2021-06-05 23:59:06 +03:00
|
|
|
{
|
|
|
|
description = "Private Void system configurations";
|
2022-06-07 19:45:50 +03:00
|
|
|
nixConfig.allow-import-from-derivation = true;
|
2021-06-05 23:59:06 +03:00
|
|
|
|
|
|
|
inputs = {
|
2022-05-29 19:11:27 +03:00
|
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05-small";
|
2021-06-05 23:59:06 +03:00
|
|
|
|
2022-02-26 02:13:42 +02:00
|
|
|
nix-super.url = "git+https://git.privatevoid.net/max/nix-super-fork";
|
2021-06-05 23:59:06 +03:00
|
|
|
|
|
|
|
home-manager.url = "github:nix-community/home-manager/master";
|
|
|
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
|
2021-11-25 21:09:15 +02:00
|
|
|
deploy-rs.url = "git+https://git.privatevoid.net/max/deploy-rs";
|
2021-06-05 23:59:06 +03:00
|
|
|
|
|
|
|
agenix.url = "github:ryantm/agenix";
|
|
|
|
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
2021-10-16 21:24:25 +03:00
|
|
|
|
2021-12-11 17:00:09 +02:00
|
|
|
nar-serve.url = "github:numtide/nar-serve/v0.5.0";
|
2021-10-16 21:24:25 +03:00
|
|
|
nar-serve.inputs.nixpkgs.follows = "nixpkgs";
|
2022-01-11 21:58:10 +02:00
|
|
|
|
|
|
|
dream2nix.url = "github:nix-community/dream2nix";
|
|
|
|
dream2nix.inputs.nixpkgs.follows = "nixpkgs";
|
2022-03-21 21:50:15 +02:00
|
|
|
|
|
|
|
devshell.url = "github:numtide/devshell";
|
|
|
|
devshell.inputs.nixpkgs.follows = "nixpkgs";
|
2022-03-25 20:42:03 +02:00
|
|
|
|
|
|
|
mms.url = "github:mkaito/nixos-modded-minecraft-servers";
|
|
|
|
mms.inputs.nixpkgs.follows = "nixpkgs";
|
2022-03-29 23:53:19 +03:00
|
|
|
|
|
|
|
hercules-ci-agent.url = "github:hercules-ci/hercules-ci-agent";
|
2022-05-24 23:00:31 +03:00
|
|
|
hercules-ci-effects.url = "github:hercules-ci/hercules-ci-effects";
|
2022-07-31 15:26:18 +03:00
|
|
|
|
|
|
|
flake-parts.url = "github:hercules-ci/flake-parts";
|
|
|
|
flake-parts.inputs.nixpkgs.follows = "nixpkgs";
|
2021-06-05 23:59:06 +03:00
|
|
|
};
|
2022-07-31 15:26:18 +03:00
|
|
|
outputs = { self, nixpkgs, flake-parts, ... }@inputs:
|
2021-06-05 23:59:06 +03:00
|
|
|
let
|
2022-02-03 21:20:59 +02:00
|
|
|
systems = [ "x86_64-linux" "aarch64-linux" ];
|
|
|
|
|
|
|
|
forSystems = nixpkgs.lib.genAttrs systems;
|
|
|
|
|
|
|
|
nixpkgsFor = system: import nixpkgs {
|
2021-06-05 23:59:06 +03:00
|
|
|
inherit system;
|
|
|
|
};
|
|
|
|
|
2022-02-03 21:20:59 +02:00
|
|
|
inherit (nixpkgs) lib;
|
2021-06-05 23:59:06 +03:00
|
|
|
|
|
|
|
aspect = import ./modules inputs;
|
|
|
|
hosts = import ./hosts;
|
2022-02-03 21:20:59 +02:00
|
|
|
|
|
|
|
nixosHosts' = lib.filterAttrs (_: host: host ? nixos) hosts;
|
|
|
|
|
|
|
|
nixosHosts = lib.attrNames nixosHosts';
|
|
|
|
|
2022-05-28 22:49:16 +03:00
|
|
|
deployableNixosHosts' = lib.filterAttrs (_: host: host ? container -> !host.container) nixosHosts';
|
|
|
|
|
|
|
|
deployableNixosHosts = lib.attrNames deployableNixosHosts';
|
|
|
|
|
2022-02-03 21:20:59 +02:00
|
|
|
meta = import ./tools/meta.nix;
|
|
|
|
|
2021-10-16 18:00:47 +03:00
|
|
|
specialArgs = {
|
|
|
|
inherit inputs hosts aspect;
|
|
|
|
toolsets = import ./tools;
|
|
|
|
};
|
2022-02-03 21:20:59 +02:00
|
|
|
mkNixOS' = lib: name: let host = hosts.${name}; in lib.nixosSystem {
|
2021-06-05 23:59:06 +03:00
|
|
|
inherit specialArgs;
|
2022-02-03 21:20:59 +02:00
|
|
|
system = "${host.arch}-linux";
|
|
|
|
modules = [ host.nixos ./tools/inject.nix ];
|
2021-06-05 23:59:06 +03:00
|
|
|
};
|
|
|
|
mkNixOS = mkNixOS' lib;
|
2022-02-03 21:20:59 +02:00
|
|
|
|
2022-05-25 10:42:45 +03:00
|
|
|
mkDeployEffect = branch: name: host: let
|
2022-05-25 10:50:13 +03:00
|
|
|
subdomain = host.enterprise.subdomain or "services";
|
2022-05-25 10:42:45 +03:00
|
|
|
hostname = "${lib.toLower name}.${subdomain}.${meta.domain}";
|
2022-05-25 12:11:41 +03:00
|
|
|
in effects.runIf (branch == "master" || branch == "staging") (effects.runNixOS {
|
2022-05-25 10:42:45 +03:00
|
|
|
requiredSystemFeatures = [ "hci-deploy-agent-nixos" ];
|
2022-05-25 19:45:19 +03:00
|
|
|
inherit (self.nixosConfigurations.${name}) config;
|
2022-05-25 10:42:45 +03:00
|
|
|
secretsMap.ssh = "deploy-ssh";
|
|
|
|
|
|
|
|
userSetupScript = ''
|
|
|
|
writeSSHKey ssh
|
|
|
|
cat >>~/.ssh/known_hosts <<EOF
|
|
|
|
${hostname} ${host.ssh.id.publicKey}
|
|
|
|
EOF
|
|
|
|
'';
|
|
|
|
ssh.destination = "root@${hostname}";
|
|
|
|
});
|
|
|
|
|
|
|
|
mkDeployEffects = branch: hostnames: lib.genAttrs hostnames
|
|
|
|
(name: mkDeployEffect branch name hosts.${name});
|
|
|
|
|
2022-02-03 21:20:59 +02:00
|
|
|
mkDeploy = name: let
|
|
|
|
host = hosts.${name};
|
|
|
|
subdomain = host.enterprise.subdomain or "services";
|
|
|
|
deploy-rs = inputs.deploy-rs.lib."${host.arch}-linux";
|
|
|
|
in {
|
|
|
|
hostname = "${lib.toLower name}.${subdomain}.${meta.domain}";
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
sshUser = "deploy";
|
|
|
|
path = deploy-rs.activate.nixos self.nixosConfigurations.${name};
|
2021-10-16 19:34:11 +03:00
|
|
|
};
|
2021-06-05 23:59:06 +03:00
|
|
|
};
|
|
|
|
|
2022-02-03 21:20:59 +02:00
|
|
|
mkDeployments = hosts: overrides: lib.genAttrs hosts
|
|
|
|
(host: mkDeploy host // (overrides.${host} or {}) );
|
2021-06-05 23:59:06 +03:00
|
|
|
|
2022-05-25 00:35:56 +03:00
|
|
|
effects = inputs.hercules-ci-effects.lib.withPkgs (nixpkgsFor "x86_64-linux");
|
2022-07-31 16:09:40 +03:00
|
|
|
in flake-parts.lib.mkFlake { inherit self; } {
|
|
|
|
inherit systems;
|
|
|
|
flake = {
|
|
|
|
nixosModules = aspect.modules;
|
2022-02-03 21:20:59 +02:00
|
|
|
|
2022-07-31 16:09:40 +03:00
|
|
|
nixosConfigurations = lib.genAttrs nixosHosts mkNixOS;
|
2022-03-14 00:13:53 +02:00
|
|
|
|
2022-07-31 16:09:40 +03:00
|
|
|
deploy.nodes = mkDeployments deployableNixosHosts {};
|
2022-05-31 12:38:38 +03:00
|
|
|
|
2022-07-31 16:09:40 +03:00
|
|
|
effects = { branch, ... }: mkDeployEffects branch deployableNixosHosts;
|
|
|
|
};
|
|
|
|
imports = [
|
|
|
|
./packages/part.nix
|
|
|
|
];
|
2021-06-05 23:59:06 +03:00
|
|
|
};
|
|
|
|
}
|