114 lines
3 KiB
Nix
Executable file
114 lines
3 KiB
Nix
Executable file
{
|
|
description = "NixOS System Configuration";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; # Stable nixpkgs.
|
|
lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot.
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config.
|
|
sops-nix.url = "github:Mic92/sops-nix"; # Secrets management.
|
|
# Secrets repo.
|
|
secrets = {
|
|
url = "git+ssh://git@docker.local:222/fern/secrets?ref=main";
|
|
flake = false;
|
|
};
|
|
|
|
# Packages.
|
|
fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0
|
|
feishin0_17.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.17.0
|
|
webone.url = "github:firewalkwithm3/webone?rev=256f5e115ceffb71fd2d61e0c7cb9b6b55c7571a"; # WebOne HTTP proxy.
|
|
};
|
|
|
|
outputs =
|
|
inputs@{
|
|
self,
|
|
nixpkgs,
|
|
lanzaboote,
|
|
nixos-hardware,
|
|
sops-nix,
|
|
fluffychat2,
|
|
feishin0_17,
|
|
...
|
|
}:
|
|
let
|
|
mkHost =
|
|
with nixpkgs.lib;
|
|
{
|
|
hostname,
|
|
suite,
|
|
platform ? "x86_64-linux",
|
|
user ? "fern",
|
|
extraModules ? [ ],
|
|
}:
|
|
nixosSystem rec {
|
|
system = platform;
|
|
|
|
specialArgs = {
|
|
inherit hostname suite platform user; # Inherit variables.
|
|
secrets = builtins.toString inputs.secrets; # Secrets directory.
|
|
# Packages
|
|
userPkgs = {
|
|
fluffychat = fluffychat2.legacyPackages.${system}.fluffychat;
|
|
feishin = feishin0_17.legacyPackages.${system}.feishin;
|
|
webone = webone.packages.${system}.default;
|
|
};
|
|
};
|
|
|
|
modules = [
|
|
./suites/common.nix
|
|
./suites/${suite}.nix
|
|
./hosts/${suite}/${hostname}.nix
|
|
] ++ extraModules;
|
|
};
|
|
in
|
|
{
|
|
nixosConfigurations = {
|
|
# Laptops.
|
|
muskduck = mkHost {
|
|
hostname = "muskduck";
|
|
suite = "laptop";
|
|
extraModules = [
|
|
lanzaboote.nixosModules.lanzaboote
|
|
nixos-hardware.nixosModules.lenovo-thinkpad-t480
|
|
];
|
|
};
|
|
|
|
# Servers.
|
|
weebill = mkHost {
|
|
hostname = "weebill";
|
|
suite = "server";
|
|
platform = "aarch64-linux";
|
|
user = "docker";
|
|
extraModules = [
|
|
nixos-hardware.nixosModules.raspberry-pi-4
|
|
];
|
|
};
|
|
|
|
# Virtual machines.
|
|
vm-docker = mkHost {
|
|
hostname = "docker";
|
|
suite = "vm";
|
|
user = "docker";
|
|
};
|
|
|
|
vm-minecraft = mkHost {
|
|
hostname = "minecraft";
|
|
suite = "vm";
|
|
user = "docker";
|
|
};
|
|
|
|
# LXC containers.
|
|
lxc-technitium = mkHost {
|
|
hostname = "technitium";
|
|
suite = "lxc";
|
|
};
|
|
|
|
lxc-firefox-syncserver = mkHost {
|
|
hostname = "firefox-syncserver";
|
|
suite = "lxc";
|
|
extraModules = [
|
|
sops-nix.nixosModules.sops
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|