nix-infra/flake.nix

82 lines
2.8 KiB
Nix

{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
pterodactyl = {
url = "git+https://git.nekover.se/fi/pterodactyl.git";
};
};
outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, pterodactyl, ... }@inputs:
let
hosts = import ./hosts.nix inputs;
helper = import ./helper.nix inputs;
in {
colmena = {
meta = {
# Set the default pkgs, which is pointless in this case,
# because nodeNixpkgs is overriding it anyway and a default value is generated.
# It is still needed for colmena to run.
nixpkgs = nixpkgs.legacyPackages."x86_64-linux";
# Specify nixpkgs to use for each host.
# The default is "nixpkgs" for "x86_64-linux" systems,
# but it is overridden by the host-specific "hostNixpkgs" and "system" attributes.
nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts;
specialArgs = {
inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver pterodactyl;
# Provide environment for secret key command
keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ];
};
};
} // builtins.mapAttrs (helper.generateColmenaHost) hosts;
hydraJobs = {
nixConfigurations = builtins.mapAttrs (host: helper.generateNixConfiguration host {
inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver;
}) hosts;
};
# Generate a base VM image for Proxmox with `nix build .#base-proxmox`
packages.x86_64-linux = {
base-proxmox = nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = [
./config/common
./config/nixos-generators
./config/nixos-generators/proxmox.nix
./config/environments/proxmox-vm
];
format = "proxmox";
};
base-openstack = nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = [
./config/common
./config/nixos-generators
./config/environments/openstack-vm
];
format = "openstack";
};
};
# Binary cache hint
nixConfig = {
extra-substituters = [
"https://nix-cache.nekover.se"
];
extra-trusted-public-keys = [
"nix-cache.nekover.se:f/VfGqC5lctLzOa6pLLDmEkihcip4WYpYShlW3rivLU="
];
};
};
}