ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
nix-dotfiles/flake.nix
Dennis 66be96ebff add desktopians (#43)
2024-01-27 16:05:35 +01:00

210 lines
6.1 KiB
Nix
Raw Blame History

{
description = "NixOS configuration for RAD-Development Servers";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
flake-utils = {
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
systems = {
url = "github:nix-systems/default";
};
nixos-modules = {
url = "github:SuperSandro2000/nixos-modules";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs = {
nixpkgs.follows = "nixpkgs";
nixpkgs-23_05.follows = "nixpkgs";
nixpkgs-23_11.follows = "nixpkgs";
utils.follows = "flake-utils";
};
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs = {
nixpkgs.follows = "nixpkgs";
nixpkgs-stable.follows = "nixpkgs";
};
};
nix-pre-commit = {
url = "github:jmgilman/nix-pre-commit";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
};
outputs =
{ home-manager
, mailserver
, nix-pre-commit
, nixos-modules
, nixpkgs
, sops-nix
, ...
}:
let
inherit (nixpkgs) lib;
src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
ls = dir: lib.attrNames (builtins.readDir (src + "/${dir}"));
lsdir = dir: if (builtins.pathExists (src + "/${dir}")) then (lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir (src + "/${dir}")))) else [ ];
fileList = dir: map (file: ./. + "/${dir}/${file}") (ls dir);
config = {
repos = [
{
repo = "https://gitlab.com/vojko.pribudic/pre-commit-update";
rev = "f4886322eb7fc53c49e28cc1991674deb1f790bd";
hooks = [
{
id = "pre-commit-update";
args = [ "--dry-run" ];
}
];
}
{
repo = "local";
hooks = [
{
id = "nixpkgs-fmt check";
entry = "${nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt}/bin/nixpkgs-fmt";
args = [ "--check" ];
language = "system";
files = "\\.nix";
}
{
id = "nix-flake-check";
entry = "nix flake check";
language = "system";
files = "\\.nix";
pass_filenames = false;
}
];
}
];
};
in
{
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
nixosConfigurations =
let
constructSystem =
{ hostname
, system ? "x86_64-linux"
, modules ? [ ]
, users ? [ "dennis" ]
}: lib.nixosSystem {
inherit system;
modules = [
mailserver.nixosModules.mailserver
nixos-modules.nixosModule
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops
./systems/programs.nix
./systems/configuration.nix
./systems/${hostname}/hardware.nix
./systems/${hostname}/configuration.nix
{ config.networking.hostName = "${hostname}"; }
] ++ modules ++ fileList "modules"
++ map
(user: { config, lib, pkgs, ... }@args: {
users.users.${user} = import ./users/${user} (args // { name = "${user}"; });
boot.initrd.network.ssh.authorizedKeys = config.users.users.${user}.openssh.authorizedKeys.keys;
sops = {
secrets."${user}/user-password" = {
sopsFile = ./users/${user}/secrets.yaml;
neededForUsers = true;
};
};
})
users
++ map (user: { home-manager.users.${user} = import ./users/${user}/home.nix; }) users;
};
in
{
jeeves-jr = constructSystem {
hostname = "jeeves-jr";
users = [
"alice"
"dennis"
"richie"
];
};
palatine-hill = constructSystem {
hostname = "palatine-hill";
users = [
"alice"
"dennis"
"richie"
];
};
photon = constructSystem {
hostname = "photon";
users = [
"alice"
"dennis"
"richie"
];
};
} // (builtins.listToAttrs (builtins.concatMap
(user: map
(system: {
name = "${user}.${system}";
value = lib.nixosSystem {
system = "x86_64-linux";
modules = [
nixos-modules.nixosModule
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops
./users/${user}/systems/${system}/configuration.nix
./users/${user}/systems/${system}/hardware.nix
{ config.networking.hostName = "${system}"; }
] ++ fileList "modules";
};
})
(lsdir "users/${user}/systems"))
(lsdir "users")));
devShell = lib.mapAttrs
(system: sopsPkgs:
with nixpkgs.legacyPackages.${system};
mkShell {
sopsPGPKeyDirs = [ "./keys" ];
nativeBuildInputs = [
apacheHttpd
sopsPkgs.sops-import-keys-hook
];
shellHook = (nix-pre-commit.lib.${system}.mkConfig {
inherit pkgs config;
}).shellHook;
}
)
sops-nix.packages;
};
}
Reference in New Issue View Git Blame Copy Permalink