# SPDX-FileCopyrightText: 2022 Richard Brežák # # SPDX-License-Identifier: LGPL-3.0-or-later { inputs = { nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable"; nixpkgs-hashicorp.url = "sourcehut:~magic_rb/nixpkgs?ref=master"; nixinate.url = "github:MagicRB/nixinate"; home-manager.url = "github:nix-community/home-manager?ref=master"; nixng.url = "github:nix-community/NixNG"; flake-parts.url = "github:hercules-ci/flake-parts"; nil.url = "github:oxalica/nil"; uterranix.url = "sourcehut:~magic_rb/uterranix"; dwarffs.url = "github:edolstra/dwarffs"; serokell-nix.url = "github:serokell/serokell.nix?ref=magicrb-allow-wildcards-with-no-main"; disko.url = "github:nix-community/disko"; nixos-anywhere.url = "github:numtide/nixos-anywhere"; tuxedo-rs.url = "github:AaronErhardt/tuxedo-rs"; tuxedo-rs.inputs.nixpkgs.follows = "nixpkgs"; tuxedo-nixos.url = "github:blitz/tuxedo-nixos"; tuxedo-nixos.inputs.nixpkgs.follows = "nixpkgs"; emacs.url = "sourcehut:~magic_rb/emacs"; emacs.flake = false; vtermModule.url = "github:akermu/emacs-libvterm"; vtermModule.flake = false; secret.url = "path:///home/main/dotfiles2/secret"; secret.flake = false; ical2org.url = "git+https://git.sr.ht/~magic_rb/ical2orgpy"; ical2org.flake = false; udp-over-tcp.url = "github:mullvad/udp-over-tcp"; udp-over-tcp.flake = false; }; outputs = inputs@{ flake-parts, self, secret, ... }: flake-parts.lib.mkFlake { inherit inputs; } ({ config, lib', ... }: { imports = [ modules/nixngConfigurations.nix modules/lib_overlays.nix lib/load_secrets.nix nixos/systems/omen nixos/systems/heater nixos/systems/toothpick nixos/systems/liveusb nixos/systems/blowhole nixos/systems/altra nixng/containers/ingress-blowhole nixng/containers/ingress-toothpick nixng/containers/matrix/mautrix-signal nixng/containers/matrix/mautrix-discord nixng/containers/matrix/mautrix-facebook nixng/containers/matrix/heisenbridge nixng/containers/matrix/synapse nixng/containers/website nixng/containers/home-assistant nixng/containers/email/getmail nixng/containers/email/dovecot.nix nixng/containers/email/postfix nixng/containers/ds3os nixng/containers/gitea nixng/containers/hydra nixng/containers/syncthing overlays/udp-over-tcp.nix overlays/emacsclient-remote overlays/magic-screenshot overlays/emacs-rofi overlays/tree-sitter-grammars.nix overlays/emacs-master-nativecomp overlays/zfs-relmount overlays/ical2org.nix overlays/mautrix-discord.nix overlays/getmail6 overlays/maildrop overlays/courier-unicode.nix overlays/ds3os.nix overlays/terraform-provider-vault.nix overlays/terraform-provider-influxdb-v2.nix overlays/bootloadHID.nix inputs.uterranix.flakeModule ]; _module.args.lib' = let inherit (inputs.nixpkgs) lib; inherit (inputs.nixpkgs.lib) extend; in lib.foldl (acc: x: acc.extend x) lib (with config.flake.libOverlays; [ loadSecrets ]); flake.hydraJobs = let inherit (lib') mapAttrs; in { nixng = mapAttrs (_: v: v.config.system.build.toplevel) config.flake.nixngConfigurations; nixos = mapAttrs (_: v: v.config.system.build.toplevel) config.flake.nixosConfigurations; }; uterranix.config = [ ./terranix/default.nix { _module.args.secret = lib'.loadSecrets secret; _module.args.vars = { flake_rev = self.rev or (lib'.warn "No flake revision available, do not deploy containers!" ""); flake_sha = self.narHash or (lib'.warn "No flake nar hash available, do not deploy containers!" ""); flake_ref = "master"; flake_host = "git+https://git.sr.ht/~magic_rb/dotfiles-2.0"; }; _module.args.config' = config; } ]; uterranix.terraform = pkgs: let hpkgs = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.system}.appendOverlays (with config.flake.overlays; [ terraform-provider-vault terraform-provider-influxdb-v2 ]); in hpkgs.terraform.withPlugins (p: [ p.consul p.nomad p.local p.vault p.random p.null p.influxdb-v2 p.hcloud ] ); flake.nixosModules = { hashicorp = nixos/modules/hashicorp.nix; hashicorp-envoy = nixos/modules/hashicorp-envoy.nix; telegraf = nixos/modules/telegraf.nix; grafana = nixos/modules/grafana.nix; }; flake.apps = inputs.nixpkgs.lib.genAttrs config.systems (system: { nixinate = (inputs.nixinate.nixinate.${system} self).nixinate; nixos-anywhere.program = (inputs.nixos-anywhere.packages.${system}.nixos-anywhere); nixos-anywhere.type = "app"; }); perSystem = { system, pkgs, ... }: { packages = let inherit (lib') attrValues; pkgs' = pkgs.appendOverlays (attrValues config.flake.overlays); in { inherit (pkgs') emacsclient-remote emacs-master-nativecomp emacs-rofi getmail6 magic-screenshot maildrop zfs-relmount bootloadHID ds3os ical2org terraform-provider-influxdb-v2 terrafrom-provider-vault tree-sitter-grammars udp-over-tcp; }; devShells.default = pkgs.mkShell { nativeBuildInputs = with pkgs; [ (pkgs.writeShellScriptBin "update-secret" '' nix flake lock --update-input secret '') nil nomad consul vault ]; }; }; flake.patches = { hashicorp-nomad.revert-change-consul-si-tokens-to-be-local = patches/0001-Revert-Change-consul-SI-tokens-to-be-local.patch; hashicorp-nomad.add-nix-integration = patches/0001-Add-Nix-integration.patch; hostapd.intel_lar-and-noscan = patches/0001-intel_lar-and-noscan.patch; hostapd.hostapd-2_10-lar = patches/999-hostapd-2.10-lar.patch; hostapd.hostapd-2_10-lar-2 = patches/hostapd-2.10-lar.patch; terraform-provider-nomad.allow-null-in-authMountTuneSchema = patches/vault-provider-Allow-null-in-authMountTuneSchema.patch; }; systems = [ "x86_64-linux" "armv8-linux" "riscv64-linux" ]; }); }