You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.
{ self , . . . }:
let
inherit
( self . inputs )
nixpkgs
home-manager
agenix
nur
colmena
flake-registry
nixos-hardware
nixpkgs-unstable
srvos
disko
;
nixosSystem = nixpkgs . lib . makeOverridable nixpkgs . lib . nixosSystem ;
colmenaModules = [
colmena . nixosModules . deploymentOptions
] ;
commonModules = [
{
_module . args . self = self ;
_module . args . inputs = self . inputs ;
srvos . flake = self ;
}
# only include admins here for monitoring/backup infrastructure
./modules/users/admins.nix
./modules/packages.nix
./modules/nix-daemon.nix
./modules/auto-upgrade.nix
./modules/tor-ssh.nix
./modules/hosts.nix
./modules/network.nix
./modules/zsh.nix
./modules/ssh-cursed.nix
# FIXME: ./modules/buildbot —
disko . nixosModules . disko
srvos . nixosModules . server
srvos . nixosModules . mixins-trusted-nix-caches
srvos . nixosModules . mixins-terminfo
# srvos.nixosModules.mixins-telegraf
# srvos.nixosModules.mixins-terminfo
agenix . nixosModules . default
( { pkgs
, config
, lib
, . . .
}:
let
sopsFile = ./. + " / h o s t s / ${ config . networking . hostName } . y m l " ;
in
{
nix . nixPath = [
" h o m e - m a n a g e r = ${ home-manager } "
" n i x p k g s = ${ pkgs . path } "
" n u r = ${ nur } "
] ;
# TODO: share nixpkgs for each machine to speed up local evaluation.
#nixpkgs.pkgs = self.inputs.nixpkgs.legacyPackages.${system};
#users.withSops = builtins.pathExists sopsFile;
#sops.secrets = lib.mkIf (config.users.withSops) {
# root-password-hash.neededForUsers = true;
#};
# sops.defaultSopsFile = lib.mkIf (builtins.pathExists sopsFile) sopsFile;
nix . extraOptions = ''
f l a k e - r e g i s t r y = ${ flake-registry } / f l a k e - r e g i s t r y . j s o n
b u i l d e r s - u s e - s u b s t i t u t e s = t r u e
'' ;
nix . registry = {
home-manager . flake = home-manager ;
nixpkgs . flake = nixpkgs ;
nur . flake = nur ;
} ;
time . timeZone = " U T C " ;
environment . systemPackages = [
pkgs . kitty . terminfo
] ;
} )
] ;
in
{
flake . nixosConfigurations = {
epyc = nixosSystem {
system = " x 8 6 _ 6 4 - l i n u x " ;
modules =
commonModules
++ colmenaModules
++ [
./hosts/epyc.nix
] ;
} ;
} ;
flake . colmena = {
meta . nixpkgs = import nixpkgs {
system = " x 8 6 _ 6 4 - l i n u x " ;
} ;
epyc = {
imports =
commonModules
++ [
./hosts/epyc.nix
] ;
} ;
} ;
}