diff --git a/flake.nix b/flake.nix index 1070488..541db86 100644 --- a/flake.nix +++ b/flake.nix @@ -60,116 +60,95 @@ }: { - nixosConfigurations = { - toaster = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - lanzaboote.nixosModules.lanzaboote - nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3 - lix-module.nixosModules.default - - ./hosts/toaster - - ./modules/basic-tools - ./modules/binary-caches.nix - ./modules/devtools.nix - ./modules/gnome.nix - ./modules/gnupg.nix - ./modules/radio.nix - ./modules/science.nix - ./modules/tlp.nix - ./modules/virtualization.nix - ./hosts/toaster/secure-boot.nix - ./modules/chromium.nix - ./modules/mail - ./modules/wg + nixosConfigurations = + let + microvm-list = [ + "auth" + "immich" + "miniflux" + "radicale" ]; + + microvms = builtins.listToAttrs ( + map (vm: { + name = vm; + value = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + microvm.nixosModules.microvm + + ./hosts/${vm} + ./modules/server + ./modules/wg + ]; + }; + }) microvm-list + ); + in + microvms + // { + toaster = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + lanzaboote.nixosModules.lanzaboote + nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3 + lix-module.nixosModules.default + + ./hosts/toaster + + ./modules/basic-tools + ./modules/binary-caches.nix + ./modules/devtools.nix + ./modules/gnome.nix + ./modules/gnupg.nix + ./modules/radio.nix + ./modules/science.nix + ./modules/tlp.nix + ./modules/virtualization.nix + ./hosts/toaster/secure-boot.nix + ./modules/chromium.nix + ./modules/mail + ./modules/wg + ]; + }; + cloud = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + lix-module.nixosModules.default + + ./hosts/cloud + + ./modules/basic-tools + ./modules/server + ./modules/binary-caches.nix + ./modules/wg + ]; + }; + minime = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + microvm.nixosModules.host + lix-module.nixosModules.default + + ./hosts/minime + ./modules/basic-tools + ./modules/server + ./modules/binary-caches.nix + ./modules/wg + + { + config.microvm.autostart = microvm-list; + } + ]; + }; }; - cloud = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - lix-module.nixosModules.default - - ./hosts/cloud - - ./modules/basic-tools - ./modules/server - ./modules/binary-caches.nix - ./modules/wg - ]; - }; - minime = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.host - lix-module.nixosModules.default - - ./hosts/minime - ./modules/basic-tools - ./modules/server - ./modules/binary-caches.nix - ./modules/wg - ]; - }; - - auth = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.microvm - authentik-nix.nixosModules.default - - ./hosts/auth - ./modules/server - ./modules/wg - ]; - }; - - immich = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.microvm - - ./hosts/immich - ./modules/server - ./modules/wg - ]; - }; - - miniflux = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.microvm - - ./hosts/miniflux - ./modules/server - ./modules/wg - ]; - }; - - radicale = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - sops-nix.nixosModules.sops - microvm.nixosModules.microvm - - ./hosts/radicale - ./modules/server - ./modules/wg - ]; - }; - }; }; } diff --git a/hosts/auth/authentik.nix b/hosts/auth/authentik.nix index f60f269..023e2db 100644 --- a/hosts/auth/authentik.nix +++ b/hosts/auth/authentik.nix @@ -1,5 +1,8 @@ -{ config, ... }: +{ config, inputs, ... }: { + imports = [ + inputs.authentik-nix.nixosModules.default + ]; sops.secrets."authentik/env" = { }; services.authentik = { enable = true; diff --git a/hosts/minime/uvm.nix b/hosts/minime/uvm.nix deleted file mode 100644 index 93f2253..0000000 --- a/hosts/minime/uvm.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ inputs, ... }: -{ - microvm.stateDir = "/var/lib/microvms"; - microvm.autostart = [ - "auth" - "radicale" - "immich" - "miniflux" - ]; - microvm.vms = { - auth = { - flake = inputs.self; - updateFlake = "github:gshipunov/nix-config/master"; - }; - radicale = { - flake = inputs.self; - updateFlake = "github:gshipunov/nix-config/master"; - }; - immich = { - flake = inputs.self; - updateFlake = "github:gshipunov/nix-config/master"; - }; - }; -}