NixOS deployment for LinuxLab
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
{ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
git-hooks = { url = "github:cachix/git-hooks.nix"; inputs.nixpkgs.follows = "nixpkgs"; };
colmena = { url = "github:zhaofengli/colmena"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; };
disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; };
nixago = { url = "github:jmgilman/nixago"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; };
sops = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; };
ldap-sync = { type = "git"; url = "https://gogs.informatik.hs-fulda.de/fooker/ldap-sync.git"; flake = false; }; };
outputs = { self , nixpkgs , flake-utils , colmena , git-hooks , nixago , ... }@inputs: let
# List of all machine names as defined in the machines directory machines = builtins.attrNames (builtins.readDir ./machines);
# List of all client names clients = builtins.attrNames (import ./clients.nix);
in { colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; };
specialArgs = { inherit inputs; }; };
defaults = { imports = [ inputs.disko.nixosModules.disko inputs.sops.nixosModules.sops
./shared ];
deployment.replaceUnknownProfiles = false; };
"client" = (import ./client) null; }
# Machines // (builtins.listToAttrs (builtins.map (name: { inherit name; value = ./machines/${name}; }) machines))
# Clients // (builtins.listToAttrs (builtins.map (id: { name = "client-${id}"; value = (import ./client) id; }) clients)) ;
} // flake-utils.lib.eachDefaultSystem (system: { checks = { pre-commit = git-hooks.lib.${system}.run { src = ./.; hooks = { nixpkgs-fmt.enable = true; statix.enable = true; shellcheck.enable = true; }; }; };
devShells.default = let pkgs = nixpkgs.legacyPackages.${system};
sops-config = nixago.lib.${system}.make { data = (pkgs.callPackage ./sops-config.nix { inherit machines; }).config; output = ".sops.yaml"; format = "yaml"; };
in pkgs.mkShell { buildInputs = self.checks.${system}.pre-commit.enabledPackages ++ [ colmena.packages.${system}.colmena ] ++ (with pkgs; [ bash gitAndTools.git sops age openssh ssh-to-age ]);
shellHook = ''
${self.checks.${system}.pre-commit.shellHook} ${sops-config.shellHook} '';
};
packages.disks = let pkgs = nixpkgs.legacyPackages.${system}; hive = colmena.lib.makeHive self.outputs.colmena;
in pkgs.linkFarm "linuxlab-testing" (builtins.mapAttrs (_: node: node.config.system.build.diskoImages) hive.nodes); });
nixConfig = { extra-substituters = [ "https://colmena.cachix.org" ];
extra-trusted-public-keys = [ "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" ]; }; }
|