{ inputs = { nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; flake-utils.url = "github:numtide/flake-utils"; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; microvm = { url = "github:astro/microvm.nix/v0.5.0"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; authentik-nix = { url = "github:nix-community/authentik-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; lix = { url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"; flake = false; }; lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; inputs.lix.follows = "lix"; }; website = { url = "git+https://git.oxapentane.com/0xa/website.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; tmux-yank = { url = "github:tmux-plugins/tmux-yank"; flake = false; }; }; outputs = inputs@{ authentik-nix, lanzaboote, lix-module, microvm, nixos-hardware, nixpkgs, sops-nix, ... }: { nixosConfigurations = let microvm-list = [ "auth" "conduwuit" "forgejo" "immich" "miniflux" "radicale" ]; microvms = builtins.listToAttrs ( map (vm: { name = vm; value = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ sops-nix.nixosModules.sops microvm.nixosModules.microvm ./hosts/${vm} ./modules/server ./modules/wg ]; }; }) microvm-list ); in microvms // { toaster = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ sops-nix.nixosModules.sops lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3 lix-module.nixosModules.default ./hosts/toaster ./modules/basic-tools ./modules/binary-caches.nix ./modules/devtools.nix ./modules/gnome.nix ./modules/gnupg.nix ./modules/radio.nix ./modules/science.nix ./modules/tlp.nix ./modules/virtualization.nix ./hosts/toaster/secure-boot.nix ./modules/chromium.nix ./modules/mail ./modules/wg ]; }; cloud = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ sops-nix.nixosModules.sops lix-module.nixosModules.default ./hosts/cloud ./modules/basic-tools ./modules/server ./modules/binary-caches.nix ./modules/wg ]; }; minime = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; modules = [ sops-nix.nixosModules.sops microvm.nixosModules.host lix-module.nixosModules.default ./hosts/minime ./modules/basic-tools ./modules/server ./modules/binary-caches.nix ./modules/wg { config.microvm.autostart = microvm-list; } ]; }; }; }; }