newtype
/
newtype-org-configurations
5
0
Fork 1
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
vieuxtype
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
newtype-org-configurations/configurations.nix

124 lines
2.7 KiB
Nix
Raw Permalink Blame History Unescape Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

{ self, ... }:
let
inherit
(self.inputs)
nixpkgs
home-manager
agenix
nur
colmena
flake-registry
nixos-hypervisor
nixos-hardware
nixpkgs-unstable
srvos
disko
;
nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem;
colmenaModules = [
colmena.nixosModules.deploymentOptions
];
commonModules = [
{
_module.args.self = self;
_module.args.inputs = self.inputs;
srvos.flake = self;
}
# only include admins here for monitoring/backup infrastructure
./modules/users/admins.nix
./modules/packages.nix
./modules/nix-daemon.nix
./modules/auto-upgrade.nix
./modules/tor-ssh.nix
./modules/hosts.nix
./modules/network.nix
./modules/zsh.nix
./modules/ssh-cursed.nix
# FIXME: ./modules/buildbot — whenever you are ready.
disko.nixosModules.disko
srvos.nixosModules.server
srvos.nixosModules.mixins-trusted-nix-caches
srvos.nixosModules.mixins-terminfo
nixos-hypervisor.nixosModules.host
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
agenix.nixosModules.default
({ pkgs
, config
, lib
, ...
}:
let
sopsFile = ./. + "/hosts/${config.networking.hostName}.yml";
in
{
nix.nixPath = [
"home-manager=${home-manager}"
"nixpkgs=${pkgs.path}"
"nur=${nur}"
];
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
nix.extraOptions = ''
flake-registry = ${flake-registry}/flake-registry.json
builders-use-substitutes = true
'';
nix.registry = {
home-manager.flake = home-manager;
nixpkgs.flake = nixpkgs;
nur.flake = nur;
};
time.timeZone = "UTC";
environment.systemPackages = [
pkgs.kitty.terminfo
];
})
];
in
{
flake.nixosConfigurations = {
epyc = nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ colmenaModules
++ [
./hosts/epyc.nix
];
};
};
flake.colmena = {
meta.nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [
nixos-hypervisor.overlays.default
];
};
epyc = {
imports =
commonModules
++ [
./hosts/epyc.nix
];
};
};
}
Reference in New Issue View Git Blame Copy Permalink