refactor(flake): Consolidate overlay configurations into shared functions

Extract duplicated overlay and home-manager configuration code into two reusable factory functions: - mkBaseOverlay: Creates the base overlay with unstable pkgs, custom packages, and bitwarden-desktop compatibility. Accepts optional unstableOverlays parameter for darwin-specific customizations. - mkHomeManagerConfig: Creates home-manager configuration with shared settings (useGlobalPkgs, useUserPackages, doom-emacs module). Accepts sharedModules parameter for platform-specific modules like plasma-manager. This reduces code duplication across nixosModules, nixosModulesUnstable, and darwinModules, making the flake easier to maintain and extend. Implements bead: nixos-configs-ek5
2026-01-10 13:07:37 -08:00
6 changed files with 153 additions and 193 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -56,94 +56,75 @@
  };
  outputs = { self, nixpkgs, nixpkgs-unstable, nixos-wsl, ... } @ inputs: let
    # Shared overlay function to reduce duplication across module sets
    # Parameters:
    #   unstableOverlays: Additional overlays to apply when importing nixpkgs-unstable
    mkBaseOverlay = { unstableOverlays ? [] }: (final: prev: {
      unstable = import nixpkgs-unstable {
        system = prev.stdenv.hostPlatform.system;
        config.allowUnfree = true;
        overlays = unstableOverlays;
      };
      custom = prev.callPackage ./packages {};
      # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
      bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
    });
    # Shared home-manager configuration factory
    # Parameters:
    #   sharedModules: Additional modules to include in home-manager.sharedModules
    mkHomeManagerConfig = { sharedModules ? [] }: {
      home-manager.useGlobalPkgs = true;
      home-manager.useUserPackages = true;
      home-manager.sharedModules = sharedModules ++ [
        inputs.nix-doom-emacs-unstraightened.homeModule
      ];
      home-manager.extraSpecialArgs = {
        globalInputs = inputs;
      };
    };
    nixosModules = [
      ./roles
    ] ++ [
      inputs.home-manager.nixosModules.home-manager
      {
-        nixpkgs.overlays = [
+        nixpkgs.overlays = [ (mkBaseOverlay {}) ];
          (final: prev: {
            unstable = import nixpkgs-unstable {
              system = prev.stdenv.hostPlatform.system;
              config.allowUnfree = true;
            };
            custom = prev.callPackage ./packages {};
            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
          })
        ];
        home-manager.useGlobalPkgs = true;
        home-manager.useUserPackages = true;
        home-manager.sharedModules = [
          inputs.plasma-manager.homeModules.plasma-manager
          inputs.nix-doom-emacs-unstraightened.homeModule
        ];
        home-manager.extraSpecialArgs = {
          globalInputs = inputs;
        };
      }
      (mkHomeManagerConfig {
        sharedModules = [ inputs.plasma-manager.homeModules.plasma-manager ];
      })
    ];
    # Modules for unstable-based systems (like nix-deck)
    nixosModulesUnstable = [
      ./roles
    ] ++ [
      inputs.home-manager-unstable.nixosModules.home-manager
      inputs.jovian.nixosModules.jovian
      {
-        nixpkgs.overlays = [
+        nixpkgs.overlays = [ (mkBaseOverlay {}) ];
          (final: prev: {
            unstable = import nixpkgs-unstable {
              system = prev.stdenv.hostPlatform.system;
              config.allowUnfree = true;
            };
            custom = prev.callPackage ./packages {};
            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
          })
        ];
        home-manager.useGlobalPkgs = true;
        home-manager.useUserPackages = true;
        home-manager.sharedModules = [
          inputs.plasma-manager-unstable.homeModules.plasma-manager
          inputs.nix-doom-emacs-unstraightened.homeModule
        ];
        home-manager.extraSpecialArgs = {
          globalInputs = inputs;
        };
      }
      (mkHomeManagerConfig {
        sharedModules = [ inputs.plasma-manager-unstable.homeModules.plasma-manager ];
      })
    ];
    darwinModules = [
      ./roles/darwin.nix
    ] ++ [
      inputs.home-manager.darwinModules.home-manager
      {
        nixpkgs.overlays = [
-          (final: prev: {
+          (mkBaseOverlay {
-            unstable = import nixpkgs-unstable {
+            # Override claude-code in unstable to use our custom GCS-based build
-              system = prev.stdenv.hostPlatform.system;
+            # (needed for corporate networks that block npm registry)
-              config.allowUnfree = true;
+            unstableOverlays = [
-              overlays = [
+              (ufinal: uprev: {
-                # Override claude-code in unstable to use our custom GCS-based build
+                claude-code = uprev.callPackage ./packages/claude-code {};
-                # (needed for corporate networks that block npm registry)
+              })
-                (ufinal: uprev: {
+            ];
                  claude-code = prev.custom.claude-code or (prev.callPackage ./packages {}).claude-code;
                })
              ];
            };
            custom = prev.callPackage ./packages {};
            # Compatibility: bitwarden renamed to bitwarden-desktop in unstable
            bitwarden-desktop = prev.bitwarden-desktop or prev.bitwarden;
          })
        ];
        home-manager.useGlobalPkgs = true;
        home-manager.useUserPackages = true;
        home-manager.sharedModules = [
          inputs.nix-doom-emacs-unstraightened.homeModule
        ];
        home-manager.extraSpecialArgs = {
          globalInputs = inputs;
        };
      }
      (mkHomeManagerConfig { sharedModules = []; })
    ];
  in {
--- a/home/roles/communication/default.nix
+++ b/home/roles/communication/default.nix
@@ -4,7 +4,6 @@ with lib;
 let
  cfg = config.home.roles.communication;
  isLinux = pkgs.stdenv.isLinux;
 in
 {
  options.home.roles.communication = {
@@ -13,14 +12,14 @@ in
  config = mkIf cfg.enable {
    home.packages = [
-      # For logging back into google chat (cross-platform)
+      # Communication apps
      globalInputs.google-cookie-retrieval.packages.${system}.default
    ] ++ optionals isLinux [
      # Linux-only communication apps (Electron apps don't build on Darwin)
      pkgs.element-desktop
      # Re-enabled in 25.11 after security issues were resolved
      pkgs.fluffychat
      pkgs.nextcloud-talk-desktop
      # For logging back into google chat
      globalInputs.google-cookie-retrieval.packages.${system}.default
    ];
  };
 }
--- a/home/roles/desktop/default.nix
+++ b/home/roles/desktop/default.nix
@@ -4,7 +4,6 @@ with lib;
 let
  cfg = config.home.roles.desktop;
  isLinux = pkgs.stdenv.isLinux;
 in
 {
  options.home.roles.desktop = {
@@ -13,63 +12,61 @@ in
  config = mkIf cfg.enable {
    home.packages = with pkgs; [
-      # Cross-platform desktop applications
+      # Desktop applications
      bitwarden-desktop
      keepassxc
      xdg-utils # XDG utilities for opening files/URLs with default applications
    ] ++ optionals isLinux [
      # Linux-only desktop applications
      dunst
      keepassxc
      unstable.ghostty
-
+      
-      # Linux-only desktop utilities
+      # Desktop utilities
      feh # Image viewer and wallpaper setter for X11
      rofi # Application launcher for X11
      solaar # Logitech management software
      waybar
      wofi # Application launcher for Wayland
-
+      xdg-utils # XDG utilities for opening files/URLs with default applications
-      # Linux-only system utilities with GUI components
+      
      # System utilities with GUI components
      (snapcast.override { pulseaudioSupport = true; })
-
+      
-      # KDE tiling window management (Linux-only)
+      # KDE tiling window management
      kdePackages.krohnkite  # Dynamic tiling extension for KWin 6
-
+      
-      # KDE PIM applications for email, calendar, and contacts (Linux-only)
+      # KDE PIM applications for email, calendar, and contacts
      kdePackages.kmail
      kdePackages.kmail-account-wizard
      kdePackages.kmailtransport
      kdePackages.korganizer
      kdePackages.kaddressbook
      kdePackages.kontact
-
+      
-      # KDE System components needed for proper integration (Linux-only)
+      # KDE System components needed for proper integration
      kdePackages.kded
      kdePackages.systemsettings
      kdePackages.kmenuedit
-
+      
-      # Desktop menu support (Linux-only)
+      # Desktop menu support
      kdePackages.plasma-desktop # Contains applications.menu
-
+      
-      # KDE Online Accounts support (Linux-only)
+      # KDE Online Accounts support
      kdePackages.kaccounts-integration
      kdePackages.kaccounts-providers
      kdePackages.signond
-
+      
-      # KDE Mapping (Linux-only)
+      # KDE Mapping
      kdePackages.marble  # Virtual globe and world atlas
-
+      
-      # KDE Productivity (Linux-only)
+      # KDE Productivity
      kdePackages.kate        # Advanced text editor with syntax highlighting
      kdePackages.okular      # Universal document viewer (PDF, ePub, etc.)
      kdePackages.spectacle   # Screenshot capture utility
      kdePackages.filelight   # Visual disk usage analyzer
-
+      
-      # KDE Multimedia (Linux-only)
+      # KDE Multimedia
      kdePackages.gwenview    # Image viewer and basic editor
      kdePackages.elisa       # Music player
-
+      
-      # KDE System Utilities (Linux-only)
+      # KDE System Utilities  
      kdePackages.ark         # Archive manager (zip, tar, 7z, etc.)
      kdePackages.yakuake     # Drop-down terminal emulator
    ];
@@ -80,66 +77,61 @@ in
    programs.spotify-player.enable = true;
-    # Linux-only: GNOME keyring service
+    services.gnome-keyring = {
    services.gnome-keyring = mkIf isLinux {
      enable = true;
    };
-    # Linux-only: systemd user services for rbw vault unlock
+    # rbw vault unlock on login and resume from suspend
-    systemd.user.services = mkIf isLinux {
+    systemd.user.services.rbw-unlock-on-login = {
-      # rbw vault unlock on login
+      Unit = {
-      rbw-unlock-on-login = {
+        Description = "Unlock rbw vault at login";
-        Unit = {
+        After = [ "graphical-session.target" ];
          Description = "Unlock rbw vault at login";
          After = [ "graphical-session.target" ];
        };
        Service = {
          Type = "oneshot";
          ExecStart = "${pkgs.rbw}/bin/rbw unlock";
          Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
          # KillMode = "process" prevents systemd from killing the rbw-agent daemon
          # when this oneshot service completes. The agent is spawned by rbw unlock
          # and needs to persist after the service exits.
          KillMode = "process";
        };
        Install = {
          WantedBy = [ "graphical-session.target" ];
        };
      };
-
+      Service = {
-      # rbw vault unlock on resume from suspend
+        Type = "oneshot";
-      rbw-unlock-on-resume = {
+        ExecStart = "${pkgs.rbw}/bin/rbw unlock";
-        Unit = {
+        Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
-          Description = "Unlock rbw vault after resume from suspend";
+        # KillMode = "process" prevents systemd from killing the rbw-agent daemon
-          After = [ "suspend.target" ];
+        # when this oneshot service completes. The agent is spawned by rbw unlock
-        };
+        # and needs to persist after the service exits.
-        Service = {
+        KillMode = "process";
-          Type = "oneshot";
+      };
-          ExecStart = "${pkgs.rbw}/bin/rbw unlock";
+      Install = {
-          Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
+        WantedBy = [ "graphical-session.target" ];
          # KillMode = "process" prevents systemd from killing the rbw-agent daemon
          # when this oneshot service completes. The agent is spawned by rbw unlock
          # and needs to persist after the service exits.
          KillMode = "process";
        };
        Install = {
          WantedBy = [ "suspend.target" ];
        };
      };
    };
-    # Linux-only: KDE environment variables for proper integration
+    systemd.user.services.rbw-unlock-on-resume = {
-    home.sessionVariables = mkIf isLinux {
+      Unit = {
        Description = "Unlock rbw vault after resume from suspend";
        After = [ "suspend.target" ];
      };
      Service = {
        Type = "oneshot";
        ExecStart = "${pkgs.rbw}/bin/rbw unlock";
        Environment = "RBW_AGENT=${pkgs.rbw}/bin/rbw-agent";
        # KillMode = "process" prevents systemd from killing the rbw-agent daemon
        # when this oneshot service completes. The agent is spawned by rbw unlock
        # and needs to persist after the service exits.
        KillMode = "process";
      };
      Install = {
        WantedBy = [ "suspend.target" ];
      };
    };
    # KDE environment variables for proper integration
    home.sessionVariables = {
      QT_QPA_PLATFORMTHEME = "kde";
      KDE_SESSION_VERSION = "6";
    };
    xdg = {
      enable = true;
-
+      
      # Ensure desktop files are made available for discovery
      desktopEntries = {};  # This creates the desktop files directory structure
-
+      
      mimeApps = {
        enable = true;
        associations.added = {
@@ -149,14 +141,13 @@ in
          "x-scheme-handler/https" = "firefox.desktop";
        };
        defaultApplications = {
-          # Web browsers (cross-platform)
+          # Web browsers
          "text/html" = "firefox.desktop";
          "x-scheme-handler/http" = "firefox.desktop";
          "x-scheme-handler/https" = "firefox.desktop";
          "x-scheme-handler/about" = "firefox.desktop";
          "x-scheme-handler/unknown" = "firefox.desktop";
-        } // optionalAttrs isLinux {
+          
          # Linux-only: KDE application associations
          # Documents
          "application/pdf" = "okular.desktop";
          "text/plain" = "kate.desktop";
@@ -164,7 +155,7 @@ in
          "text/x-c" = "kate.desktop";
          "text/x-python" = "kate.desktop";
          "application/x-shellscript" = "kate.desktop";
-
+          
          # Images
          "image/png" = "gwenview.desktop";
          "image/jpeg" = "gwenview.desktop";
@@ -173,25 +164,25 @@ in
          "image/bmp" = "gwenview.desktop";
          "image/tiff" = "gwenview.desktop";
          "image/webp" = "gwenview.desktop";
-
+          
          # Archives
          "application/zip" = "ark.desktop";
          "application/x-tar" = "ark.desktop";
          "application/x-compressed-tar" = "ark.desktop";
          "application/x-7z-compressed" = "ark.desktop";
          "application/x-rar" = "ark.desktop";
-
+          
          # Audio
          "audio/mpeg" = "elisa.desktop";
          "audio/mp4" = "elisa.desktop";
          "audio/flac" = "elisa.desktop";
          "audio/ogg" = "elisa.desktop";
          "audio/wav" = "elisa.desktop";
-
+          
          # Email
          "message/rfc822" = "kmail.desktop";
          "x-scheme-handler/mailto" = "kmail.desktop";
-
+          
          # Calendar
          "text/calendar" = "korganizer.desktop";
          "application/x-vnd.akonadi.calendar.event" = "korganizer.desktop";
@@ -199,11 +190,9 @@ in
      };
    };
-    # Linux-only: Fix for KDE applications.menu file issue on Plasma 6
+    # Fix for KDE applications.menu file issue on Plasma 6
    # KDE still looks for applications.menu but Plasma 6 renamed it to plasma-applications.menu
-    xdg.configFile."menus/applications.menu" = mkIf isLinux {
+    xdg.configFile."menus/applications.menu".source = "${pkgs.kdePackages.plasma-workspace}/etc/xdg/menus/plasma-applications.menu";
      source = "${pkgs.kdePackages.plasma-workspace}/etc/xdg/menus/plasma-applications.menu";
    };
    # Note: modules must be imported at top-level home config
  };
--- a/home/roles/email/default.nix
+++ b/home/roles/email/default.nix
@@ -4,7 +4,6 @@ with lib;
 let
  cfg = config.home.roles.email;
  isLinux = pkgs.stdenv.isLinux;
 in
 {
  options.home.roles.email = {
@@ -90,38 +89,34 @@ in
      account default : proton
    '';
-    # Linux-only: Systemd service for mail sync (Darwin uses launchd instead)
+    # Systemd service for mail sync
-    systemd.user.services = mkIf isLinux {
+    systemd.user.services.mbsync = {
-      mbsync = {
+      Unit = {
-        Unit = {
+        Description = "Mailbox synchronization service";
-          Description = "Mailbox synchronization service";
+        After = [ "network-online.target" ];
-          After = [ "network-online.target" ];
+        Wants = [ "network-online.target" ];
-          Wants = [ "network-online.target" ];
+      };
-        };
+      Service = {
-        Service = {
+        Type = "oneshot";
-          Type = "oneshot";
+        ExecStart = "${pkgs.bash}/bin/bash -c 'mkdir -p ~/Mail && ${pkgs.isync}/bin/mbsync -a && (${pkgs.mu}/bin/mu info >/dev/null 2>&1 || ${pkgs.mu}/bin/mu init --maildir ~/Mail --personal-address=john@ogle.fyi) && ${pkgs.mu}/bin/mu index'";
-          ExecStart = "${pkgs.bash}/bin/bash -c 'mkdir -p ~/Mail && ${pkgs.isync}/bin/mbsync -a && (${pkgs.mu}/bin/mu info >/dev/null 2>&1 || ${pkgs.mu}/bin/mu init --maildir ~/Mail --personal-address=john@ogle.fyi) && ${pkgs.mu}/bin/mu index'";
+        Environment = "PATH=${pkgs.rbw}/bin:${pkgs.coreutils}/bin";
-          Environment = "PATH=${pkgs.rbw}/bin:${pkgs.coreutils}/bin";
+        StandardOutput = "journal";
-          StandardOutput = "journal";
+        StandardError = "journal";
          StandardError = "journal";
        };
      };
    };
-    # Linux-only: Systemd timer for automatic sync
+    # Systemd timer for automatic sync
-    systemd.user.timers = mkIf isLinux {
+    systemd.user.timers.mbsync = {
-      mbsync = {
+      Unit = {
-        Unit = {
+        Description = "Mailbox synchronization timer";
-          Description = "Mailbox synchronization timer";
+      };
-        };
+      Timer = {
-        Timer = {
+        OnBootSec = "2min";
-          OnBootSec = "2min";
+        OnUnitActiveSec = "5min";
-          OnUnitActiveSec = "5min";
+        Unit = "mbsync.service";
-          Unit = "mbsync.service";
+      };
-        };
+      Install = {
-        Install = {
+        WantedBy = [ "timers.target" ];
          WantedBy = [ "timers.target" ];
        };
      };
    };
  };
--- a/home/roles/kdeconnect/default.nix
+++ b/home/roles/kdeconnect/default.nix
@@ -4,15 +4,13 @@ with lib;
 let
  cfg = config.home.roles.kdeconnect;
  isLinux = pkgs.stdenv.isLinux;
 in
 {
  options.home.roles.kdeconnect = {
    enable = mkEnableOption "Enable KDE Connect for device integration";
  };
-  # KDE Connect services are Linux-only (requires D-Bus and systemd)
+  config = mkIf cfg.enable {
  config = mkIf (cfg.enable && isLinux) {
    services.kdeconnect = {
      enable = true;
      indicator = true;
--- a/home/roles/sync/default.nix
+++ b/home/roles/sync/default.nix
@@ -4,7 +4,6 @@ with lib;
 let
  cfg = config.home.roles.sync;
  isLinux = pkgs.stdenv.isLinux;
 in
 {
  options.home.roles.sync = {
@@ -12,10 +11,9 @@ in
  };
  config = mkIf cfg.enable {
-    # Linux-only: syncthingtray requires system tray support
+    home.packages = with pkgs; [
    home.packages = optionals isLinux (with pkgs; [
      syncthingtray
-    ]);
+    ];
    services.syncthing = {
      enable = true;