87 lines
2.2 KiB
Nix
87 lines
2.2 KiB
Nix
{
|
|
description = "Laureηt's infrastructure";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
|
# nixpkgs.url = "git+file:///home/laurent/Documents/nixpkgs?shallow=1";
|
|
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
|
|
lanzaboote = {
|
|
url = "github:nix-community/lanzaboote";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
agenix = {
|
|
url = "github:yaxitech/ragenix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
inputs.flake-utils.follows = "flake-utils";
|
|
};
|
|
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs = { nixpkgs, flake-utils, lanzaboote, agenix, home-manager, ... }:
|
|
|
|
# Provide colmena
|
|
(flake-utils.lib.eachDefaultSystem (system:
|
|
let pkgs = nixpkgs.legacyPackages.${system};
|
|
in {
|
|
devShells.default = pkgs.mkShell {
|
|
packages = [
|
|
pkgs.colmena # remote deployment
|
|
pkgs.nixfmt # formatting
|
|
pkgs.git # version control
|
|
pkgs.update-nix-fetchgit # auto update fetchs
|
|
agenix.packages.${system}.ragenix # secrets
|
|
pkgs.sbctl # secure boot
|
|
];
|
|
};
|
|
})) // {
|
|
|
|
# colmena
|
|
colmena = {
|
|
meta = {
|
|
nixpkgs = import nixpkgs {
|
|
system = "x86_64-linux";
|
|
overlays = [ ];
|
|
};
|
|
};
|
|
|
|
# default config
|
|
defaults = { name, ... }: {
|
|
imports = [
|
|
./hosts/${name}/configuration.nix
|
|
home-manager.nixosModules.home-manager
|
|
agenix.nixosModules.default
|
|
lanzaboote.nixosModules.lanzaboote
|
|
];
|
|
home-manager = {
|
|
useGlobalPkgs = true;
|
|
useUserPackages = true;
|
|
};
|
|
};
|
|
|
|
# personnal laptop
|
|
neodymium = { ... }: {
|
|
deployment = {
|
|
allowLocalDeployment = true;
|
|
targetHost = null;
|
|
};
|
|
};
|
|
|
|
# ovh vps
|
|
hydrogen = { ... }: {
|
|
deployment = {
|
|
targetHost = "178.62.253.235";
|
|
targetUser = "root";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|