Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 1 | { |
| 2 | description = "A flake to deploy and configure Clicks' NixOS server"; |
| 3 | |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 4 | # input URLs |
Skyler Grey | 915067d | 2023-12-03 13:46:53 +0000 | [diff] [blame] | 5 | inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; |
Skyler Grey | 68b893f | 2024-04-18 10:36:40 +0000 | [diff] [blame^] | 6 | inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; |
Skyler Grey | b30f5dd | 2023-09-01 21:02:44 +0000 | [diff] [blame] | 7 | inputs.nixpkgs-clicksforms.url = "github:nixos/nixpkgs/nixos-22.05"; |
Skyler Grey | 061574c | 2023-05-01 21:39:24 +0000 | [diff] [blame] | 8 | inputs.flake-utils.url = "github:numtide/flake-utils"; |
Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 9 | inputs.deploy-rs.url = "github:serokell/deploy-rs"; |
Skyler Grey | 915067d | 2023-12-03 13:46:53 +0000 | [diff] [blame] | 10 | inputs.home-manager.url = "github:nix-community/home-manager/release-23.11"; |
Skyler Grey | a7fbaee | 2023-05-12 00:29:20 +0000 | [diff] [blame] | 11 | inputs.sops-nix.url = "github:Mic92/sops-nix"; |
Skyler Grey | a78aa67 | 2023-05-20 13:48:18 +0200 | [diff] [blame] | 12 | inputs.scalpel.url = "github:polygon/scalpel"; |
Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 13 | |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 14 | inputs.nixpkgs-privatebin.url = "github:e1mo/nixpkgs/privatebin"; |
| 15 | inputs.nixpkgs-mongodb.url = "github:nixos/nixpkgs?rev=8dfad603247387df1df4826b8bea58efc5d012d8"; |
| 16 | |
Skyler Grey | 99fbd70 | 2024-03-11 00:04:20 +0000 | [diff] [blame] | 17 | inputs.helpers.url = "git+https://git.clicks.codes/Infra/NixHelpers"; |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 18 | |
Skyler Grey | fc04859 | 2024-03-10 13:46:17 +0000 | [diff] [blame] | 19 | inputs.frappix.url = "github:blaggacao/frappix"; |
| 20 | |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 21 | # follow settings |
Skyler Grey | fed0bb1 | 2023-05-01 21:42:03 +0000 | [diff] [blame] | 22 | inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs"; |
Skyler Grey | fed0bb1 | 2023-05-01 21:42:03 +0000 | [diff] [blame] | 23 | |
Skyler Grey | a7fbaee | 2023-05-12 00:29:20 +0000 | [diff] [blame] | 24 | inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs"; |
| 25 | |
Skyler Grey | a78aa67 | 2023-05-20 13:48:18 +0200 | [diff] [blame] | 26 | inputs.scalpel.inputs.nixpkgs.follows = "nixpkgs"; |
| 27 | inputs.scalpel.inputs.sops-nix.follows = "sops-nix"; |
| 28 | |
Skyler Grey | c5ed69c | 2023-12-23 02:25:41 +0000 | [diff] [blame] | 29 | inputs.gerrit-oauth = { |
| 30 | url = "https://gerrit-ci.gerritforge.com/job/plugin-oauth-bazel-master-master/lastBuild/artifact/bazel-bin/plugins/oauth/oauth.jar"; |
| 31 | flake = false; |
| 32 | }; |
| 33 | |
Skyler Grey | fc04859 | 2024-03-10 13:46:17 +0000 | [diff] [blame] | 34 | inputs.frappix.inputs.nixpkgs.follows = "nixpkgs"; |
| 35 | |
Skyler Grey | 68b893f | 2024-04-18 10:36:40 +0000 | [diff] [blame^] | 36 | outputs = { self, nixpkgs, nixpkgs-unstable, deploy-rs, home-manager, sops-nix, scalpel |
Skyler Grey | fc04859 | 2024-03-10 13:46:17 +0000 | [diff] [blame] | 37 | , nixpkgs-privatebin, frappix, ... }@inputs: |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 38 | let |
| 39 | system = "x86_64-linux"; |
| 40 | pkgs = import nixpkgs { |
| 41 | inherit system; |
| 42 | config.allowUnfree = true; |
Skyler Grey | fc04859 | 2024-03-10 13:46:17 +0000 | [diff] [blame] | 43 | |
| 44 | # frappix -> wkhtmltopdf |
| 45 | config.permittedInsecurePackages = ["openssl-1.1.1w"]; |
| 46 | |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 47 | overlays = [ |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 48 | (final: prev: { |
Skyler Grey | 68b893f | 2024-04-18 10:36:40 +0000 | [diff] [blame^] | 49 | inherit (nixpkgs-unstable.legacyPackages.${system}) |
| 50 | vaultwarden vaultwarden-postgresql # vaultwarden updates often fix compatibility with the extension |
| 51 | matrix-sliding-sync; # matrix-sliding-sync updates very fast and being on an old version breaks app compatibility |
| 52 | }) # pin-unstable |
| 53 | (final: prev: { |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 54 | inherit (nixpkgs-privatebin.legacyPackages.${system}) |
| 55 | privatebin pbcli; |
| 56 | }) |
Skyler Grey | 99fbd70 | 2024-03-11 00:04:20 +0000 | [diff] [blame] | 57 | (functorBuster: frappix.toolsOverlay.${system} functorBuster) |
| 58 | (functorBuster: frappix.pythonOverlay.${system} functorBuster) |
| 59 | (functorBuster: frappix.frappeOverlay.${system} functorBuster) |
| 60 | (final: prev: { |
| 61 | python311 = prev.python311.override { |
| 62 | packageOverrides = pyFinal: pyPrev: { |
| 63 | elasticsearch = ( |
| 64 | pyPrev.elasticsearch.overrideAttrs (prevAttrs: { |
| 65 | propagatedBuildInputs = prevAttrs.propagatedBuildInputs ++ [ |
| 66 | final.python311Packages.elastic-transport |
| 67 | ]; |
| 68 | }) |
| 69 | ); |
| 70 | }; |
| 71 | }; |
| 72 | }) |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 73 | ]; |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 74 | }; |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 75 | helpers = inputs.helpers.helpers { inherit pkgs nixpkgs; }; |
| 76 | drive_paths = import ./variables/drive_paths.nix; |
| 77 | |
| 78 | a1d1 = import ./modules/a1d1 { inherit self pkgs system inputs drive_paths; }; |
| 79 | a1d2 = import ./modules/a1d2 { inherit self pkgs system inputs; drive_paths = null; }; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 80 | in rec { |
| 81 | nixosConfigurations.clicks = let |
| 82 | base = nixpkgs.lib.nixosSystem { |
| 83 | inherit system pkgs; |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 84 | modules = [ |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 85 | { |
| 86 | system.stateVersion = "22.11"; |
| 87 | nix.settings.experimental-features = [ "nix-command" "flakes" ]; |
Samuel Shuert | 32d3fb5 | 2023-11-22 16:25:10 -0500 | [diff] [blame] | 88 | nix.settings.trusted-users = [ "minion" "coded" ]; |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 89 | time.timeZone = "Etc/UTC"; |
| 90 | users.mutableUsers = false; |
| 91 | |
| 92 | fileSystems."/" = {}; |
| 93 | } |
| 94 | ] |
| 95 | ++ (helpers.nixFilesIn ./modules/common) |
| 96 | ++ [ |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 97 | sops-nix.nixosModules.sops |
| 98 | "${nixpkgs-privatebin}/nixos/modules/services/web-apps/privatebin.nix" |
Skyler Grey | fc04859 | 2024-03-10 13:46:17 +0000 | [diff] [blame] | 99 | frappix.nixosModules.${system}.frappix |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 100 | ]; |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 101 | specialArgs = inputs // { |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 102 | base = null; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 103 | inherit system; |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 104 | inherit helpers; |
| 105 | drive_paths = null; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 106 | }; |
Skyler Grey | 4f3e606 | 2023-03-04 01:29:29 +0000 | [diff] [blame] | 107 | }; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 108 | in base.extendModules { |
| 109 | modules = [ scalpel.nixosModules.scalpel ]; |
| 110 | specialArgs = { inherit base; }; |
| 111 | }; |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 112 | |
Skyler Grey | b3516c2 | 2023-05-24 19:17:11 +0200 | [diff] [blame] | 113 | nixosConfigurations.clicks-without-mongodb = |
| 114 | nixosConfigurations.clicks.extendModules { |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 115 | modules = [{ services.mongodb.enable = nixpkgs.lib.mkForce false; }]; |
Skyler Grey | b3516c2 | 2023-05-24 19:17:11 +0200 | [diff] [blame] | 116 | }; |
| 117 | |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 118 | nixosConfigurations.a1d1 = a1d1.config; |
| 119 | nixosConfigurations.a1d2 = a1d2.config; |
Skyler Grey | 07584fb | 2023-05-01 21:37:13 +0000 | [diff] [blame] | 120 | |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 121 | deploy.nodes.a1d1 = a1d1.deploy; |
| 122 | deploy.nodes.a1d2 = a1d2.deploy; |
Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 123 | |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 124 | devShells.x86_64-linux.default = |
| 125 | pkgs.mkShell { packages = [ pkgs.deploy-rs ]; }; |
Skyler Grey | b30f5dd | 2023-09-01 21:02:44 +0000 | [diff] [blame] | 126 | |
Skyler Grey | 2ca6ccd | 2023-10-14 22:56:43 +0000 | [diff] [blame] | 127 | formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt; |
Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 128 | }; |
Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 129 | } |