{ description = "b12f hosts"; nixConfig.extra-experimental-features = "nix-command flakes"; inputs = { # Track channels with commits tested and built by hydra nixos.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; flake-compat.url = "github:edolstra/flake-compat"; flake-compat.flake = false; nix-darwin.url = "github:lnl7/nix-darwin/master"; nix-darwin.inputs.nixpkgs.follows = "nixos"; home-manager.url = "github:nix-community/home-manager/release-23.05"; home-manager.inputs.nixpkgs.follows = "nixos"; flake-parts.url = "github:hercules-ci/flake-parts"; nixos-flake.url = "github:srid/nixos-flake"; deploy.url = "github:serokell/deploy-rs"; deploy.inputs.nixpkgs.follows = "nixos"; deploy.inputs.flake-compat.follows = "flake-compat"; agenix.url = "github:ryantm/agenix"; agenix.inputs.nixpkgs.follows = "nixos"; agenix.inputs.darwin.follows = "darwin"; nixos-hardware.url = "github:nixos/nixos-hardware"; keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main"; keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos"; master.url = "github:nixos/nixpkgs/master"; fix-yubikey-agent.url = "github:pub-solar/nixpkgs/fix/use-latest-unstable-yubikey-agent"; fix-atomic-container-restarts.url = "github:pub-solar/nixpkgs/fix/atomic-container-restarts"; scan2paperless.url = "git+https://git.pub.solar/b12f/scan2paperless.git"; musnix.url = "github:musnix/musnix"; adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound"; adblock-unbound.inputs.nixpkgs.follows = "nixos"; }; outputs = inputs@{ self, ... }: inputs.flake-parts.lib.mkFlake { inherit inputs; } { systems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; imports = [ inputs.nixos-flake.flakeModule ]; perSystem = { system, config, ... }: { # Code to consume overlays, see https://flake.parts/overlays#consuming-an-overlay _module.args.pkgs = import inputs.nixos { inherit system; overlays = [ agenix.overlays.default (import ./pkgs/default.nix) ]; }; }; flake = { # Configurations for Linux (NixOS) machines nixosConfigurations = { biolimo = self.nixos-flake.lib.mkLinuxSystem "x86_64-linux" { imports = [ self.nixosModules.linux self.nixosModules.home-manager self.nixosModules.agenix self.nixosModules.musnix ./hosts/biolimo/default.nix ]; }; }; nixosModules = rec { arduino = import ./modules/arduino/default.nix; audio = import ./modules/audio/default.nix; ci-runner = import ./modules/ci-runner/default.nix; core = import ./modules/core/default.nix; crypto = import ./modules/crypto/default.nix; devops = import ./modules/devops/default.nix; docker = import ./modules/docker/default.nix; docker-ci-runner = import ./modules/docker-ci-runner/default.nix; email = import ./modules/email/default.nix; factorio = import ./modules/factorio/default.nix; gaming = import ./modules/gaming/default.nix; graphical = import ./modules/graphical/default.nix; mobile = import ./modules/mobile/default.nix; nextcloud = import ./modules/nextcloud/default.nix; office = import ./modules/office/default.nix; paperless = import ./modules/paperless/default.nix; paranoia = import ./modules/paranoia/default.nix; printing = import ./modules/printing/default.nix; social = import ./modules/social/default.nix; sway = import ./modules/sway/default.nix; terminal-life = import ./modules/terminal-life/default.nix; uhk = import ./modules/uhk/default.nix; user = import ./modules/user/default.nix; virtualisation = import ./modules/virtualisation/default.nix; base = [users.pub-solar users.root]; iso = base ++ [base-user graphical pub-solar-iso]; pubsolaros = [full-install base-user users.root]; anonymous = [pubsolaros users.pub-solar]; b12f = pubsolaros ++ [users.b12f social gaming mobile]; biolimo = b12f ++ [graphical]; chocolatebar = b12f ++ [graphical virtualisation]; yule = pubsolaros ++ [users.yule]; droppie = yule ++ []; pie = yule ++ []; maoam = b12f ++ []; }; homeModules = { }; }; }; } outputs = { self, digga, nixos, home, nixos-hardware, agenix, deploy, scan2paperless, musnix, ... } @ inputs: digga.lib.mkFlake { inherit self inputs; channelsConfig = { allowUnfree = true; }; supportedSystems = ["x86_64-linux" "aarch64-linux" "aarch64-darwin"]; channels = { nixos = { imports = [(digga.lib.importOverlays ./overlays)]; overlays = [ (self: super: { deploy-rs = { inherit (inputs.nixos.legacyPackages.x86_64-linux) deploy-rs; lib = inputs.deploy.lib.x86_64-linux; }; }) ]; }; latest = {}; }; lib = import ./lib {lib = digga.lib // nixos.lib;}; sharedOverlays = [ (final: prev: { __dontExport = true; lib = prev.lib.extend (lfinal: lprev: { our = self.lib; }); }) agenix.overlays.default (import ./pkgs) ]; nixos = { hostDefaults = { system = "x86_64-linux"; channelName = "nixos"; imports = [(digga.lib.importExportableModules ./modules)]; modules = [ {lib.our = self.lib;} # FIXME: upstream module causes a huge number of unnecessary # dependencies to be pulled in for all systems -- many of them are # graphical. should only be imported as needed. # digga.nixosModules.bootstrapIso digga.nixosModules.nixConfig home.nixosModules.home-manager agenix.nixosModules.age musnix.nixosModules.musnix ]; }; imports = [(digga.lib.importHosts ./hosts)]; hosts = { # Set host-specific properties here bootstrap = { modules = [ digga.nixosModules.bootstrapIso ]; }; PubSolarOS = { tests = [ #(import ./tests/first-test.nix { # pkgs = nixos.legacyPackages.x86_64-linux; # lib = nixos.lib; #}) ]; }; pie = { system = "aarch64-linux"; modules = [nixos-hardware.nixosModules.raspberry-pi-4]; }; maoam = { system = "aarch64-linux"; }; }; importables = rec { profiles = digga.lib.rakeLeaves ./profiles // { users = digga.lib.rakeLeaves ./users; }; suites = with profiles; rec { base = [users.pub-solar users.root]; iso = base ++ [base-user graphical pub-solar-iso]; pubsolaros = [full-install base-user users.root]; anonymous = [pubsolaros users.pub-solar]; b12f = pubsolaros ++ [users.b12f social gaming mobile]; biolimo = b12f ++ [graphical]; chocolatebar = b12f ++ [graphical virtualisation]; yule = pubsolaros ++ [users.yule]; droppie = yule ++ []; pie = yule ++ []; maoam = b12f ++ []; }; }; }; home = { imports = [(digga.lib.importExportableModules ./users/modules)]; modules = []; importables = rec { profiles = digga.lib.rakeLeaves ./users/profiles; suites = with profiles; rec { base = [direnv git]; }; }; users = let default = {suites, ...}: { imports = suites.base; home.stateVersion = "21.03"; }; in { pub-solar = default; b12f = default; yule = default; }; }; devshell = ./shell; homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { droppie = { hostname = "backup.b12f.io"; sshUser = "yule"; }; pie = { sshUser = "yule"; }; maoam = { sshUser = "b12f"; }; #example = { # hostname = "example.com:22"; # sshUser = "bartender"; # fastConnect = true; # profilesOrder = ["system" "direnv"]; # profiles.direnv = { # user = "bartender"; # path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.bartender; # }; #}; }; }; }