Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 624e51101c96aff8ffe856cc47175673d021ba7b / . / flake.nix
blob: 8575fca82c11fbb85050a257a46966d6a423e0cd [file] [log] [blame]
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]1{
2 description = "A flake to deploy and configure Clicks' NixOS server";
3
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]4 inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
Skyler Grey061574c2023-05-01 21:39:24 +0000[diff] [blame]5 inputs.flake-utils.url = "github:numtide/flake-utils";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]6 inputs.deploy-rs.url = "github:serokell/deploy-rs";
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]7 inputs.home-manager.url = "github:nix-community/home-manager/release-23.05";
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]8 inputs.sops-nix.url = "github:Mic92/sops-nix";
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]9 inputs.scalpel.url = "github:polygon/scalpel";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]10
Skyler Greyfed0bb12023-05-01 21:42:03 +0000[diff] [blame]11 inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
Skyler Greyfed0bb12023-05-01 21:42:03 +0000[diff] [blame]12
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]13 inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs";
14
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]15 inputs.scalpel.inputs.nixpkgs.follows = "nixpkgs";
16 inputs.scalpel.inputs.sops-nix.follows = "sops-nix";
17
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]18 outputs = { self, nixpkgs, deploy-rs, home-manager, sops-nix, scalpel, ... }@inputs:
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]19 let
20 system = "x86_64-linux";
21 pkgs = import nixpkgs {
22 inherit system;
23 config.allowUnfree = true;
24 };
25 in
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]26 rec {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]27 nixosConfigurations.clicks =
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]28 let
29 base = nixpkgs.lib.nixosSystem {
30 inherit system pkgs;
31 modules = [
32 ./default/configuration.nix
33 ./default/hardware-configuration.nix
Skyler Grey703e75a2023-06-08 13:39:50 +0200[diff] [blame]34 ./modules/cache.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]35 ./modules/caddy.nix
36 ./modules/clamav.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]37 ./modules/dmarc.nix
38 ./modules/dnsmasq.nix
39 ./modules/doas.nix
40 ./modules/docker.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]41 ./modules/drivePaths.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]42 ./modules/ecryptfs.nix
43 ./modules/fail2ban.nix
44 ./modules/fuck.nix
45 ./modules/git.nix
46 ./modules/grafana.nix
47 ./modules/home-manager-users.nix
48 ./modules/kitty.nix
Skyler Grey480fd8b2023-05-24 19:11:16 +0200[diff] [blame]49 ./modules/loginctl-linger.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]50 ./modules/matrix.nix
51 ./modules/mongodb.nix
52 ./modules/node.nix
53 ./modules/postgres.nix
54 ./modules/samba.nix
55 ./modules/scalpel.nix
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]56 ./modules/ssh.nix
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]57 ./modules/static-ip.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]58 ./modules/syncthing.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]59 ./modules/tesseract.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]60 ./modules/vaultwarden.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]61 sops-nix.nixosModules.sops
62 {
63 users.mutableUsers = false;
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]64 }
65 ];
TheCodedProfd23784c2023-06-13 14:28:23 -0400[diff] [blame]66 specialArgs = { base = null; drive_paths = import ./variables/drive_paths.nix; };
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]67 };
68 in
69 base.extendModules {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]70 modules = [
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]71 scalpel.nixosModules.scalpel
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]72 ];
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]73 specialArgs = { inherit base; };
Skyler Grey4f3e6062023-03-04 01:29:29 +0000[diff] [blame]74 };
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]75
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]76 nixosConfigurations.clicks-without-mongodb =
77 nixosConfigurations.clicks.extendModules {
78 modules = [
79 { services.mongodb.enable = nixpkgs.lib.mkForce false; }
80 ];
81 };
82
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]83 deploy.nodes.clicks = {
84 sudo = "doas -u";
85 profiles = {
86 system = {
87 remoteBuild = true;
88 user = "root";
89 path = deploy-rs.lib.x86_64-linux.activate.nixos
90 self.nixosConfigurations.clicks;
91 };
92 } // (
93 let
94 mkServiceConfig = service: {
95 remoteBuild = true;
96 user = service;
97
98 profilePath = "/nix/var/nix/profiles/per-user/${service}/home-manager";
99 path =
100 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
101 {
102 inherit pkgs;
103 modules = [
104 {
105 home.homeDirectory = "/services/${service}";
106 home.username = service;
107 home.stateVersion = "22.11";
108 programs.home-manager.enable = true;
109 }
110 "${./services}/${service}"
111 ];
112 });
113 };
114 in
115 nixpkgs.lib.pipe ./services [
116 builtins.readDir
117 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
118 builtins.attrNames
119 (map (name: {
120 inherit name; value = mkServiceConfig name;
121 }))
122 builtins.listToAttrs
123 ]
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]124 ) // (
125 let
126 mkBlankConfig = username:
127 {
128 remoteBuild = true;
129 user = username;
130
131 profilePath = "/nix/var/nix/profiles/per-user/${username}/home-manager";
132 path =
133 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
134 {
135 inherit pkgs;
136 modules = [
137 {
138 home.username = username;
139 home.stateVersion = "22.11";
140 programs.home-manager.enable = true;
141 }
142 "${./homes}/${username}"
143 ];
144 });
145 };
146 in
147 nixpkgs.lib.pipe ./homes [
148 builtins.readDir
149 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
150 builtins.attrNames
151 (map (name: {
152 inherit name; value = mkBlankConfig name;
153 }))
154 builtins.listToAttrs
155 ]
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]156 );
157 hostname = "clicks";
158 profilesOrder = [ "system" ];
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]159 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]160
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]161 formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]162 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]163}