infra: steal from the best

(Mic92's cluster TUM's infra.)

flake.nix

@@ -0,0 +1,108 @@
+{
+  description = "NixOS configuration with flakes";
+
+  nixConfig.extra-substituters = [
+    "https://newtype.cachix.org"
+  ];
+  nixConfig.extra-trusted-public-keys = [
+    "newtype.cachix.org-1:Gd5G2EVFNJslfR3PxA2+JY7mHT6MwVJ6biv5Cg47SD0="
+  ];
+
+  # To update all inputs:
+  # $ nix flake update --recreate-lock-file
+  inputs = {
+    disko.url = "github:nix-community/disko";
+    disko.inputs.nixpkgs.follows = "nixpkgs";
+
+    flake-parts.url = "github:hercules-ci/flake-parts";
+    flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
+
+    nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+
+    nixos-hardware.url = "github:NixOS/nixos-hardware";
+    nur.url = "github:nix-community/NUR";
+
+    home-manager.url = "github:rycee/home-manager/release-22.05";
+    home-manager.inputs.nixpkgs.follows = "nixpkgs";
+
+    agenix.url = "github:ryantm/agenix";
+    agenix.inputs.nixpkgs.follows = "nixpkgs";
+
+    colmena.url = "github:zhaofengli/colmena";
+    colmena.inputs.nixpkgs.follows = "nixpkgs";
+
+    srvos.url = "github:numtide/srvos";
+    # actually not used when using the modules but than nothing ever will try to fetch this nixpkgs variant
+    srvos.inputs.nixpkgs.follows = "nixpkgs";
+
+    flake-registry.url = "github:NixOS/flake-registry";
+    flake-registry.flake = false;
+  };
+
+  outputs =
+    { flake-parts
+    , ...
+    } @ inputs:
+    (flake-parts.lib.evalFlakeModule
+      { inherit inputs; }
+      ({ self, inputs, ... }: {
+        systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ];
+        imports = [
+          ./configurations.nix
+          # ./modules/monitoring/flake-module.nix
+          # ./pkgs/flake-module.nix
+          # ./templates
+        ];
+        perSystem = { self', pkgs, ... }: {
+          devShells.default = pkgs.mkShellNoCC {
+            buildInputs = [
+              pkgs.ipmitool
+              pkgs.colmena
+
+              pkgs.python3.pkgs.invoke
+              #Until nixos-anywhere is packaged
+              pkgs.python3.pkgs.deploykit
+              pkgs.mypy
+              pkgs.pixiecore
+              pkgs.dnsmasq
+              pkgs.python3.pkgs.netaddr
+              pkgs.qemu_kvm
+              pkgs.openssh
+              pkgs.gitMinimal # for git flakes
+              pkgs.rsync
+              pkgs.nix
+              pkgs.coreutils
+              pkgs.curl # when uploading tarballs
+              pkgs.gnugrep
+              pkgs.findutils
+              pkgs.gnused # needed by ssh-copy-id
+              # sops dependencies
+              pkgs.age
+              pkgs.yq-go
+            ] ++ pkgs.lib.optional (pkgs.stdenv.isLinux) pkgs.mkpasswd;
+          };
+          packages = {
+          #  netboot = pkgs.callPackage ./modules/netboot/netboot.nix {
+          #    # this nixosSystem is built for x86_64 machines regardless of the host machine
+          #    pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
+          #    inherit (inputs.nixpkgs.lib) nixosSystem;
+          #    extraModules = [
+          #      self.inputs.nur.nixosModules.nur
+          #      { _module.args.inputs = self.inputs; }
+          #    ];
+          #  };
+
+          #  netboot-pixie-core = pkgs.callPackage ./modules/netboot/netboot-pixie-core.nix {
+          #    inherit (self'.packages) netboot;
+          #  };
+          };
+        };
+        flake = {
+          hydraJobs = inputs.nixpkgs.lib.mapAttrs' (name: config: inputs.nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations // {
+            devShells = self.devShells.x86_64-linux.default;
+          };
+        };
+      })).config.flake;
+
+}