shared-public-infra/configurations.nix

118 lines
2.6 KiB
Nix
Raw Permalink Normal View History

{ self, ... }:
let
inherit
(self.inputs)
nixpkgs
home-manager
agenix
nur
colmena
flake-registry
nixos-hardware
nixpkgs-unstable
srvos
disko
;
nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem;
colmenaModules = [
colmena.nixosModules.deploymentOptions
];
commonModules = [
{
_module.args.self = self;
_module.args.inputs = self.inputs;
srvos.flake = self;
}
# only include admins here for monitoring/backup infrastructure
./modules/users/admins.nix
./modules/packages.nix
./modules/nix-daemon.nix
./modules/auto-upgrade.nix
./modules/tor-ssh.nix
./modules/hosts.nix
./modules/network.nix
./modules/zsh.nix
2023-07-01 14:46:53 +00:00
./modules/ssh-cursed.nix
# FIXME: ./modules/buildbot — whenever you are ready.
disko.nixosModules.disko
srvos.nixosModules.server
srvos.nixosModules.mixins-trusted-nix-caches
srvos.nixosModules.mixins-terminfo
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
agenix.nixosModules.default
({ pkgs
, config
, lib
, ...
2023-07-01 14:46:53 +00:00
}:
let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in
{
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=${pkgs.path}"
"nur=${nur}"
];
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
2023-07-01 14:46:53 +00:00
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
2023-07-01 14:46:53 +00:00
nix.extraOptions = ''
flake-registry = ${flake-registry}/flake-registry.json
builders-use-substitutes = true
'';
2023-07-01 14:46:53 +00:00
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
2023-07-01 14:46:53 +00:00
environment.systemPackages = [
pkgs.kitty.terminfo
];
})
];
in
{
flake.nixosConfigurations = {
epyc = nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ colmenaModules
++ [
./hosts/epyc.nix
];
};
2023-07-01 14:46:53 +00:00
};
flake.colmena = {
meta.nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
epyc = {
imports =
commonModules
++ [
./hosts/epyc.nix
];
2023-07-01 14:46:53 +00:00
};
};
}