Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 9fe6128b776bca75df14ef1325c8108659e37aca / . / flake.nix
blob: caa057175c89df45d557a4a154566aa5792b3ee8 [file] [log] [blame]
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]1{
2 description = "A flake to deploy and configure Clicks' NixOS server";
3
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]4 inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
Skyler Grey061574c2023-05-01 21:39:24 +0000[diff] [blame]5 inputs.flake-utils.url = "github:numtide/flake-utils";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]6 inputs.deploy-rs.url = "github:serokell/deploy-rs";
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]7 inputs.home-manager.url = "github:nix-community/home-manager/release-23.05";
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]8 inputs.sops-nix.url = "github:Mic92/sops-nix";
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]9 inputs.scalpel.url = "github:polygon/scalpel";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]10
Skyler Greyfed0bb12023-05-01 21:42:03 +0000[diff] [blame]11 inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
Skyler Greyfed0bb12023-05-01 21:42:03 +0000[diff] [blame]12
Skyler Greya7fbaee2023-05-12 00:29:20 +0000[diff] [blame]13 inputs.sops-nix.inputs.nixpkgs.follows = "nixpkgs";
14
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]15 inputs.scalpel.inputs.nixpkgs.follows = "nixpkgs";
16 inputs.scalpel.inputs.sops-nix.follows = "sops-nix";
17
Skyler Grey9fe61282023-08-20 21:52:48 +0000[diff] [blame^]18 inputs.nixpkgs-privatebin.url = "github:e1mo/nixpkgs/privatebin";
19
20 outputs =
21 { self
22 , nixpkgs
23 , deploy-rs
24 , home-manager
25 , sops-nix
26 , scalpel
27 , nixpkgs-privatebin
28 , ...
29 }@inputs:
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]30 let
31 system = "x86_64-linux";
32 pkgs = import nixpkgs {
33 inherit system;
34 config.allowUnfree = true;
Skyler Grey9fe61282023-08-20 21:52:48 +0000[diff] [blame^]35 overlays = [
36 (final: prev: { inherit (nixpkgs-privatebin.legacyPackages.${system}) privatebin pbcli; })
37 ];
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]38 };
39 in
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]40 rec {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]41 nixosConfigurations.clicks =
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]42 let
43 base = nixpkgs.lib.nixosSystem {
44 inherit system pkgs;
45 modules = [
46 ./default/configuration.nix
47 ./default/hardware-configuration.nix
Skyler Grey703e75a2023-06-08 13:39:50 +0200[diff] [blame]48 ./modules/cache.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]49 ./modules/caddy.nix
50 ./modules/clamav.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]51 ./modules/dmarc.nix
52 ./modules/dnsmasq.nix
53 ./modules/doas.nix
54 ./modules/docker.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]55 ./modules/drivePaths.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]56 ./modules/ecryptfs.nix
57 ./modules/fail2ban.nix
58 ./modules/fuck.nix
59 ./modules/git.nix
60 ./modules/grafana.nix
61 ./modules/home-manager-users.nix
62 ./modules/kitty.nix
Skyler Grey480fd8b2023-05-24 19:11:16 +0200[diff] [blame]63 ./modules/loginctl-linger.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]64 ./modules/matrix.nix
65 ./modules/mongodb.nix
66 ./modules/node.nix
67 ./modules/postgres.nix
Skyler Grey9fe61282023-08-20 21:52:48 +0000[diff] [blame^]68 ./modules/privatebin.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]69 ./modules/samba.nix
70 ./modules/scalpel.nix
Skyler Grey07c947a2023-06-08 14:11:23 +0200[diff] [blame]71 ./modules/ssh.nix
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]72 ./modules/static-ip.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]73 ./modules/syncthing.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]74 ./modules/tesseract.nix
Skyler Grey87a11552023-06-14 23:02:25 +0200[diff] [blame]75 ./modules/vaultwarden.nix
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]76 sops-nix.nixosModules.sops
Skyler Grey9fe61282023-08-20 21:52:48 +0000[diff] [blame^]77 "${nixpkgs-privatebin}/nixos/modules/services/web-apps/privatebin.nix"
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]78 {
79 users.mutableUsers = false;
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]80 }
81 ];
TheCodedProfd23784c2023-06-13 14:28:23 -0400[diff] [blame]82 specialArgs = { base = null; drive_paths = import ./variables/drive_paths.nix; };
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]83 };
84 in
85 base.extendModules {
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]86 modules = [
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]87 scalpel.nixosModules.scalpel
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]88 ];
Skyler Greya78aa672023-05-20 13:48:18 +0200[diff] [blame]89 specialArgs = { inherit base; };
Skyler Grey4f3e6062023-03-04 01:29:29 +0000[diff] [blame]90 };
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]91
Skyler Greyb3516c22023-05-24 19:17:11 +0200[diff] [blame]92 nixosConfigurations.clicks-without-mongodb =
93 nixosConfigurations.clicks.extendModules {
94 modules = [
95 { services.mongodb.enable = nixpkgs.lib.mkForce false; }
96 ];
97 };
98
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]99 deploy.nodes.clicks = {
100 sudo = "doas -u";
101 profiles = {
102 system = {
103 remoteBuild = true;
104 user = "root";
105 path = deploy-rs.lib.x86_64-linux.activate.nixos
106 self.nixosConfigurations.clicks;
107 };
108 } // (
109 let
110 mkServiceConfig = service: {
111 remoteBuild = true;
112 user = service;
113
114 profilePath = "/nix/var/nix/profiles/per-user/${service}/home-manager";
115 path =
116 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
117 {
118 inherit pkgs;
119 modules = [
120 {
121 home.homeDirectory = "/services/${service}";
122 home.username = service;
123 home.stateVersion = "22.11";
124 programs.home-manager.enable = true;
125 }
126 "${./services}/${service}"
127 ];
128 });
129 };
130 in
131 nixpkgs.lib.pipe ./services [
132 builtins.readDir
133 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
134 builtins.attrNames
135 (map (name: {
136 inherit name; value = mkServiceConfig name;
137 }))
138 builtins.listToAttrs
139 ]
Skyler Grey5b2c0382023-05-29 11:09:05 +0200[diff] [blame]140 ) // (
141 let
142 mkBlankConfig = username:
143 {
144 remoteBuild = true;
145 user = username;
146
147 profilePath = "/nix/var/nix/profiles/per-user/${username}/home-manager";
148 path =
149 deploy-rs.lib.x86_64-linux.activate.home-manager (home-manager.lib.homeManagerConfiguration
150 {
151 inherit pkgs;
152 modules = [
153 {
154 home.username = username;
155 home.stateVersion = "22.11";
156 programs.home-manager.enable = true;
157 }
158 "${./homes}/${username}"
159 ];
160 });
161 };
162 in
163 nixpkgs.lib.pipe ./homes [
164 builtins.readDir
165 (nixpkgs.lib.filterAttrs (_name: value: value == "directory"))
166 builtins.attrNames
167 (map (name: {
168 inherit name; value = mkBlankConfig name;
169 }))
170 builtins.listToAttrs
171 ]
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]172 );
173 hostname = "clicks";
174 profilesOrder = [ "system" ];
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]175 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]176
Skyler Grey07584fb2023-05-01 21:37:13 +0000[diff] [blame]177 formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]178 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]179}