nibylandia/flake.nix

{
  description = "Nibylandia configurations";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    home-manager.url = "github:nix-community/home-manager";
    nix-colors.url = "github:misterio77/nix-colors";
    nix-formatter-pack.url = "github:Gerschtli/nix-formatter-pack";
    nix-index-database.url = "github:Mic92/nix-index-database";
    deploy-rs.url = "github:serokell/deploy-rs";
    microvm.url = "github:astro/microvm.nix";
    colmena = {
      url = "github:zhaofengli/colmena/main";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    agenix = {
      url = "github:ryantm/agenix";
      inputs.darwin.follows = "";
    };
    lanzaboote = {
      url = "github:nix-community/lanzaboote";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    simple-nixos-mailserver = {
      url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = { self, nixpkgs, nix-formatter-pack, nix-index-database, deploy-rs
    , agenix, lanzaboote, microvm, simple-nixos-mailserver, colmena, ...
    }@inputs:
    let
      systems = [ "x86_64-linux" "aarch64-linux" ];
      forAllSystems = nixpkgs.lib.genAttrs systems;
      pkgsForDeploy =
        forAllSystems (system: import nixpkgs { inherit system; });
      deployPkgs = forAllSystems (system:
        let pkgs = pkgsForDeploy.${system};
        in import nixpkgs {
          inherit system;
          overlays = [
            deploy-rs.overlay
            (self: super: {
              deploy-rs = {
                inherit (pkgs) deploy-rs;
                inherit (super.deploy-rs) lib;
              };
            })
          ];
        });
      inherit (nixpkgs) lib;
    in {
      formatter = forAllSystems (system:
        nix-formatter-pack.lib.mkFormatter {
          inherit nixpkgs system;

          config = {
            tools = {
              deadnix = {
                enable = true;
                noLambdaPatternNames = true;
                noLambdaArg = true;
              };
              statix.enable = true;
              nixfmt.enable = true;
            };
          };
        });

      overlays = import ./overlays;

      nixosModules = {
        nibylandia-boot.imports = [ ./modules/boot.nix ];

        nibylandia-secureboot.imports = [ ./modules/secureboot.nix ];

        nibylandia-common.imports = [ ./modules/common.nix ];

        nibylandia-graphical.imports = [ ./modules/graphical.nix ];

        nibylandia-laptop.imports = [ ./modules/laptop.nix ];

        nibylandia-gaming.imports = [ ./modules/gaming.nix ];

        nibylandia-monitoring.imports = [ ./modules/monitoring.nix ];

        nibylandia-ci-runners.imports = [ ./modules/ci-runners.nix ];
      };

      nixosConfigurations = {
        scylla = nixpkgs.lib.nixosSystem {
          system = "aarch64-linux";
          modules = [ ./nixos/scylla ];
          extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];
          specialArgs = { inherit inputs; };
        };

        khas = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          modules = [ ./nixos/khas ];
          extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];
          specialArgs = { inherit inputs; };
        };

        microlith = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          modules = [ ./nixos/microlith ];
          extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];
          specialArgs = { inherit inputs; };
        };

        zorigami = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          modules = [ ./nixos/zorigami ];
          extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];
          specialArgs = { inherit inputs; };
        };
      };

      deploy.nodes = builtins.mapAttrs (name: value: {
        fastConnection = false;
        remoteBuild = true;
        hostname = value.config.deployment.targetHost;
        profiles.system = {
          user = "root";
          sshUser = "root";
          path =
            deployPkgs.${value.config.nixpkgs.system}.deploy-rs.lib.activate.nixos
            value;
        };
      }) self.nixosConfigurations;

      colmena = {
        meta = {
          nixpkgs = import inputs.nixpkgs { system = "x86_64-linux"; };
          nodeNixpkgs =
            builtins.mapAttrs (_: v: v.pkgs) self.nixosConfigurations;
          nodeSpecialArgs = builtins.mapAttrs (_: v: v._module.specialArgs)
            self.nixosConfigurations;
          specialArgs.lib = lib;
        };
      } // builtins.mapAttrs (_: v: { imports = v._module.args.modules; })
        self.nixosConfigurations;

      checks = builtins.mapAttrs
        (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
    };
}
scaffolding 2023-09-03 11:35:16 +00:00			`{`
			`description = "Nibylandia configurations";`

			`inputs = {`
feat: prepare for microvms 2023-10-09 12:37:47 +00:00			`nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";`
scaffolding 2023-09-03 11:35:16 +00:00			`home-manager.url = "github:nix-community/home-manager";`
			`nix-colors.url = "github:misterio77/nix-colors";`
			`nix-formatter-pack.url = "github:Gerschtli/nix-formatter-pack";`
			`nix-index-database.url = "github:Mic92/nix-index-database";`
			`deploy-rs.url = "github:serokell/deploy-rs";`
feat: prepare for microvms 2023-10-09 12:37:47 +00:00			`microvm.url = "github:astro/microvm.nix";`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`colmena = {`
			`url = "github:zhaofengli/colmena/main";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
scaffolding 2023-09-03 11:35:16 +00:00			`agenix = {`
			`url = "github:ryantm/agenix";`
			`inputs.darwin.follows = "";`
			`};`
Actually working configuration for khas + cleanups 2023-10-08 16:11:54 +00:00			`lanzaboote = {`
			`url = "github:nix-community/lanzaboote";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00			`simple-nixos-mailserver = {`
			`url = "gitlab:simple-nixos-mailserver/nixos-mailserver";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
scaffolding 2023-09-03 11:35:16 +00:00			`};`

Actually working configuration for khas + cleanups 2023-10-08 16:11:54 +00:00			`outputs = { self, nixpkgs, nix-formatter-pack, nix-index-database, deploy-rs`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`, agenix, lanzaboote, microvm, simple-nixos-mailserver, colmena, ...`
			`}@inputs:`
common: avoid rebuilding basic tools 2023-10-08 23:21:05 +00:00			`let`
ci: run from hswaw forgejo on our own hosts 2023-10-14 23:29:23 +00:00			`systems = [ "x86_64-linux" "aarch64-linux" ];`
			`forAllSystems = nixpkgs.lib.genAttrs systems;`
common: avoid rebuilding basic tools 2023-10-08 23:21:05 +00:00			`pkgsForDeploy =`
			`forAllSystems (system: import nixpkgs { inherit system; });`
			`deployPkgs = forAllSystems (system:`
			`let pkgs = pkgsForDeploy.${system};`
			`in import nixpkgs {`
			`inherit system;`
			`overlays = [`
			`deploy-rs.overlay`
			`(self: super: {`
			`deploy-rs = {`
			`inherit (pkgs) deploy-rs;`
			`inherit (super.deploy-rs) lib;`
			`};`
			`})`
			`];`
			`});`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`inherit (nixpkgs) lib;`
scaffolding 2023-09-03 11:35:16 +00:00			`in {`
			`formatter = forAllSystems (system:`
			`nix-formatter-pack.lib.mkFormatter {`
			`inherit nixpkgs system;`

			`config = {`
			`tools = {`
			`deadnix = {`
			`enable = true;`
			`noLambdaPatternNames = true;`
			`noLambdaArg = true;`
			`};`
			`statix.enable = true;`
			`nixfmt.enable = true;`
			`};`
			`};`
			`});`

.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00			`overlays = import ./overlays;`

.: general cleanup 2023-10-19 22:11:57 +00:00			`nixosModules = {`
Basic secureboot and khas (laptop) config 2023-09-18 20:42:25 +00:00			`nibylandia-boot.imports = [ ./modules/boot.nix ];`

.: general cleanup 2023-10-19 22:11:57 +00:00			`nibylandia-secureboot.imports = [ ./modules/secureboot.nix ];`
Basic secureboot and khas (laptop) config 2023-09-18 20:42:25 +00:00
.: general cleanup 2023-10-19 22:11:57 +00:00			`nibylandia-common.imports = [ ./modules/common.nix ];`
common: avoid rebuilding basic tools 2023-10-08 23:21:05 +00:00
.: general cleanup 2023-10-19 22:11:57 +00:00			`nibylandia-graphical.imports = [ ./modules/graphical.nix ];`
Basic secureboot and khas (laptop) config 2023-09-18 20:42:25 +00:00
			`nibylandia-laptop.imports = [ ./modules/laptop.nix ];`
common: import more defaults from old repo 2023-10-08 21:44:41 +00:00
			`nibylandia-gaming.imports = [ ./modules/gaming.nix ];`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00
			`nibylandia-monitoring.imports = [ ./modules/monitoring.nix ];`
Basic secureboot and khas (laptop) config 2023-09-18 20:42:25 +00:00
.: general cleanup 2023-10-19 22:11:57 +00:00			`nibylandia-ci-runners.imports = [ ./modules/ci-runners.nix ];`
ci: run from hswaw forgejo on our own hosts 2023-10-14 23:29:23 +00:00			`};`

.: general cleanup 2023-10-19 22:11:57 +00:00			`nixosConfigurations = {`
scaffolding 2023-09-03 11:35:16 +00:00			`scylla = nixpkgs.lib.nixosSystem {`
			`system = "aarch64-linux";`
.: general cleanup 2023-10-19 22:11:57 +00:00			`modules = [ ./nixos/scylla ];`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];`
.: general cleanup 2023-10-19 22:11:57 +00:00			`specialArgs = { inherit inputs; };`
Basic secureboot and khas (laptop) config 2023-09-18 20:42:25 +00:00			`};`

			`khas = nixpkgs.lib.nixosSystem {`
			`system = "x86_64-linux";`
.: general cleanup 2023-10-19 22:11:57 +00:00			`modules = [ ./nixos/khas ];`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];`
.: general cleanup 2023-10-19 22:11:57 +00:00			`specialArgs = { inherit inputs; };`
scaffolding 2023-09-03 11:35:16 +00:00			`};`
nixos/microlith: initial import 2023-10-08 22:07:57 +00:00
			`microlith = nixpkgs.lib.nixosSystem {`
			`system = "x86_64-linux";`
.: general cleanup 2023-10-19 22:11:57 +00:00			`modules = [ ./nixos/microlith ];`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];`
.: general cleanup 2023-10-19 22:11:57 +00:00			`specialArgs = { inherit inputs; };`
nixos/microlith: initial import 2023-10-08 22:07:57 +00:00			`};`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00
			`zorigami = nixpkgs.lib.nixosSystem {`
			`system = "x86_64-linux";`
.: general cleanup 2023-10-19 22:11:57 +00:00			`modules = [ ./nixos/zorigami ];`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`extraModules = [ inputs.colmena.nixosModules.deploymentOptions ];`
.: general cleanup 2023-10-19 22:11:57 +00:00			`specialArgs = { inherit inputs; };`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00			`};`
scaffolding 2023-09-03 11:35:16 +00:00			`};`

flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`deploy.nodes = builtins.mapAttrs (name: value: {`
nixos/microlith: initial import 2023-10-08 22:07:57 +00:00			`fastConnection = false;`
			`remoteBuild = true;`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`hostname = value.config.deployment.targetHost;`
nixos/microlith: initial import 2023-10-08 22:07:57 +00:00			`profiles.system = {`
			`user = "root";`
			`sshUser = "root";`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`path =`
			`deployPkgs.${value.config.nixpkgs.system}.deploy-rs.lib.activate.nixos`
			`value;`
nixos/microlith: initial import 2023-10-08 22:07:57 +00:00			`};`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`}) self.nixosConfigurations;`

			`colmena = {`
			`meta = {`
			`nixpkgs = import inputs.nixpkgs { system = "x86_64-linux"; };`
			`nodeNixpkgs =`
			`builtins.mapAttrs (_: v: v.pkgs) self.nixosConfigurations;`
			`nodeSpecialArgs = builtins.mapAttrs (_: v: v._module.specialArgs)`
			`self.nixosConfigurations;`
			`specialArgs.lib = lib;`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00			`};`
flake: lock updates and crimes made configurations deployable with both colmena and deploy-rs 2023-10-19 20:45:14 +00:00			`} // builtins.mapAttrs (_: v: { imports = v._module.args.modules; })`
			`self.nixosConfigurations;`
.: microvm experiments + zorigami 2023-10-14 21:24:33 +00:00
scaffolding 2023-09-03 11:35:16 +00:00			`checks = builtins.mapAttrs`
			`(system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;`
			`};`
			`}`