{ description = "Thary and nothing.run`s NixOS configuration"; inputs = { # NixOS stuff nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { url = "github:nix-community/lanzaboote"; inputs.nixpkgs.follows = "nixpkgs"; }; deploy-rs.url = "github:serokell/deploy-rs"; impermanence.url = "github:nix-community/impermanence"; agenix.url = "github:ryantm/agenix"; agenix-rekey = { url = "github:oddlama/agenix-rekey"; inputs.nixpkgs.follows = "nixpkgs"; }; nixpak = { url = "github:nixpak/nixpak"; inputs.nixpkgs.follows = "nixpkgs"; }; # User stuff niri.url = "github:sodiboo/niri-flake"; ags.url = "github:Aylur/ags"; stylix.url = "github:danth/stylix"; arkenfox = { url = "github:dwarfmaster/arkenfox-nixos"; inputs.nixpkgs.follows = "nixpkgs"; }; website = { url = "git+https://tea.nothing.run/nothing.run/website?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, nixpkgs, ... } @ inputs: let system = "x86_64-linux"; l = nixpkgs.lib.extend (import ./lib); getModules = dir: l.pipe (l.filterAttrs (_: type: type == "directory") (builtins.readDir ./${dir})) [ (x: builtins.mapAttrs (name: _: builtins.readDir ./${dir}/${name}) x) # Get all types and their files (x: builtins.mapAttrs (name: value: (l.pipe value [ (y: l.filterAttrs (n: _: n != "secrets") y) # Exclude agenix secrets directory (y: l.filterAttrs (n: _: n != "containers") y) # Exclude containers directory (y: l.mapAttrsToList (n: _: ./${dir}/${name}/${n}) y) # Make phoenix."default.nix" = "regular" phoenix = [ "default.nix" ] ])) x) ]; modulesList = { hosts = getModules "hosts"; # profiles = getModules "profiles"; modules = getModules "modules"; # users = getModules "users"; }; hosts = builtins.mapAttrs ( host: modules: let cfg = import ./hosts/${host}/default.nix { lib = l; pkgs = {}; config = {}; }; in l.nixosSystem { inherit system; specialArgs = { inherit inputs; inherit host; username = cfg.n.host.defaultUser; }; modules = modules ++ l.flatten (builtins.map (x: modulesList.modules.${x}) (cfg.n.host.types ++ [ "global" "n" ] )); }) modulesList.hosts; externals = l.pipe hosts [ # (x: builtins.mapAttrs (_: v: (l.filterAttrs (n: _: n == "global" || n == "nodes") v.config)) x) # Get `global` and `nodes` (x: builtins.mapAttrs (_: v: (l.filterAttrs (n: _: n == "nodes") v.config)) x) # Get `nodes` (x: builtins.attrValues x) ]; hosts' = builtins.mapAttrs ( name: system: system.extendModules { modules = map (n: if l.hasAttr "${name}" n.nodes then n.nodes.${name} else {}) externals; } ) hosts; in { nixosConfigurations = hosts'; deploy = { # sudo = "doas -u"; sshOpts = [ "-p" "22" ]; autoRollback = false; magicRollback = false; remoteBuild = false; # KOSTYL' nodes.cepheus = { hostname = "nothing.run"; user = "root"; profiles.system = { sshUser = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.cepheus; }; }; nodes.naos = { hostname = "192.168.1.115"; user = "root"; profiles.system = { sshUser = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.cepheus; }; }; }; # This is highly advised, and will prevent many possible mistakes checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib; agenix-rekey = inputs.agenix-rekey.configure { userFlake = self; nixosConfigurations = self.nixosConfigurations; }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; }; }