104 lines
3.2 KiB
Nix
104 lines
3.2 KiB
Nix
{
|
|
description = "Dala's unified NixOS configuration";
|
|
inputs = {
|
|
# As we have machine using the unstable channel, and other machines using the stable one,
|
|
# we import both, and we will select for each machine which one to use.
|
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
|
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
|
|
# Home-manager isn't used for anything except my workstations, which all use the unstable channel.
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager";
|
|
inputs.nixpkgs.follows = "nixpkgs-unstable";
|
|
};
|
|
|
|
# For sops-nix, we keep the unstable nixpkgs, as it shouldn't break anything.
|
|
# This input is made to manage secrets on this repository.
|
|
sops-nix = {
|
|
url = "github:Mic92/sops-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs-unstable";
|
|
};
|
|
|
|
# Use Lix instead of Nix
|
|
lix-module-unstable = {
|
|
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz";
|
|
inputs.nixpkgs.follows = "nixpkgs-unstable";
|
|
};
|
|
|
|
lix-module-stable = {
|
|
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz";
|
|
inputs.nixpkgs.follows = "nixpkgs-stable";
|
|
};
|
|
|
|
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.1";
|
|
|
|
extra-config.url = "git+ssh://forgejo@git.dalaran.fr/dala/nixos-config-extra.git";
|
|
};
|
|
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs-unstable,
|
|
nixpkgs-stable,
|
|
home-manager,
|
|
sops-nix,
|
|
flake-utils,
|
|
extra-config,
|
|
lix-module-unstable,
|
|
lix-module-stable,
|
|
lanzaboote,
|
|
}:
|
|
let
|
|
machines = import ./machines.nix;
|
|
in
|
|
{
|
|
nixosConfigurations = builtins.mapAttrs (
|
|
name: value:
|
|
let
|
|
nixpkgs = if value.nixpkgsUnstable then nixpkgs-unstable else nixpkgs-stable;
|
|
lix-module = if value.nixpkgsUnstable then lix-module-unstable else lix-module-stable;
|
|
in
|
|
nixpkgs.lib.nixosSystem {
|
|
system = value.system;
|
|
|
|
specialArgs = {
|
|
machineInfos = {
|
|
hostname = name;
|
|
} // value;
|
|
|
|
sopsHmModule = sops-nix.homeManagerModules.sops;
|
|
|
|
extraInfo = extra-config.extraSecrets;
|
|
};
|
|
|
|
modules = [
|
|
./configurations/${name}
|
|
./modules/common
|
|
(if (value.machineType == "workstation") then ./modules/workstation else ./modules/server)
|
|
(
|
|
if (value.machineType == "workstation" && value.enableHomeManager) then
|
|
home-manager.nixosModules.home-manager
|
|
else
|
|
{ }
|
|
)
|
|
sops-nix.nixosModules.sops
|
|
lix-module.nixosModules.default
|
|
lanzaboote.nixosModules.lanzaboote
|
|
];
|
|
}
|
|
) machines;
|
|
|
|
formatter = builtins.listToAttrs (
|
|
map (system: {
|
|
name = system;
|
|
value = nixpkgs-unstable.legacyPackages.${system}.nixfmt-rfc-style;
|
|
}) flake-utils.lib.defaultSystems
|
|
);
|
|
|
|
hydraJobs = {
|
|
nixos = builtins.mapAttrs (_: cfg: cfg.config.system.build.toplevel) self.nixosConfigurations;
|
|
};
|
|
};
|
|
}
|