{ description = "jana's server infrastructure"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs"; flake-utils.url = "github:numtide/flake-utils"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; # deployment deploy-rs.url = "github:serokell/deploy-rs"; # websites homepage.url = "github:jdonszelmann/homepage"; totpal.url = "github:jdonszelmann/totpal"; harmonica.url = "git+ssh://git@github.com/jdonszelmann/harmonica-tabs"; mapf.url = "git+ssh://git@github.com/jdonszelmann/mapf-server"; reviewqueue.url = "github:jdonszelmann/review-queue"; compiler-construction-2021.url = "git+ssh://forgejo@git.donsz.nl/jana/eelco-visser-compiler-construction.git"; mifg.url = "git+ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git"; # server raw-data.url = "git+ssh://forgejo@git.donsz.nl/jana/raw-data.git"; secrets.url = "git+ssh://forgejo@git.donsz.nl/jana/server-secrets.git"; sops-nix.url = "github:Mic92/sops-nix"; vpn-confinement.url = "github:Maroka-chan/VPN-Confinement"; # home nixvim = { url = "github:nix-community/nixvim"; inputs.nixpkgs.follows = "nixpkgs"; }; t.url = "github:jdonszelmann/t-rs"; dumpasm.url = "github:jdonszelmann/dumpasm"; kitty-search = { url = "github:trygveaa/kitty-kitten-search"; flake = false; }; jujutsu = { url = "github:martinvonz/jj"; inputs.nixpkgs.follows = "nixpkgs"; }; p1n3appl3 = { url = "github:p1n3appl3/config"; inputs.rahul-config.follows = "rahul-config"; }; rahul-config.url = "github:jdonszelmann/nix-config"; niri-unstable.url = "github:YaLTeR/niri"; niri = { url = "github:sodiboo/niri-flake"; inputs.niri-unstable.follows = "niri-unstable"; }; matugen = { url = "github:/InioX/matugen/v4.0.0"; inputs.nixpkgs.follows = "nixpkgs"; }; noctalia = { url = "github:noctalia-dev/noctalia-shell"; inputs.nixpkgs.follows = "nixpkgs"; }; pipethon.url = "git+ssh://forgejo@git.donsz.nl/jana/pipethon.git"; firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; firefox-sidebar-css = { url = "github:drannex/FirefoxSidebar"; flake = false; }; }; outputs = { self, nixpkgs, flake-utils, sops-nix, vpn-confinement, home-manager, deploy-rs, ... }@inputs: let custom = pkgs: import ./pkgs/custom.nix (inputs // { inherit pkgs; }); pkgsForSystem = system: import nixpkgs { inherit system; config.allowUnfree = true; overlays = [ (pkgs: _: { custom = custom pkgs; }) ]; }; specialArgsForSystem = system: { pkgs = pkgsForSystem system; flakes = inputs; inherit inputs; inherit (inputs.secrets.packages.${system}) secrets; }; in { nixosConfigurations.fili = nixpkgs.lib.nixosSystem rec { system = "x86_64-linux"; modules = [ inputs.home-manager.nixosModules.default { home-manager.extraSpecialArgs = specialArgs; } ./hosts/fili/configuration.nix ./users ./default-machine-config.nix sops-nix.nixosModules.sops vpn-confinement.nixosModules.default ]; specialArgs = specialArgsForSystem system; }; nixosConfigurations.kili = nixpkgs.lib.nixosSystem rec { system = "x86_64-linux"; modules = [ inputs.home-manager.nixosModules.default { home-manager.extraSpecialArgs = specialArgs; } ./hosts/kili/configuration.nix ./users ]; specialArgs = specialArgsForSystem system; }; nixosConfigurations.ragdoll = home-manager.lib.homeManagerConfiguration ( let system = "x86_64-linux"; in { modules = [ inputs.home-manager.nixosModules.default { home-manager.extraSpecialArgs = specialArgsForSystem system; } ./hosts/ragdoll/configuration.nix ./default-machine-config.nix ]; pkgs = pkgsForSystem system; } ); deploy.nodes.fili = { hostname = "fili"; fastConnection = true; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.fili; sshUser = "jana"; }; }; deploy.nodes.kili = { hostname = "localhost"; fastConnection = true; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kili; sshUser = "jana"; }; }; deploy.nodes.ragdoll = { hostname = "ragdoll"; fastConnection = true; profiles.system = { user = "jana"; path = deploy-rs.lib.x86_64-linux.activate.home-manager self.nixosConfigurations.ragdoll; sshUser = "jana"; }; }; } // flake-utils.lib.eachDefaultSystem ( system: let pkgs = pkgsForSystem system; in { devShells.default = pkgs.mkShell { buildInputs = with pkgs; [ lix (pkgs.writeShellScriptBin "apply" '' set -e if [ $# -eq 0 ] then deploy elif [ $# -eq 1 ] then deploy ".#$@" else echo "too many parameters" exit 1 fi '') deploy-rs.packages.${system}.deploy-rs ]; shellHook = "exec $NIX_BUILD_SHELL"; }; custom-packages = custom pkgs; formatter = pkgs.nixfmt; } ); nixConfig = { extra-substituters = [ "https://jana.cachix.org" ]; extra-trusted-public-keys = [ "jana.cachix.org-1:LN0lzHx7QH1RBoDn3+psi4HOEAXW3EqRa/u0ncQ1XBE=" ]; }; }