dotfiles/nixos/systems/toothpick/default.nix

# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
#
# SPDX-License-Identifier: LGPL-3.0-or-later
{ inputs, lib', config, ... }:
let
  inherit (lib')
    flip
    mapAttrs
    singleton;

  config' = config;
in
{
  flake.nixosConfigurations.toothpick = inputs.nixpkgs.lib.nixosSystem {
    system = "x86_64-linux";

    specialArgs = {
      config' = config';
      inputs' = inputs;
      secret = lib'.loadSecrets inputs.secret;
    };

    modules = singleton
      ({ pkgs, pkgs-hashicorp, config, ... }:
        {
          _module.args.pkgs-hashicorp = import inputs.nixpkgs-hashicorp {
            system = pkgs.stdenv.system;
            config.allowUnfreePredicate = pkg: builtins.elem (lib'.getName pkg) [
              "consul"
              "vault-bin"
              "vault"
            ];
          };

          imports = [
            ./consul.nix
            ./nomad.nix
            ./vault-agent.nix
            ./grub.nix
            ./networking.nix
            ./nixpkgs.nix
            ./hardware.nix
            ./filesystems.nix
            ./users.nix
            ../../common/remote_access.nix

            config'.flake.nixosModules.hashicorp
          ];

          _module.args.nixinate = {
            host = "redalder.org";
            sshUser = "main";
            buildOn = "local";
            substituteOnTarget = true;
            hermetic = false;
            nixOptions = [
              "--override-input secret path://$HOME/dotfiles/secret"
            ];
          };

          environment.systemPackages = [
            pkgs.git
          ];

          time.timeZone = "Europe/Bratislava";
          system.stateVersion = "21.05";
        });
  };
}