shared-public-infra/flake.nix

109 lines
3.6 KiB
Nix
Raw Permalink Normal View History

{
description = "NixOS configuration with flakes";
nixConfig.extra-substituters = [
"https://newtype.cachix.org"
];
nixConfig.extra-trusted-public-keys = [
"newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
];
# To update all inputs:
# $ nix flake update --recreate-lock-file
inputs = {
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
nur.url = "github:nix-community/NUR";
home-manager.url = "github:rycee/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs";
srvos.url = "github:numtide/srvos";
# actually not used when using the modules but than nothing ever will try to fetch this nixpkgs variant
srvos.inputs.nixpkgs.follows = "nixpkgs";
flake-registry.url = "github:NixOS/flake-registry";
flake-registry.flake = false;
};
outputs =
{ flake-parts
, ...
} @ inputs:
(flake-parts.lib.evalFlakeModule
{ inherit inputs; }
({ self, inputs, ... }: {
systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ];
imports = [
./configurations.nix
# ./modules/monitoring/flake-module.nix
# ./pkgs/flake-module.nix
# ./templates
];
perSystem = { self', pkgs, ... }: {
devShells.default = pkgs.mkShellNoCC {
buildInputs = [
pkgs.ipmitool
pkgs.colmena
pkgs.python3.pkgs.invoke
#Until nixos-anywhere is packaged
pkgs.python3.pkgs.deploykit
pkgs.mypy
pkgs.pixiecore
pkgs.dnsmasq
pkgs.python3.pkgs.netaddr
pkgs.qemu_kvm
pkgs.openssh
pkgs.gitMinimal # for git flakes
pkgs.rsync
pkgs.nix
pkgs.coreutils
pkgs.curl # when uploading tarballs
pkgs.gnugrep
pkgs.findutils
pkgs.gnused # needed by ssh-copy-id
# sops dependencies
pkgs.age
pkgs.yq-go
] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
};
packages = {
# netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
# # this nixosSystem is built for x86_64 machines regardless of the host machine
# pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
# inherit (inputs.nixpkgs.lib) nixosSystem;
# extraModules = [
# self.inputs.nur.nixosModules.nur
# { _module.args.inputs = self.inputs; }
# ];
# };
# netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
# inherit (self'.packages) netboot;
# };
};
};
flake = {
hydraJobs = inputs.nixpkgs.lib.mapAttrs' (name: config: inputs.nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations // {
devShells = self.devShells.x86_64-linux.default;
};
};
})).config.flake;
}