162 lines
4.1 KiB
Nix
162 lines
4.1 KiB
Nix
{
|
|
inputs = {
|
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
|
|
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
|
|
sops-nix = {
|
|
url = "github:Mic92/sops-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
|
|
|
microvm = {
|
|
url = "github:astro/microvm.nix/v0.5.0";
|
|
inputs = {
|
|
nixpkgs.follows = "nixpkgs";
|
|
flake-utils.follows = "flake-utils";
|
|
};
|
|
};
|
|
|
|
lanzaboote = {
|
|
url = "github:nix-community/lanzaboote/v0.4.1";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
authentik-nix = {
|
|
url = "github:nix-community/authentik-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
lix = {
|
|
url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz";
|
|
flake = false;
|
|
};
|
|
|
|
lix-module = {
|
|
url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
inputs.lix.follows = "lix";
|
|
};
|
|
|
|
website = {
|
|
url = "git+https://git.oxapentane.com/0xa/website.git?ref=main";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
inputs.flake-utils.follows = "flake-utils";
|
|
};
|
|
|
|
tmux-yank = {
|
|
url = "github:tmux-plugins/tmux-yank";
|
|
flake = false;
|
|
};
|
|
};
|
|
|
|
outputs =
|
|
inputs@{
|
|
authentik-nix,
|
|
lanzaboote,
|
|
lix-module,
|
|
microvm,
|
|
nixos-hardware,
|
|
nixpkgs,
|
|
sops-nix,
|
|
...
|
|
}:
|
|
|
|
{
|
|
nixosConfigurations =
|
|
let
|
|
microvm-list = [
|
|
"auth"
|
|
"conduwuit"
|
|
"forgejo"
|
|
"immich"
|
|
"miniflux"
|
|
"radicale"
|
|
];
|
|
|
|
microvms = builtins.listToAttrs (
|
|
map (vm: {
|
|
name = vm;
|
|
value = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
specialArgs = { inherit inputs; };
|
|
modules = [
|
|
sops-nix.nixosModules.sops
|
|
microvm.nixosModules.microvm
|
|
|
|
./hosts/${vm}
|
|
./modules/server
|
|
./modules/wg
|
|
];
|
|
};
|
|
}) microvm-list
|
|
);
|
|
in
|
|
microvms
|
|
// {
|
|
toaster = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
specialArgs = { inherit inputs; };
|
|
modules = [
|
|
sops-nix.nixosModules.sops
|
|
lanzaboote.nixosModules.lanzaboote
|
|
nixos-hardware.nixosModules.lenovo-thinkpad-t14-amd-gen3
|
|
lix-module.nixosModules.default
|
|
|
|
./hosts/toaster
|
|
|
|
./modules/basic-tools
|
|
./modules/binary-caches.nix
|
|
./modules/devtools.nix
|
|
./modules/sway.nix
|
|
./modules/gnupg.nix
|
|
./modules/radio.nix
|
|
./modules/science.nix
|
|
./modules/tlp.nix
|
|
./modules/virtualization.nix
|
|
./hosts/toaster/secure-boot.nix
|
|
./modules/chromium.nix
|
|
./modules/mail
|
|
./modules/wg
|
|
];
|
|
};
|
|
cloud = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
specialArgs = { inherit inputs; };
|
|
modules = [
|
|
sops-nix.nixosModules.sops
|
|
lix-module.nixosModules.default
|
|
|
|
./hosts/cloud
|
|
|
|
./modules/basic-tools
|
|
./modules/server
|
|
./modules/binary-caches.nix
|
|
./modules/wg
|
|
];
|
|
};
|
|
minime = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
specialArgs = { inherit inputs; };
|
|
modules = [
|
|
sops-nix.nixosModules.sops
|
|
microvm.nixosModules.host
|
|
lix-module.nixosModules.default
|
|
|
|
./hosts/minime
|
|
./modules/basic-tools
|
|
./modules/server
|
|
./modules/binary-caches.nix
|
|
./modules/wg
|
|
|
|
{
|
|
config.microvm.autostart = microvm-list;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|