infrastructure/flake.nix

{
  description = "Laureηt's infrastructure";

  # TODO: setup le formatter comme sioodmy
  # TODO: rekey les secrets + changer la key de hydrogen
  # TODO: luks encrypt hydrogen (dropbear ?)
  # TODO: dégager btfrs de neodymium, ext4 ftw
  # TODO: setup disko sur neodymium

  inputs = {
    nixpkgs = {
      url = "github:NixOS/nixpkgs/nixos-unstable";
      # url = "git+file:///home/laurent/Documents/nixpkgs?shallow=1";
    };
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    agenix = {
      url = "github:yaxitech/ragenix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    flake-parts.url = "github:hercules-ci/flake-parts";
    lanzaboote.url = "github:nix-community/lanzaboote";
    hyprland.url = "github:hyprwm/Hyprland";
    nixos-hardware.url = "github:nixos/nixos-hardware";
    disko.url = "github:nix-community/disko";
    nixos-anywhere.url = "github:nix-community/nixos-anywhere";
    # atuin.url = "github:atuinsh/atuin";
    pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
    treefmt-nix.url = "github:numtide/treefmt-nix";

    resume.url = "git+https://git.fainsin.bzh/Laurent/resume";
    projet-intelligence-artificielle-multimedia.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia";
    projet-audionumerique.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-audionumerique";
    projet-oral-japonais.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-oral-japonais";
    projet-oral-anglais.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-oral-anglais";
    TP-calcul-parallele.url = "git+https://git.fainsin.bzh/ENSEEIHT/TP-calcul-parallele";
  };

  nixConfig = {
    extra-substituters = [
      "https://nix-community.cachix.org"
      "https://pre-commit-hooks.cachix.org"
      "https://hyprland.cachix.org"
    ];
    extra-trusted-public-keys = [
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
      "pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="
      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
    ];
  };

  outputs = {
    nixpkgs,
    agenix,
    flake-parts,
    lanzaboote,
    home-manager,
    nixos-hardware,
    disko,
    pre-commit-hooks,
    treefmt-nix,
    ...
  } @ inputs:
    flake-parts.lib.mkFlake {inherit inputs;} {
      systems = ["x86_64-linux" "aarch64-linux"];

      imports = [
        flake-parts.flakeModules.easyOverlay
        pre-commit-hooks.flakeModule
        treefmt-nix.flakeModule
      ];

      perSystem = {
        pkgs,
        system,
        ...
      }: rec {
        formatter = pkgs.alejandra;

        treefmt = {
          projectRootFile = "flake.nix";
          programs = {
            alejandra.enable = true;
            deadnix.enable = true;
          };
        };

        pre-commit = {
          settings.excludes = ["flake.lock"];
          settings.hooks = {
            alejandra.enable = true;
            deadnix.enable = true;
          };
        };

        devShells.default = pkgs.mkShell {
          packages = [
            formatter # defined above
            pkgs.git # version control
            pkgs.update-nix-fetchgit # auto update fetchs
            agenix.packages.${system}.ragenix # secrets
            pkgs.sbctl # secure boot
          ];
        };
      };

      flake.nixosConfigurations = {
        # neodymium laptop
        neodymium = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = inputs;
          modules = [
            ./hosts/neodymium
            home-manager.nixosModules.home-manager
            agenix.nixosModules.default
            lanzaboote.nixosModules.lanzaboote
            nixos-hardware.nixosModules.common-cpu-amd
            nixos-hardware.nixosModules.common-gpu-nvidia-disable
            nixos-hardware.nixosModules.common-pc-laptop
            nixos-hardware.nixosModules.common-pc-laptop-ssd
          ];
        };

        # hydrogen vps
        hydrogen = nixpkgs.lib.nixosSystem rec {
          system = "x86_64-linux";
          specialArgs = {
            inherit inputs;
            inherit system;
          };
          modules = [
            ./hosts/hydrogen
            home-manager.nixosModules.home-manager
            disko.nixosModules.default
            agenix.nixosModules.default
            lanzaboote.nixosModules.lanzaboote
          ];
        };
      };
    };
}
init 2022-12-19 22:35:54 +00:00			`{`
feat: add ovh vps 2022-12-20 10:33:21 +00:00			`description = "Laureηt's infrastructure";`
init 2022-12-19 22:35:54 +00:00
✨ add a bunch of flake inputs 2023-11-29 14:40:36 +00:00			`# TODO: setup le formatter comme sioodmy`
			`# TODO: rekey les secrets + changer la key de hydrogen`
			`# TODO: luks encrypt hydrogen (dropbear ?)`
			`# TODO: dégager btfrs de neodymium, ext4 ftw`
			`# TODO: setup disko sur neodymium`

init 2022-12-19 22:35:54 +00:00			`inputs = {`
⬆️ nix flake update + remove nixpkgs.follows 2023-08-10 17:53:45 +00:00			`nixpkgs = {`
			`url = "github:NixOS/nixpkgs/nixos-unstable";`
			`# url = "git+file:///home/laurent/Documents/nixpkgs?shallow=1";`
			`};`
✨ add a bunch of flake inputs 2023-11-29 14:40:36 +00:00			`home-manager = {`
			`url = "github:nix-community/home-manager";`
			`inputs.nixpkgs.follows = "nixpkgs";`
✨ lanzaboot, secureboot 2023-04-23 13:38:34 +00:00			`};`

feat: agenix (ragenix) feat: borgbackup chore: upgrade flake 2023-03-14 13:12:21 +00:00			`agenix = {`
			`url = "github:yaxitech/ragenix";`
⬆️ nix flake update 2023-08-27 13:59:18 +00:00			`inputs.nixpkgs.follows = "nixpkgs";`
feat: agenix (ragenix) feat: borgbackup chore: upgrade flake 2023-03-14 13:12:21 +00:00			`};`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`flake-parts.url = "github:hercules-ci/flake-parts";`
✨ add a bunch of flake inputs 2023-11-29 14:40:36 +00:00			`lanzaboote.url = "github:nix-community/lanzaboote";`
✨ (hydrogen/nginx) update resume + stop using pages 2023-11-24 22:22:30 +00:00			`hyprland.url = "github:hyprwm/Hyprland";`
			`nixos-hardware.url = "github:nixos/nixos-hardware";`
✨ add a bunch of flake inputs 2023-11-29 14:40:36 +00:00			`disko.url = "github:nix-community/disko";`
			`nixos-anywhere.url = "github:nix-community/nixos-anywhere";`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`# atuin.url = "github:atuinsh/atuin";`
			`pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";`
			`treefmt-nix.url = "github:numtide/treefmt-nix";`
♻️ switch from sway + waybar to hyprland + eww 2023-05-28 21:48:36 +00:00
⬆️ nix flake update 2023-11-26 22:10:04 +00:00			`resume.url = "git+https://git.fainsin.bzh/Laurent/resume";`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`projet-intelligence-artificielle-multimedia.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-intelligence-artificielle-multimedia";`
			`projet-audionumerique.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-audionumerique";`
			`projet-oral-japonais.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-oral-japonais";`
			`projet-oral-anglais.url = "git+https://git.fainsin.bzh/ENSEEIHT/projet-oral-anglais";`
			`TP-calcul-parallele.url = "git+https://git.fainsin.bzh/ENSEEIHT/TP-calcul-parallele";`
init 2022-12-19 22:35:54 +00:00			`};`
chore: autoformat 2022-12-21 19:29:15 +00:00
✨ add nix-community cachix 2023-08-12 18:23:45 +00:00			`nixConfig = {`
⚡️ (hydrogen/services) flakify projet-audionumerique 2023-12-13 16:27:30 +00:00			`extra-substituters = [`
			`"https://nix-community.cachix.org"`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`"https://pre-commit-hooks.cachix.org"`
⚡️ (hydrogen/services) flakify projet-audionumerique 2023-12-13 16:27:30 +00:00			`"https://hyprland.cachix.org"`
			`];`
✨ add nix-community cachix 2023-08-12 18:23:45 +00:00			`extra-trusted-public-keys = [`
			`"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`"pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="`
✨ add nix-community cachix 2023-08-12 18:23:45 +00:00			`"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="`
			`];`
			`};`

✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`outputs = {`
			`nixpkgs,`
			`agenix,`
			`flake-parts,`
			`lanzaboote,`
			`home-manager,`
			`nixos-hardware,`
			`disko,`
			`pre-commit-hooks,`
			`treefmt-nix,`
			`...`
			`} @ inputs:`
			`flake-parts.lib.mkFlake {inherit inputs;} {`
			`systems = ["x86_64-linux" "aarch64-linux"];`

			`imports = [`
			`flake-parts.flakeModules.easyOverlay`
			`pre-commit-hooks.flakeModule`
			`treefmt-nix.flakeModule`
			`];`

			`perSystem = {`
			`pkgs,`
			`system,`
			`...`
			`}: rec {`
			`formatter = pkgs.alejandra;`

			`treefmt = {`
			`projectRootFile = "flake.nix";`
			`programs = {`
			`alejandra.enable = true;`
			`deadnix.enable = true;`
			`};`
			`};`

			`pre-commit = {`
			`settings.excludes = ["flake.lock"];`
			`settings.hooks = {`
			`alejandra.enable = true;`
			`deadnix.enable = true;`
			`};`
			`};`
init 2022-12-19 22:35:54 +00:00
feat: add packages in devshell 2023-03-19 14:13:24 +00:00			`devShells.default = pkgs.mkShell {`
			`packages = [`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`formatter # defined above`
♻️ modularize neodymium system config 2023-05-16 19:10:41 +00:00			`pkgs.git # version control`
⬆️ nix flake update + update-nix-fetchgit 2023-07-04 17:08:32 +00:00			`pkgs.update-nix-fetchgit # auto update fetchs`
♻️ modularize neodymium system config 2023-05-16 19:10:41 +00:00			`agenix.packages.${system}.ragenix # secrets`
			`pkgs.sbctl # secure boot`
feat: add packages in devshell 2023-03-19 14:13:24 +00:00			`];`
			`};`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`};`
init 2022-12-19 22:35:54 +00:00
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`flake.nixosConfigurations = {`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`# neodymium laptop`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`neodymium = nixpkgs.lib.nixosSystem {`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`system = "x86_64-linux";`
⚡️ (neodymium) pin nixpkgs registry to system 2023-09-17 14:01:59 +00:00			`specialArgs = inputs;`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`modules = [`
🚚 (hosts) rename configuration.nix to default.nix 2023-06-21 17:45:19 +00:00			`./hosts/neodymium`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`home-manager.nixosModules.home-manager`
			`agenix.nixosModules.default`
			`lanzaboote.nixosModules.lanzaboote`
✨ use nixos-hardware 2023-05-28 13:35:16 +00:00			`nixos-hardware.nixosModules.common-cpu-amd`
			`nixos-hardware.nixosModules.common-gpu-nvidia-disable`
			`nixos-hardware.nixosModules.common-pc-laptop`
			`nixos-hardware.nixosModules.common-pc-laptop-ssd`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`];`
			`};`
feat: add ovh vps 2022-12-20 10:33:21 +00:00
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`# hydrogen vps`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`hydrogen = nixpkgs.lib.nixosSystem rec {`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`system = "x86_64-linux";`
✨ (hydrogen/nginx) update resume + stop using pages 2023-11-24 22:22:30 +00:00			`specialArgs = {`
			`inherit inputs;`
			`inherit system;`
			`};`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`modules = [`
🚚 (hosts) rename configuration.nix to default.nix 2023-06-21 17:45:19 +00:00			`./hosts/hydrogen`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`home-manager.nixosModules.home-manager`
✨ add a bunch of flake inputs 2023-11-29 14:40:36 +00:00			`disko.nixosModules.default`
🔥 stop using colmena for build/deploy 2023-05-27 16:11:03 +00:00			`agenix.nixosModules.default`
			`lanzaboote.nixosModules.lanzaboote`
			`];`
feat: add ovh vps 2022-12-20 10:33:21 +00:00			`};`
			`};`
✨ swap flake-utils for flake-parts + add treemft and pre-commit-hooks 2023-12-15 15:09:44 +00:00			`};`
init 2022-12-19 22:35:54 +00:00			`}`