{ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11-small"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; nixpkgs-master.url = "github:NixOS/nixpkgs/master"; nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; }; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; }; outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs: let hosts = import ./hosts.nix inputs; helper = import ./helper.nix inputs; in { colmena = { meta = { # Set the default pkgs, which is pointless in this case, # because nodeNixpkgs is overriding it anyway and a default value is generated. # It is still needed for colmena to run. nixpkgs = nixpkgs.legacyPackages."x86_64-linux"; # Specify nixpkgs to use for each host. # The default is "nixpkgs" for "x86_64-linux" systems, # but it is overridden by the host-specific "hostNixpkgs" and "system" attributes. nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts; specialArgs = { inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; # Provide environment for secret key command keyCommandEnv = [ "env" "GNUPGHOME=/home/fi/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/fi/pass/infra" ]; }; }; } // builtins.mapAttrs (helper.generateColmenaHost) hosts; hydraJobs = { nixConfigurations = builtins.mapAttrs (host: helper.generateNixConfiguration host { inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; }) hosts; }; # Generate a base VM image for Proxmox with `nix build .#base-proxmox` packages.x86_64-linux = { base-proxmox = nixos-generators.nixosGenerate { system = "x86_64-linux"; modules = [ ./config/common ./config/nixos-generators ./config/nixos-generators/proxmox.nix ./config/environments/proxmox-vm ]; format = "proxmox"; }; base-openstack = nixos-generators.nixosGenerate { system = "x86_64-linux"; modules = [ ./config/common ./config/nixos-generators ./config/environments/openstack-vm ]; format = "openstack"; }; }; # Binary cache hint nixConfig = { extra-substituters = [ "https://nix-cache.nekover.se" ]; extra-trusted-public-keys = [ "nix-cache.nekover.se:f/VfGqC5lctLzOa6pLLDmEkihcip4WYpYShlW3rivLU=" ]; }; }; }