: Single username definition in flake.nix:45 3. Organization: Kernel params now in configuration.nix, session vars in desktop.nix 4. Automation: Flathub repository added automatically on activation 5. Cleanup: Removed duplicate programs.dconf.enable
60 lines
1.6 KiB
Nix
60 lines
1.6 KiB
Nix
{
|
|
description = "atlas - NixOS Config for Desktop";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
|
|
|
# Desktop shell
|
|
noctalia = {
|
|
url = "github:noctalia-dev/noctalia-shell";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
# Application launcher
|
|
vicinae = {
|
|
url = "github:vicinaehq/vicinae";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
# Kernel
|
|
nix-cachyos-kernel.url = "github:xddxdd/nix-cachyos-kernel/release";
|
|
|
|
# NOTE: GUI apps (zen-browser, opencode) are now managed via `nix profile`
|
|
# Install with: nix profile install github:youwen5/zen-browser-flake
|
|
# nix profile install github:anomalyco/opencode
|
|
};
|
|
|
|
# Binary caches for faster builds
|
|
nixConfig = {
|
|
extra-substituters = [
|
|
"https://vicinae.cachix.org"
|
|
"https://nix-community.cachix.org"
|
|
"https://attic.xuyh0120.win/lantian"
|
|
];
|
|
extra-trusted-public-keys = [
|
|
"vicinae.cachix.org-1:1kDrfienkGHPYbkpNj1mWTr7Fm1+zcenzgTizIcI3oc="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
"lantian:EeAUQ+W+6r7EtwnmYjeVwx5kOGEBpjlBfPlzGlTNvHc="
|
|
];
|
|
};
|
|
|
|
outputs =
|
|
inputs@{ self, nixpkgs, ... }:
|
|
let
|
|
system = "x86_64-linux";
|
|
username = "pinj"; # Single source of truth for username
|
|
in
|
|
{
|
|
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
specialArgs = {
|
|
inherit inputs username;
|
|
};
|
|
modules = [
|
|
./configuration.nix
|
|
{ nixpkgs.overlays = [ inputs.nix-cachyos-kernel.overlays.pinned ]; }
|
|
];
|
|
};
|
|
};
|
|
}
|