Compare commits
No commits in common. "main" and "testing" have entirely different histories.
1 changed files with 82 additions and 84 deletions
166
helpers.nix
166
helpers.nix
|
|
@ -12,101 +12,99 @@ with inputs.nixpkgs.lib; {
|
||||||
suite ? "",
|
suite ? "",
|
||||||
docker ? false,
|
docker ? false,
|
||||||
hostModules ? [],
|
hostModules ? [],
|
||||||
}: let
|
}:
|
||||||
# Secrets directory.
|
{
|
||||||
secrets = builtins.toString inputs.secrets;
|
nixosConfigurations.${hostname} = nixosSystem rec {
|
||||||
|
# Architecture.
|
||||||
|
system = platform;
|
||||||
|
|
||||||
# Architecture.
|
# nixpkgs config.
|
||||||
system = platform;
|
pkgs = import nixpkgs {
|
||||||
|
inherit system;
|
||||||
|
|
||||||
# Stable nixpkgs with overlay.
|
config = {
|
||||||
pkgs = import nixpkgs {
|
# Allow installation of proprietary software.
|
||||||
inherit system;
|
allowUnfree = true;
|
||||||
|
# Allow the installation of packages marked as insecure in nixpkgs.
|
||||||
config = {
|
permittedInsecurePackages = [
|
||||||
# Allow installation of proprietary software.
|
"dotnet-sdk-6.0.428" # For WebOne.
|
||||||
allowUnfree = true;
|
"dotnet-runtime-6.0.36" # For WebOne.
|
||||||
# Allow the installation of packages marked as insecure in nixpkgs.
|
];
|
||||||
permittedInsecurePackages = [
|
|
||||||
"dotnet-sdk-6.0.428" # For WebOne.
|
|
||||||
"dotnet-runtime-6.0.36" # For WebOne.
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Import my overlays.
|
|
||||||
overlays = [
|
|
||||||
(import ./overlay.nix {inherit nixpkgs-unstable nixpkgs-pr-feishin;})
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# deploy-rs.
|
|
||||||
deployPkgs = import nixpkgs {
|
|
||||||
inherit system;
|
|
||||||
|
|
||||||
overlays = [
|
|
||||||
deploy-rs.overlays.default
|
|
||||||
(self: super: {
|
|
||||||
deploy-rs = {
|
|
||||||
inherit (pkgs) deploy-rs;
|
|
||||||
lib = super.deploy-rs.lib;
|
|
||||||
};
|
};
|
||||||
})
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
nixosConfigurations.${hostname} = nixosSystem {
|
|
||||||
inherit system pkgs;
|
|
||||||
|
|
||||||
specialArgs = {
|
# Import my overlays.
|
||||||
# Pass variables to config.
|
overlays = [
|
||||||
inherit inputs secrets hostname;
|
(import ./overlay.nix {inherit nixpkgs-unstable nixpkgs-pr-feishin;})
|
||||||
};
|
];
|
||||||
|
};
|
||||||
|
|
||||||
modules =
|
specialArgs = {
|
||||||
[
|
# Pass hostname & inputs to config.
|
||||||
nixvim.nixosModules.nixvim # Neovim.
|
inherit inputs hostname;
|
||||||
lanzaboote.nixosModules.lanzaboote # Secure boot.
|
|
||||||
sops-nix.nixosModules.sops # Secrets management.
|
|
||||||
|
|
||||||
./suites/${suite} # Collection of configuration options for different types of systems.
|
# Secrets directory.
|
||||||
./hosts/${hostname} # Host-specific config.
|
secrets = builtins.toString inputs.secrets;
|
||||||
|
};
|
||||||
|
|
||||||
# Home manager.
|
modules =
|
||||||
home-manager.nixosModules.home-manager
|
[
|
||||||
{
|
nixvim.nixosModules.nixvim # Neovim.
|
||||||
home-manager = {
|
lanzaboote.nixosModules.lanzaboote # Secure boot.
|
||||||
useGlobalPkgs = true;
|
sops-nix.nixosModules.sops # Secrets management.
|
||||||
useUserPackages = true;
|
|
||||||
backupFileExtension = "backup";
|
|
||||||
users.fern = {
|
|
||||||
# Me!
|
|
||||||
home.username = "fern";
|
|
||||||
home.homeDirectory = "/home/fern";
|
|
||||||
|
|
||||||
# Home manager version.
|
./suites/${suite} # Collection of configuration options for different types of systems.
|
||||||
home.stateVersion = "25.05";
|
./hosts/${hostname} # Host-specific config.
|
||||||
|
|
||||||
# Let Home Manager install and manage itself.
|
# Home manager.
|
||||||
programs.home-manager.enable = true;
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
backupFileExtension = "backup";
|
||||||
|
users.fern = {
|
||||||
|
# Me!
|
||||||
|
home.username = "fern";
|
||||||
|
home.homeDirectory = "/home/fern";
|
||||||
|
|
||||||
# Import config.
|
# Home manager version.
|
||||||
imports = [./suites/${suite}/home.nix];
|
home.stateVersion = "25.05";
|
||||||
|
|
||||||
|
# Let Home Manager install and manage itself.
|
||||||
|
programs.home-manager.enable = true;
|
||||||
|
|
||||||
|
# Import config.
|
||||||
|
imports = [./suites/${suite}/home.nix];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
}
|
||||||
}
|
]
|
||||||
]
|
++ hostModules # Host-specific modules.
|
||||||
++ hostModules # Host-specific modules.
|
++ optionals (docker == true) [./suites/server/docker] # Enable docker if required.
|
||||||
++ optionals (docker == true) [./suites/server/docker] # Enable docker if required.
|
++ (filesystem.listFilesRecursive ./modules); # Custom modules.
|
||||||
++ (filesystem.listFilesRecursive ./modules); # Custom modules.
|
};
|
||||||
};
|
}
|
||||||
|
// optionalAttrs (strings.hasPrefix "server" suite) {
|
||||||
deploy.nodes.${hostname} = mkIf (strings.hasPrefix "server" suite) {
|
deploy.nodes.${hostname} = let
|
||||||
hostname = "${hostname}.local";
|
deployPkgs = import nixpkgs {
|
||||||
profiles.system = {
|
inherit system;
|
||||||
user = "root";
|
overlays = [
|
||||||
sshuser = "fern";
|
deploy-rs.overlays.default
|
||||||
path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname};
|
(self: super: {
|
||||||
|
deploy-rs = {
|
||||||
|
inherit (pkgs) deploy-rs;
|
||||||
|
lib = super.deploy-rs.lib;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
hostname = "${hostname}.local";
|
||||||
|
profiles.system = {
|
||||||
|
user = "root";
|
||||||
|
sshuser = "fern";
|
||||||
|
path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue