115 lines
2.9 KiB
Nix
Executable file
115 lines
2.9 KiB
Nix
Executable file
{
|
|
description = "NixOS System Configuration";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; # Stable nixpkgs.
|
|
lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot.
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config.
|
|
sops-nix.url = "github:Mic92/sops-nix"; # Secrets management.
|
|
# Secrets repo.
|
|
secrets = {
|
|
url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
|
|
flake = false;
|
|
};
|
|
|
|
# Updated packages.
|
|
fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
|
|
feishin0_17.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.17.0
|
|
};
|
|
|
|
outputs =
|
|
inputs@{
|
|
self,
|
|
nixpkgs,
|
|
lanzaboote,
|
|
nixos-hardware,
|
|
sops-nix,
|
|
fluffychat2,
|
|
feishin0_17,
|
|
...
|
|
}:
|
|
let
|
|
mkHost =
|
|
with nixpkgs.lib;
|
|
{
|
|
hostname,
|
|
suite,
|
|
platform,
|
|
user ? "fern",
|
|
extraModules ? [ ],
|
|
}:
|
|
nixosSystem rec {
|
|
system = platform;
|
|
|
|
specialArgs = {
|
|
inherit user;
|
|
secrets = builtins.toString inputs.secrets;
|
|
fluffychat2 = import fluffychat2 { inherit system; };
|
|
feishin0_17 = import feishin0_17 { inherit system; };
|
|
};
|
|
|
|
modules = [
|
|
./suites/common.nix
|
|
./suites/${suite}.nix
|
|
./hosts/${suite}/${hostname}.nix
|
|
{ networking.hostName = hostname; }
|
|
] ++ extraModules;
|
|
};
|
|
in
|
|
{
|
|
nixosConfigurations = {
|
|
# Laptops.
|
|
muskduck = mkHost {
|
|
hostname = "muskduck";
|
|
suite = "laptop";
|
|
platform = "x86_64-linux";
|
|
extraModules = [
|
|
lanzaboote.nixosModules.lanzaboote
|
|
nixos-hardware.nixosModules.lenovo-thinkpad-t480
|
|
];
|
|
};
|
|
|
|
# Servers.
|
|
weebill = mkHost {
|
|
hostname = "weebill";
|
|
suite = "server";
|
|
platform = "aarch64-linux";
|
|
user = "docker";
|
|
extraModules = [
|
|
nixos-hardware.nixosModules.raspberry-pi-4
|
|
];
|
|
};
|
|
|
|
# Virtual machines.
|
|
vm-docker = mkHost {
|
|
hostname = "docker";
|
|
suite = "vm";
|
|
user = "docker";
|
|
platform = "x86_64-linux";
|
|
};
|
|
|
|
vm-minecraft = mkHost {
|
|
hostname = "minecraft";
|
|
suite = "vm";
|
|
user = "docker";
|
|
platform = "x86_64-linux";
|
|
};
|
|
|
|
# LXC containers.
|
|
lxc-technitium = mkHost {
|
|
hostname = "technitium";
|
|
suite = "lxc";
|
|
platform = "x86_64-linux";
|
|
};
|
|
|
|
lxc-firefox-syncserver = mkHost {
|
|
hostname = "firefox-syncserver";
|
|
suite = "lxc";
|
|
platform = "x86_64-linux";
|
|
extraModules = [
|
|
sops-nix.nixosModules.sops
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|