-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
126 lines (95 loc) · 3.43 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
{
description = "Nixos configuration";
inputs = {
# nixpkgs.url = "github:NixOS/nixpkgs/9957cd48326fe8dbd52fdc50dd2502307f188b0d";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-registry.url = "github:NixOS/flake-registry";
flake-registry.flake = false;
flakelight.url = "github:nix-community/flakelight";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence";
catppuccin.url = "github:catppuccin/nix";
# wolf should follow nixpkgs since it needs to use the same vaapi driver version of the host
# wolf.url = "gitlab:clxarena/wolf";
wolf.url = "github:games-on-whales/wolf/dev-nix";
wolf.inputs.nixpkgs.follows = "nixpkgs";
devenv.url = "github:cachix/devenv";
comin.url = "github:nlewo/comin";
terranix.url = "github:terranix/terranix";
microvm.url = "github:astro/microvm.nix";
microvm.inputs.nixpkgs.follows = "nixpkgs";
nix-nomad.url = "github:tristanpemble/nix-nomad";
nixvim.url = "github:nix-community/nixvim";
nixvim.inputs.nixpkgs.follows = "nixpkgs";
treefmt-nix.url = "github:numtide/treefmt-nix";
treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote.url = "github:nix-community/lanzaboote";
lanzaboote.inputs.flake-compat.follows = "";
black-hosts.url = "github:StevenBlack/hosts";
kmonad.url = "github:kmonad/kmonad?dir=nix";
zig-overlay = { url = "github:mitchellh/zig-overlay"; };
zls-overlay.url = "github:zigtools/zls";
hyprland = {
type = "git";
url = "https://github.com/hyprwm/Hyprland";
submodules = true;
};
};
outputs = inputs@{ flakelight, ... }:
let forAllSystems = import ./helpers/forAllSystems.nix;
in flakelight ./. {
inherit inputs;
withOverlays = [
(final: prev: {
zig = inputs.zig-overlay.packages.${prev.system}.master;
zls = inputs.zls-overlay.packages.${prev.system}.default;
})
];
nixDir = ./.;
nixDirAliases = {
nixosConfigurations = [ "hosts" ];
# nixosModules = [ "nixos_modules" ];
# homeModules = [ "home_modules" ];
};
nixpkgs.config = { allowUnfree = true; };
devShell = pkgs: {
packages = with pkgs; [
vault
consul
nomad
terraform
sops
dig
openssl
libuuid
wander
# for nix
nixfmt
nil
deadnix
stylua
lua-language-server
];
env = {
NOMAD_ADDR = "http://10.10.0.10:4646";
CONSUL_HTTP_ADDR = "http://10.10.0.10:8500";
VAULT_ADDR = "https://vault.cliarena.com:8200";
};
};
apps = pkgs: import ./terranix { inherit inputs pkgs; };
# TODO: Change age.key and all sops secrets since age.key is exposed
checks = forAllSystems (system:
let
pkgs = import inputs.nixpkgs { inherit system; };
inherit (pkgs) nixosTest;
in {
x = nixosTest (import ./hosts/x/checks.nix { inherit inputs; });
svr = nixosTest (import ./hosts/svr/checks.nix { inherit inputs; });
});
};
}