{ description = "jana's server infrastructure"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs"; flake-utils.url = "github:numtide/flake-utils"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; # deployment deploy-rs.url = "github:serokell/deploy-rs"; # websites homepage.url = "github:jdonszelmann/homepage"; totpal.url = "github:jdonszelmann/totpal"; harmonica.url = "git+ssh://git@github.com/jdonszelmann/harmonica-tabs"; mapf.url = "git+ssh://git@github.com/jdonszelmann/mapf-server"; reviewqueue.url = "github:jdonszelmann/review-queue"; compiler-construction-2021.url = "git+ssh://forgejo@git.donsz.nl/jana/eelco-visser-compiler-construction.git"; mifg.url = "git+ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git"; # server raw-data.url = "git+ssh://forgejo@git.donsz.nl/jana/raw-data.git"; secrets.url = "git+ssh://forgejo@git.donsz.nl/jana/server-secrets.git"; sops-nix.url = "github:Mic92/sops-nix"; vpn-confinement.url = "github:Maroka-chan/VPN-Confinement"; # home nixvim = { url = "github:nix-community/nixvim"; inputs.nixpkgs.follows = "nixpkgs"; }; t.url = "github:jdonszelmann/t-rs"; dumpasm.url = "github:jdonszelmann/dumpasm"; kitty-search = { url = "github:trygveaa/kitty-kitten-search"; flake = false; }; jujutsu = { url = "github:martinvonz/jj"; inputs.nixpkgs.follows = "nixpkgs"; }; p1n3appl3 = { url = "github:p1n3appl3/config"; inputs.rahul-config.follows = "rahul-config"; }; rahul-config.url = "github:jdonszelmann/nix-config"; niri-unstable.url = "github:YaLTeR/niri"; niri = { url = "github:sodiboo/niri-flake"; inputs.niri-unstable.follows = "niri-unstable"; }; matugen = { url = "github:/InioX/matugen/v4.0.0"; inputs.nixpkgs.follows = "nixpkgs"; }; noctalia = { url = "github:noctalia-dev/noctalia-shell"; inputs.nixpkgs.follows = "nixpkgs"; }; pipethon.url = "git+ssh://forgejo@git.donsz.nl/jana/pipethon.git"; firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; firefox-sidebar-css = { url = "github:drannex/FirefoxSidebar"; flake = false; }; }; outputs = { nixpkgs, flake-utils, sops-nix, vpn-confinement, deploy-rs, ... }@inputs: let custom = pkgs: import ./pkgs/custom.nix (inputs // { inherit pkgs; }); pkgsForSystem = system: import nixpkgs { inherit system; config.allowUnfree = true; overlays = [ (pkgs: _: { custom = custom pkgs; }) ]; }; configs = import ./config.nix (inputs // { inherit pkgsForSystem; }); in (configs.configs [ { hostname = "fili"; capabilities = [ "cli" ]; type = "server"; extra-modules = [ sops-nix.nixosModules.sops vpn-confinement.nixosModules.default ]; } { hostname = "kili"; deploy-hostname = "localhost"; capabilities = [ "cli" "graphical" "work" "fun" ]; type = "pc"; } { hostname = "ragdoll"; deploy-hostname = "ragdoll"; home-only = "jana"; capabilities = [ "cli" "work" ]; type = "pc"; } ]) // flake-utils.lib.eachDefaultSystem ( system: let pkgs = pkgsForSystem system; in { devShells.default = pkgs.mkShell { buildInputs = with pkgs; [ lix (pkgs.writeShellScriptBin "apply-local" '' apply $(hostname) '') (pkgs.writeShellScriptBin "apply" '' set -e if [ $# -eq 0 ] then deploy -s elif [ $# -eq 1 ] then deploy -s ".#$@" else echo "too many parameters" exit 1 fi '') deploy-rs.packages.${system}.deploy-rs ]; shellHook = "exec $NIX_BUILD_SHELL"; }; custom-packages = custom pkgs; formatter = pkgs.nixfmt; } ); nixConfig = { extra-substituters = [ "https://jana.cachix.org" ]; extra-trusted-public-keys = [ "jana.cachix.org-1:LN0lzHx7QH1RBoDn3+psi4HOEAXW3EqRa/u0ncQ1XBE=" ]; }; }