nixos-config/flake.nix

149 lines
4.3 KiB
Nix
Raw Normal View History

{
description = "Dala's unified NixOS configuration";
inputs = {
# As we have machine using the unstable channel, and other machines using the stable one,
# we import both, and we will select for each machine which one to use.
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
2024-06-04 20:47:23 +02:00
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
flake-utils.url = "github:numtide/flake-utils";
# Home-manager isn't used for anything except my workstations, which all use the unstable channel.
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
# For sops-nix, we keep the unstable nixpkgs, as it shouldn't break anything.
# This input is made to manage secrets on this repository.
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
2023-11-19 17:00:09 +01:00
2024-07-15 10:13:33 +02:00
# Use Lix instead of Nix
2024-10-10 20:16:42 +02:00
lix.url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz";
2024-07-15 10:13:33 +02:00
2024-07-28 11:15:10 +02:00
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.1";
2024-09-28 22:11:30 +02:00
dalaran-fr.url = "https://git.dalaran.fr/dala/dalaran.fr/archive/main.tar.gz";
2024-07-27 16:10:56 +02:00
extra-config.url = "git+ssh://forgejo@git.dalaran.fr/dala/nixos-config-extra.git";
};
2024-04-11 20:15:47 +02:00
outputs =
{
self,
nixpkgs-unstable,
nixpkgs-stable,
home-manager,
sops-nix,
flake-utils,
extra-config,
2024-10-10 20:16:42 +02:00
lix,
2024-07-28 11:15:10 +02:00
lanzaboote,
2024-09-28 22:11:30 +02:00
dalaran-fr,
2024-04-11 20:15:47 +02:00
}:
let
machines = import ./machines.nix;
2024-08-01 21:40:51 +02:00
my = import ./modules;
2024-10-10 20:16:42 +02:00
lixModule = lix.nixosModules.lixFromNixpkgs;
nixpkgsVersions = {
stable = nixpkgs-stable;
unstable = nixpkgs-unstable;
};
machinesNodes = builtins.mapAttrs (
name: config:
{ ... }:
{
imports = [
2024-10-10 20:16:42 +02:00
lixModule
2024-04-11 20:15:47 +02:00
./configurations/${name}
2024-08-01 21:40:51 +02:00
(if config.enableHomeManager then home-manager.nixosModules.home-manager else { })
(if (config.system == "x86_64-linux") then lanzaboote.nixosModules.lanzaboote else { })
2024-04-11 20:15:47 +02:00
];
deployment.allowLocalDeployment = config.localDeployment;
networking.hostName = name;
system.stateVersion = config.stateVersion;
2024-04-11 20:15:47 +02:00
}
) machines;
buildOptionnalSpecialArgsForMachine =
config:
{
machineProps = config;
}
// (if config.enableHomeManager then { sopsHmModule = sops-nix.homeManagerModules.sops; } else { });
in
{
colmena = {
meta = {
name = "dala's infrastructure";
# Here we have to set this value because colmena needs it, but it will be overriden on all hosts
# by the nodeNixpkgs attribute
nixpkgs = import nixpkgsVersions.stable { system = "x86_64-linux"; };
nodeNixpkgs = builtins.mapAttrs (
2024-09-28 22:11:30 +02:00
name: config:
import nixpkgsVersions.${config.nixpkgs} {
system = config.system;
overlays = [
dalaran-fr.overlays.default
];
}
) machines;
nodeSpecialArgs = builtins.mapAttrs (
name: config:
{ extraInfo = extra-config.extraSecrets; } // (buildOptionnalSpecialArgsForMachine config)
) machines;
};
defaults =
{ ... }:
{
2024-08-01 21:40:51 +02:00
imports = [
sops-nix.nixosModules.sops
my.modules
];
};
} // machinesNodes;
2024-04-11 20:15:47 +02:00
formatter = builtins.listToAttrs (
2024-08-01 21:56:09 +02:00
map (
system:
let
pkgs = import nixpkgsVersions.unstable { inherit system; };
in
{
name = system;
value = pkgs.nixfmt-rfc-style;
}
) flake-utils.lib.defaultSystems
);
devShells = builtins.listToAttrs (
map (
system:
let
pkgs = import nixpkgsVersions.unstable { inherit system; };
in
{
name = system;
value.default = pkgs.mkShell {
name = "Nix development environment";
packages = with pkgs; [
colmena
nixfmt-rfc-style
nil
2024-08-31 00:06:00 +02:00
sops
2024-08-01 21:56:09 +02:00
];
};
}
) flake-utils.lib.defaultSystems
2024-04-11 20:15:47 +02:00
);
};
}