Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 703e75a1f35c31636ca5eb84a302eb7a26e9943a / . / flake.nix
blob: fd128a181496af7aa56790b1a66e1935bf9157e2 [file] [log] [blame]
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]1{
2 description = "A flake to deploy and configure Clicks' NixOS server";
3
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]4 inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]5 inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
Skyler Grey061574c2023-05-01 21:39:24 +0000[diff] [blame]6 inputs.flake-utils.url = "github:numtide/flake-utils";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]7 inputs.deploy-rs.url = "github:serokell/deploy-rs";
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]8 inputs.home-manager.url = "github:nix-community/home-manager/release-22.11";
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]9 inputs.sops-nix.url = "github:Mic92/sops-nix";
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]10 inputs.scalpel.url = "github:polygon/scalpel";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]11
Skyler Greyfed0bb12023-05-01 21:42:03 +0000[diff] [blame]12 inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
13 inputs.home-manager.inputs.utils.follows = "deploy-rs/utils";
14
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]15 inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs";
16
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]17 inputs.scalpel.inputs.nixpkgs.follows = "nixpkgs";
18 inputs.scalpel.inputs.sops-nix.follows = "sops-nix";
19
20 outputs = { self, nixpkgs, deploy-rs, home-manager, sops-nix, scalpel, nixpkgs-unstable, ... }@inputs:
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]21 let
22 system = "x86_64-linux";
23 pkgs = import nixpkgs {
24 inherit system;
25 config.allowUnfree = true;
26 };
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]27 pkgs-unstable = import nixpkgs-unstable {
28 inherit system;
29 config.allowUnfree = true;
30 };
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]31 in
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]32 rec {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]33 nixosConfigurations.clicks =
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]34 let
35 base = nixpkgs.lib.nixosSystem {
36 inherit system pkgs;
37 modules = [
38 ./default/configuration.nix
39 ./default/hardware-configuration.nix
Skyler Grey703e75a2023-06-08 13:39:50 +0200[diff] [blame^]40 ./modules/cache.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]41 ./modules/caddy.nix
42 ./modules/clamav.nix
43 ./modules/code-server.nix
44 ./modules/dmarc.nix
45 ./modules/dnsmasq.nix
46 ./modules/doas.nix
47 ./modules/docker.nix
48 ./modules/ecryptfs.nix
49 ./modules/fail2ban.nix
50 ./modules/fuck.nix
51 ./modules/git.nix
52 ./modules/grafana.nix
53 ./modules/home-manager-users.nix
54 ./modules/kitty.nix
Skyler Grey480fd8b2023-05-24 19:11:16 +0200[diff] [blame]55 ./modules/loginctl-linger.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]56 ./modules/matrix.nix
57 ./modules/mongodb.nix
58 ./modules/node.nix
59 ./modules/postgres.nix
60 ./modules/samba.nix
61 ./modules/scalpel.nix
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]62 ./modules/static-ip.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]63 ./modules/tesseract.nix
64 sops-nix.nixosModules.sops
65 {
66 users.mutableUsers = false;
67 _module.args = { inherit pkgs-unstable; };
68 }
69 ];
70 specialArgs = { base = null; };
71 };
72 in
73 base.extendModules {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]74 modules = [
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]75 scalpel.nixosModules.scalpel
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]76 ];
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]77 specialArgs = { inherit base; };
Skyler Grey4f3e6062023-03-04 01:29:29 +0000[diff] [blame]78 };
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]79
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]80 nixosConfigurations.clicks-without-mongodb =
81 nixosConfigurations.clicks.extendModules {
82 modules = [
83 { services.mongodb.enable = nixpkgs.lib.mkForce false; }
84 ];
85 };
86
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]87 deploy.nodes.clicks = {
88 sudo = "doas -u";
89 profiles = {
90 system = {
91 remoteBuild = true;
92 user = "root";
93 path = deploy-rs.lib.x86_64-linux.activate.nixos
94 self.nixosConfigurations.clicks;
95 };
96 } // (
97 let
98 mkServiceConfig = service: {
99 remoteBuild = true;
100 user = service;
101
102 profilePath = "/nix/var/nix/profiles/per-user/${service}/home-manager";
103 path =
104 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
105 {
106 inherit pkgs;
107 modules = [
108 {
109 home.homeDirectory = "/services/${service}";
110 home.username = service;
111 home.stateVersion = "22.11";
112 programs.home-manager.enable = true;
113 }
114 "${./services}/${service}"
115 ];
116 });
117 };
118 in
119 nixpkgs.lib.pipe ./services [
120 builtins.readDir
121 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
122 builtins.attrNames
123 (map (name: {
124 inherit name; value = mkServiceConfig name;
125 }))
126 builtins.listToAttrs
127 ]
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]128 ) // (
129 let
130 mkBlankConfig = username:
131 {
132 remoteBuild = true;
133 user = username;
134
135 profilePath = "/nix/var/nix/profiles/per-user/${username}/home-manager";
136 path =
137 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
138 {
139 inherit pkgs;
140 modules = [
141 {
142 home.username = username;
143 home.stateVersion = "22.11";
144 programs.home-manager.enable = true;
145 }
146 "${./homes}/${username}"
147 ];
148 });
149 };
150 in
151 nixpkgs.lib.pipe ./homes [
152 builtins.readDir
153 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
154 builtins.attrNames
155 (map (name: {
156 inherit name; value = mkBlankConfig name;
157 }))
158 builtins.listToAttrs
159 ]
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]160 );
161 hostname = "clicks";
162 profilesOrder = [ "system" ];
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]163 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]164
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]165 formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]166 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]167}