xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-configs/flake.nix
Lucy Hochkamp f7afa33a13
Some checks failed
ci/woodpecker/push/build-cache Pipeline failed
Details
ci/woodpecker/cron/dependency-pr Pipeline was successful
Details
update
2025-10-23 16:38:51 +02:00

214 lines
6.5 KiB
Nix
Raw Blame History

{
description = "xyno doin nixos";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nixpkgs-master.url = "github:nixos/nixpkgs?ref=master";
mobile-nixos.url = "github:mobile-nixos/mobile-nixos";
mobile-nixos.flake = false;
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence";
colmena.url = "github:zhaofengli/colmena/release-0.4.x";
colmena.inputs.nixpkgs.follows = "nixpkgs";
# software
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
zen-browser.url = "github:0xc000022070/zen-browser-flake";
zen-browser.inputs.nixpkgs.follows = "nixpkgs-master";
kmonad = {
url = "git+https://github.com/jokesper/kmonad?dir=nix&ref=feat-tap-overlap";
inputs.nixpkgs.follows = "nixpkgs";
};
niri.url = "github:YaLTeR/niri";
niri.inputs.nixpkgs.follows = "nixpkgs-master";
xwayland-satellite.url = "github:Supreeeme/xwayland-satellite";
xwayland-satellite.inputs.nixpkgs.follows = "nixpkgs-master";
nheko.url = "github:Nheko-Reborn/nheko";
nheko.flake = false;
mtxclient.url = "github:Nheko-Reborn/mtxclient";
mtxclient.flake = false;
nix-ci.url = "git+https://git.xyno.systems/xyno/nix-ci";
nix-ci.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database.url = "github:nix-community/nix-index-database";
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
# helix
helix.url = "github:helix-editor/helix";
# helix.url = "github:sofusa/helix-pull-diagnostics";
helix.inputs.nixpkgs.follows = "nixpkgs-master";
# csharp-language-server.url = "github:sofusa/csharp-language-server";
# csharp-language-server.inputs.nixpkgs.follows = "nixpkgs-master";
# authentik
authentik.url = "github:nix-community/authentik-nix";
authentik.inputs.nixpkgs.follows = "nixpkgs";
terranix.url = "github:terranix/terranix";
terranix.inputs.nixpkgs.follows = "nixpkgs";
};
outputs =
inputs@{
self,
nixpkgs,
nixpkgs-master,
colmena,
...
}:
let
lib = nixpkgs.lib.extend (
s: super: {
xyno = import ./lib {
inherit inputs nixpkgs self;
lib = s;
};
}
);
overlays = [
self.overlays.default
inputs.nix-ci.overlays.default
(final: prev: {
inherit (final.unstable.lixPackageSets.latest)
nixpkgs-review
nix-direnv
nix-eval-jobs
nix-fast-build
colmena
;
})
];
genPkgs =
system:
import nixpkgs {
inherit system overlays;
config.allowUnfree = true;
};
modules = [
inputs.kmonad.nixosModules.default
inputs.home-manager.nixosModules.default
inputs.lanzaboote.nixosModules.lanzaboote
inputs.sops-nix.nixosModules.sops
inputs.impermanence.nixosModules.impermanence
inputs.authentik.nixosModules.default
inputs.nix-index-database.nixosModules.nix-index
]
++ (import ./modules/module-list.nix);
systems = [
"x86_64-linux"
"aarch64-linux"
];
forEachSystem = f: (map (x: f x) systems);
importConfigs =
n:
map (x: {
${x} = {nodes, ...}: {
networking.hostName = x;
imports = modules ++ [ (./instances/${x}) ];
_module.args.otherNodes = lib.filterAttrs (n: v: n != x) nodes;
};
}) n;
in
lib.foldl' lib.recursiveUpdate { } (
[
{
colmenaHive = colmena.lib.makeHive (
lib.foldl' lib.recursiveUpdate
{
meta = {
specialArgs = { inherit inputs; };
nixpkgs = genPkgs "x86_64-linux";
};
deployment.privilegeEscalationCommand = [
"run0"
"--unit=colmena-apply"
];
}
(importConfigs [
"ds9"
"picard"
"theseus"
])
);
overlays.default =
final: prev:
(
{
unstable = import nixpkgs-master {
system = prev.system;
config.allowUnfree = true;
};
}
// (import ./overlays inputs final prev)
);
hydraJobs.systems = lib.foldl' lib.recursiveUpdate { } [
(builtins.mapAttrs (
host: config:
lib.foldl' lib.recursiveUpdate { } ([
{
inherit (config.config.system.build) toplevel;
kernel = config.config.boot.kernelPackages.kernel;
}
])
) self.colmenaHive.nodes)
];
hydraJobs.fods = {
caddy = self.nixosConfigurations.ds9.config.services.caddy.package;
};
}
]
++ (forEachSystem (
system:
let
pkgs = genPkgs system;
in
{
devShells.${system}.default = pkgs.mkShell {
packages = [
pkgs.nixfmt-rfc-style
pkgs.nil
pkgs.sops
(pkgs.runCommand "nix-config-bin" { } ''
mkdir -p $out/bin
cp ${./bin}/* $out/bin
'')
pkgs.colmena
]
++ (lib.attrValues self.packages.${system});
SOPS_CONFIG = (pkgs.callPackage ./sops.nix { instanceConfigs = lib.xyno.getDirs ./instances; });
};
packages.${system} = {
nix = pkgs.unstable.lixPackageSets.latest.lix;
inherit (pkgs)
nix-fast-build
attic-client
jq
nix-ci
;
};
checks.${system}."nixos" = pkgs.testers.runNixOSTest {
imports = (import ./modules/test-list.nix);
node.specialArgs = { inherit inputs; };
extraBaseModules.imports = modules;
extraBaseModules.services.openssh.enable = true;
node.pkgsReadOnly = false;
};
}
))
);
}
Reference in a new issue View git blame Copy permalink