dala/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/flake.nix

153 lines
4.5 KiB
Nix
Raw Blame History

{
description = "Dala's unified NixOS configuration";
inputs = {
# As we have machine using the unstable channel, and other machines using the stable one,
# we import both, and we will select for each machine which one to use.
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
flake-utils.url = "github:numtide/flake-utils";
# Home-manager isn't used for anything except my workstations, which all use the unstable channel.
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
# For sops-nix, we keep the unstable nixpkgs, as it shouldn't break anything.
# This input is made to manage secrets on this repository.
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
# Use Lix instead of Nix
lix-module-unstable = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
lix-module-stable = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.1";
extra-config.url = "git+ssh://forgejo@git.dalaran.fr/dala/nixos-config-extra.git";
};
outputs =
{
self,
nixpkgs-unstable,
nixpkgs-stable,
home-manager,
sops-nix,
flake-utils,
extra-config,
lix-module-unstable,
lix-module-stable,
lanzaboote,
}:
let
machines = import ./machines.nix;
my = import ./modules;
lixModules = {
stable = lix-module-stable;
unstable = lix-module-unstable;
};
nixpkgsVersions = {
stable = nixpkgs-stable;
unstable = nixpkgs-unstable;
};
machinesNodes = builtins.mapAttrs (
name: config:
{ ... }:
{
imports = [
(
if (config.system == "x86_64-linux") then lixModules.${config.nixpkgs}.nixosModules.default else { }
)
./configurations/${name}
(if config.enableHomeManager then home-manager.nixosModules.home-manager else { })
(if (config.system == "x86_64-linux") then lanzaboote.nixosModules.lanzaboote else { })
];
deployment.allowLocalDeployment = config.localDeployment;
networking.hostName = name;
system.stateVersion = config.stateVersion;
}
) machines;
buildOptionnalSpecialArgsForMachine =
config:
{
machineProps = config;
}
// (if config.enableHomeManager then { sopsHmModule = sops-nix.homeManagerModules.sops; } else { });
in
{
colmena = {
meta = {
name = "dala's infrastructure";
# Here we have to set this value because colmena needs it, but it will be overriden on all hosts
# by the nodeNixpkgs attribute
nixpkgs = import nixpkgsVersions.stable { system = "x86_64-linux"; };
nodeNixpkgs = builtins.mapAttrs (
name: config: import nixpkgsVersions.${config.nixpkgs} { system = config.system; }
) machines;
nodeSpecialArgs = builtins.mapAttrs (
name: config:
{ extraInfo = extra-config.extraSecrets; } // (buildOptionnalSpecialArgsForMachine config)
) machines;
};
defaults =
{ ... }:
{
imports = [
sops-nix.nixosModules.sops
my.modules
];
};
} // machinesNodes;
formatter = builtins.listToAttrs (
map (
system:
let
pkgs = import nixpkgsVersions.unstable { inherit system; };
in
{
name = system;
value = pkgs.nixfmt-rfc-style;
}
) flake-utils.lib.defaultSystems
);
devShells = builtins.listToAttrs (
map (
system:
let
pkgs = import nixpkgsVersions.unstable { inherit system; };
in
{
name = system;
value.default = pkgs.mkShell {
name = "Nix development environment";
packages = with pkgs; [
colmena
nixfmt-rfc-style
nil
];
};
}
) flake-utils.lib.defaultSystems
);
};
}
Reference in a new issue View git blame Copy permalink