{ inputs, specialArgs, config, lib, pkgs, realUsers, ... }: { imports = [ inputs.home-manager.nixosModules.home-manager ]; options = { imalison.nixOverlay.enable = lib.mkOption { default = false; type = lib.types.bool; }; }; config = { home-manager.users = lib.genAttrs realUsers (_: {}); home-manager.extraSpecialArgs = { nixos = { inherit specialArgs config; }; }; home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.backupCommand = pkgs.writeShellScript "home-manager-backup-command" '' set -eu target_path="$1" backup_ext="''${HOME_MANAGER_BACKUP_EXT:-hm-backup}" backup_path="''${target_path}.''${backup_ext}" if [[ ! -e "$backup_path" ]]; then mv -- "$target_path" "$backup_path" exit 0 fi timestamp="$(date +%Y%m%d-%H%M%S)" candidate="''${backup_path}.''${timestamp}" counter=0 while [[ -e "$candidate" ]]; do counter=$((counter + 1)) candidate="''${backup_path}.''${timestamp}-''${counter}" done mv -- "$target_path" "$candidate" ''; home-manager.backupFileExtension = "hm-backup"; home-manager.sharedModules = [./home-manager.nix]; nix = rec { extraOptions = '' experimental-features = nix-command flakes ''; registry.nixpkgs.flake = inputs.nixpkgs; settings = { # Allow per-repo flake `nixConfig` (substituters, keys, etc). accept-flake-config = true; keep-outputs = true; keep-derivations = true; substituters = [ "https://cache.nixos.org" "https://cuda-maintainers.cachix.org" "https://ai.cachix.org" "https://cache.nixos-cuda.org" "https://nix-community.cachix.org" "https://numtide.cachix.org" "https://colonelpanic8-dotfiles.cachix.org" "https://codex-cli.cachix.org" "https://claude-code.cachix.org" ]; trusted-substituters = [ "https://cache.nixos.org" "https://cuda-maintainers.cachix.org" "https://ai.cachix.org" "https://cache.nixos-cuda.org" "https://nix-community.cachix.org" "https://numtide.cachix.org" "https://colonelpanic8-dotfiles.cachix.org" "https://codex-cli.cachix.org" "https://claude-code.cachix.org" ]; trusted-public-keys = [ "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E=" "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" "colonelpanic8-dotfiles.cachix.org-1:O6GF3nptpeMFapX29okzO92eSWXR36zqW6ZF2C8P0eQ=" "codex-cli.cachix.org-1:1Br3H1hHoRYG22n//cGKJOk3cQXgYobUel6O8DgSing=" "claude-code.cachix.org-1:YeXf2aNu7UTX8Vwrze0za1WEDS+4DuI2kVeWEE4fsRk=" ]; nix-path = nixPath; }; channel.enable = false; nixPath = [ "nixpkgs=${inputs.nixpkgs.outPath}" ]; }; nixpkgs.overlays = [ # (import ./nvidia-container-toolkit-overlay.nix) (import ./runc-overlay.nix) (import ./emacs-overlay.nix) (import ../nix-shared/overlays) # Use codex and claude-code from dedicated flakes with cachix (final: prev: let system = prev.stdenv.hostPlatform.system; codexDmg = final.fetchurl { url = "https://persistent.oaistatic.com/codex-app-prod/Codex.dmg"; hash = "sha256-hxuafsEAmx1OQvjh8riI7Y4QxvZXemBrjpRHT8Bh034="; }; codexDesktopLibPath = final.lib.makeLibraryPath (with final; [ alsa-lib atk at-spi2-atk at-spi2-core cairo cups dbus expat gdk-pixbuf glib gtk3 libdrm libgbm libglvnd libX11 libxcb libXcomposite libxcursor libXdamage libXext libXfixes libxi libxkbcommon libXrandr libxscrnsaver libxtst mesa nspr nss pango systemd wayland ]); codexDesktopInstaller = final.writeShellApplication { name = "codex-desktop-installer"; runtimeInputs = with final; [ bash curl gcc gnumake nodejs p7zip patchelf python3 unzip ]; text = '' set -euo pipefail root_dir="$(pwd)" workdir="$(mktemp -d)" source_dir="$workdir/source" cleanup() { rm -rf "$workdir" } trap cleanup EXIT mkdir -p "$source_dir" cp -R ${inputs.codex-desktop-linux.outPath}/. "$source_dir" chmod -R u+w "$source_dir" cp ${codexDmg} "$source_dir/Codex.dmg" chmod +x "$source_dir/install.sh" cd "$source_dir" export CODEX_INSTALL_DIR="''${CODEX_INSTALL_DIR:-$root_dir/codex-app}" bash "$source_dir/install.sh" "$source_dir/Codex.dmg" "$@" install_dir="''${CODEX_INSTALL_DIR:-$root_dir/codex-app}" if [ -f "$install_dir/electron" ]; then patchelf --set-interpreter "$(cat ${final.stdenv.cc}/nix-support/dynamic-linker)" \ --set-rpath "$install_dir:${codexDesktopLibPath}" \ "$install_dir/electron" if [ -f "$install_dir/chrome_crashpad_handler" ]; then patchelf --set-interpreter "$(cat ${final.stdenv.cc}/nix-support/dynamic-linker)" \ "$install_dir/chrome_crashpad_handler" || true fi if [ -f "$install_dir/chrome-sandbox" ]; then patchelf --set-interpreter "$(cat ${final.stdenv.cc}/nix-support/dynamic-linker)" \ "$install_dir/chrome-sandbox" || true fi find "$install_dir" -maxdepth 1 -name "*.so*" -type f | while read -r so; do patchelf --set-rpath "${codexDesktopLibPath}" "$so" 2>/dev/null || true done fi ''; }; in { codex = inputs.codex-cli-nix.packages.${system}.default; codex-desktop-installer = codexDesktopInstaller; codex-desktop = final.writeShellApplication { name = "codex-desktop"; runtimeInputs = [ final.codex final.codex-desktop-installer final.coreutils final.python3 ]; text = '' install_root="''${CODEX_DESKTOP_HOME:-''${XDG_DATA_HOME:-$HOME/.local/share}/codex-desktop-linux}" install_dir="''${CODEX_INSTALL_DIR:-$install_root/codex-app}" if [ ! -x "$install_dir/start.sh" ]; then mkdir -p "$install_root" CODEX_INSTALL_DIR="$install_dir" codex-desktop-installer fi export CODEX_CLI_PATH="''${CODEX_CLI_PATH:-$(command -v codex)}" exec "$install_dir/start.sh" "$@" ''; }; claude-code = inputs.claude-code-nix.packages.${prev.stdenv.hostPlatform.system}.default; git-sync-rs = inputs.git-sync-rs.packages.${prev.stdenv.hostPlatform.system}.default; }) ] ++ ( if config.imalison.nixOverlay.enable then [inputs.nix.overlays.default] else [] ); # Allow all the things nixpkgs.config.allowUnfree = true; }; }