blob: 482f2475437b79e8be56b97d855837ac67ace04e [file] [log] [blame]
{
description = "A flake to deploy and configure Clicks' NixOS server";
# input URLs
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
inputs.nixpkgs-clicksforms.url = "github:nixos/nixpkgs/nixos-22.05";
inputs.flake-utils.url = "github:numtide/flake-utils";
inputs.deploy-rs.url = "github:serokell/deploy-rs";
inputs.home-manager.url = "github:nix-community/home-manager/release-23.11";
inputs.sops-nix.url = "github:Mic92/sops-nix";
inputs.scalpel.url = "github:polygon/scalpel";
inputs.nixpkgs-privatebin.url = "github:e1mo/nixpkgs/privatebin";
inputs.nixpkgs-mongodb.url = "github:nixos/nixpkgs?rev=8dfad603247387df1df4826b8bea58efc5d012d8";
inputs.helpers.url = "git+https://git.clicks.codes/Clicks/NixHelpers";
# follow settings
inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs";
inputs.scalpel.inputs.nixpkgs.follows = "nixpkgs";
inputs.scalpel.inputs.sops-nix.follows = "sops-nix";
outputs = { self, nixpkgs, deploy-rs, home-manager, sops-nix, scalpel
, nixpkgs-privatebin, ... }@inputs:
let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
(final: prev: {
inherit (nixpkgs-privatebin.legacyPackages.${system})
privatebin pbcli;
})
];
};
helpers = inputs.helpers.helpers { inherit pkgs nixpkgs; };
drive_paths = import ./variables/drive_paths.nix;
a1d1 = import ./modules/a1d1 { inherit self pkgs system inputs drive_paths; };
a1d2 = import ./modules/a1d2 { inherit self pkgs system inputs; drive_paths = null; };
in rec {
nixosConfigurations.clicks = let
base = nixpkgs.lib.nixosSystem {
inherit system pkgs;
modules = [
{
system.stateVersion = "22.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.trusted-users = [ "minion" "coded" ];
time.timeZone = "Etc/UTC";
users.mutableUsers = false;
fileSystems."/" = {};
}
]
++ (helpers.nixFilesIn ./modules/common)
++ [
sops-nix.nixosModules.sops
"${nixpkgs-privatebin}/nixos/modules/services/web-apps/privatebin.nix"
];
specialArgs = inputs // {
base = null;
inherit system;
inherit helpers;
drive_paths = null;
};
};
in base.extendModules {
modules = [ scalpel.nixosModules.scalpel ];
specialArgs = { inherit base; };
};
nixosConfigurations.clicks-without-mongodb =
nixosConfigurations.clicks.extendModules {
modules = [{ services.mongodb.enable = nixpkgs.lib.mkForce false; }];
};
nixosConfigurations.a1d1 = a1d1.config;
nixosConfigurations.a1d2 = a1d2.config;
deploy.nodes.a1d1 = a1d1.deploy;
deploy.nodes.a1d2 = a1d2.deploy;
devShells.x86_64-linux.default =
pkgs.mkShell { packages = [ pkgs.deploy-rs ]; };
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt;
};
}