blob: a385c32d9fa9b2e8fc47122a9e7a9c0affa8edf8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
home-manager = {
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
url = "github:ryantm/agenix";
inputs = {
nixpkgs.follows = "nixpkgs";
home-manager.follows = "home-manager";
};
};
flake-compat.url = "github:edolstra/flake-compat";
oisd = {
url = "github:sjhgvr/oisd";
flake = false;
};
cloudflare-ips-v4 = {
url = "https://www.cloudflare.com/ips-v4";
flake = false;
};
cloudflare-ips-v6 = {
url = "https://www.cloudflare.com/ips-v6";
flake = false;
};
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, home-manager, agenix, ... }:
let
tailnetName = "serval-moth";
systems = {
x86 = "x86_64-linux";
arm = "aarch64-linux";
};
mkMachines = let
mkMachine = m: {
inherit (m) name system;
tailscale = {
inherit (m.tailscale) ip;
domain = "${m.name}.${tailnetName}.ts.net";
};
};
in machines: map (m: mkMachine m) machines;
mkMachineIdentities = ms: current:
lib.genAttrs (lib.catAttrs "name" ms) (m: current.name == m);
machines = with systems; mkMachines [
{ name = "corsac"; system = x86; tailscale.ip = "100.64.100.100"; }
{ name = "lapin"; system = arm; tailscale.ip = "100.83.254.27"; }
{ name = "renard"; system = x86; tailscale.ip = "100.75.17.75"; }
{ name = "loup"; system = x86; tailscale.ip = "100.70.108.22"; }
{ name = "fourmi"; system = arm; tailscale.ip = "100.99.119.83"; }
{ name = "taupe"; system = arm; tailscale.ip = "100.103.211.75"; }
{ name = "truite"; system = x86; tailscale.ip = "100.111.64.19"; }
{ name = "taureau"; system = x86; tailscale.ip = "100.67.75.4"; }
];
overlays = [ agenix.overlays.default ];
packageSetsForSystem = system: let
pkgsInputs =
i: { inherit system; config = import ./config.nix; } // i;
in rec {
pkgs = import nixpkgs (pkgsInputs { inherit overlays; });
unstablePkgs = import nixpkgs-unstable (pkgsInputs { });
auxiliaryPkgs = import ./pkgs (pkgsInputs { inherit pkgs unstablePkgs; });
};
inherit (nixpkgs) lib;
in {
nixosConfigurations = lib.mergeAttrsList (map (machine: {
${machine.name} = nixpkgs.lib.nixosSystem {
inherit (machine) system;
specialArgs = inputs // (packageSetsForSystem machine.system) // {
inherit machines;
me = machine // { is = mkMachineIdentities machines machine; };
keys = import ./secrets/keys.nix;
util = import ./util.nix { inherit lib; };
};
modules = [
./machines/${machine.name}
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.mel = import ./machines/${machine.name}/home.nix;
}
agenix.nixosModules.default
];
};
}) machines);
# compatibility wrapper for nixos-option
legacyPackages = lib.genAttrs (lib.attrValues systems)
(system: with packageSetsForSystem system; lib.recurseIntoAttrs pkgs);
};
}
|
