nix-config/flake.nix

165 lines
4.3 KiB
Nix
Raw Normal View History

2023-01-25 17:53:02 +01:00
{
2023-04-08 17:33:59 +02:00
description = "patricks tolle nix config";
inputs = {
2023-09-05 21:00:29 +02:00
nixpkgs-wayland = {
url = "github:nix-community/nixpkgs-wayland";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
2023-04-08 17:33:59 +02:00
# to prevent multiple instances of systems
systems.url = "github:nix-systems/default";
2023-08-30 14:25:52 +02:00
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
2023-08-30 16:38:30 +02:00
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
# should use system nixpkgs instead of their own
inputs.nixpkgs.follows = "nixpkgs";
};
2023-04-08 17:33:59 +02:00
agenix = {
url = "github:ryantm/agenix";
2023-05-19 06:54:56 +02:00
inputs.home-manager.follows = "home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
2023-01-28 18:41:31 +01:00
# Bin zu faul des zu kopieren
agenix-rekey = {
url = "github:oddlama/agenix-rekey";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-utils = {
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
2023-03-06 07:47:49 +01:00
templates.url = "git+https://git.lel.lol/patrick/nix-templates.git";
colmena = {
url = "github:zhaofengli/colmena";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
2023-03-06 07:47:49 +01:00
};
2023-03-08 14:11:46 +01:00
2023-05-26 17:30:37 +02:00
impermanence.url = "github:nix-community/impermanence";
nixos-hardware.url = "github:nixos/nixos-hardware";
devshell = {
url = "github:numtide/devshell";
inputs.nixpkgs.follows = "nixpkgs";
inputs.systems.follows = "systems";
};
2023-09-18 13:04:44 +02:00
nix-index-database = {
url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
2023-09-20 18:53:35 +02:00
nixseparatedebuginfod.url = "github:symphorien/nixseparatedebuginfod";
2023-09-21 01:43:10 +02:00
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.3.0";
inputs.nixpkgs.follows = "nixpkgs";
};
2023-01-25 17:53:02 +01:00
};
outputs = {
self,
nixpkgs,
2023-01-28 18:41:31 +01:00
flake-utils,
colmena,
agenix-rekey,
2023-08-30 16:38:30 +02:00
nixos-generators,
2023-09-20 14:19:13 +02:00
pre-commit-hooks,
...
2023-08-30 16:38:30 +02:00
} @ inputs: let
inherit (nixpkgs) lib;
stateVersion = "23.05";
in
2023-01-28 18:41:31 +01:00
{
2023-05-27 07:12:18 +02:00
secretsConfig = {
masterIdentities = [./secrets/NIXOSc.key.pub];
#masterIdentities = [./secrets/NIXOSa.key.pub];
extraEncryptionPubkeys = [./secrets/recipients.txt];
2023-01-28 18:41:31 +01:00
};
2023-08-30 16:38:30 +02:00
inherit stateVersion;
2023-09-20 14:37:21 +02:00
inherit
(import ./nix/hosts.nix inputs)
colmena
hosts
microvmConfigurations
nixosConfigurations
;
nodes = self.nixosConfigurations // self.microvmConfigurations;
top = lib.mapAttrs (_: x: x.config.system.build.toplevel) self.nodes;
2023-08-30 16:38:30 +02:00
inherit
(lib.foldl' lib.recursiveUpdate {}
(lib.mapAttrsToList
(import ./nix/generate-installer-package.nix inputs)
2023-09-20 14:37:21 +02:00
self.nixosConfigurations))
2023-08-30 16:38:30 +02:00
packages
;
}
// flake-utils.lib.eachDefaultSystem (system: rec {
pkgs = import nixpkgs {
2023-09-05 21:00:29 +02:00
overlays =
import ./lib inputs
2023-09-18 14:36:41 +02:00
++ import ./pkgs
2023-09-05 21:00:29 +02:00
++ [
inputs.nixpkgs-wayland.overlay
];
inherit system;
# TODO fix this to only allow specific unfree packages
config.allowUnfree = true;
2023-02-08 19:52:31 +01:00
};
2023-08-30 16:38:30 +02:00
images.live-iso = nixos-generators.nixosGenerate {
inherit pkgs;
modules = [
./nix/installer-configuration.nix
./modules/os-conf/core/ssh.nix
2023-08-30 16:38:30 +02:00
{system.stateVersion = stateVersion;}
];
format =
{
x86_64-linux = "install-iso";
aarch64-linux = "sd-aarch64-installer";
}
.${system};
};
apps = agenix-rekey.defineApps self pkgs self.nodes;
2023-09-20 14:19:13 +02:00
checks.pre-commit-check =
pre-commit-hooks.lib.${system}.run
{
src = lib.cleanSource ./.;
hooks = {
alejandra.enable = true;
statix.enable = true;
luacheck.enable = true;
stylua.enable = true;
};
};
devShell = import ./nix/devshell.nix inputs system;
formatter = pkgs.alejandra;
2023-01-28 18:41:31 +01:00
});
2023-01-25 17:53:02 +01:00
}