cluster/services/flake-reegistry/default.nix

@@ -0,0 +1,36 @@
+{ lib, ... }:
+
+{
+  ways.registry.static = { depot, pkgs, ... }: pkgs.writeTextDir "flake-registry.json" (let
+    flakes = {
+      depot = {
+        type = "tarball";
+        url = "https://forge.${depot.lib.meta.domain}/${depot.lib.meta.domain}/depot/archive/master.tar.gz";
+      };
+      depot-nixpkgs = {
+        type = "github";
+        owner = "NixOS";
+        repo = "nixpkgs";
+        inherit (depot.inputs.nixpkgs.sourceInfo) rev narHash lastModified;
+      };
+      blank = {
+        type = "github";
+        owner = "divnix";
+        repo = "blank";
+        inherit (depot.inputs.blank.sourceInfo) rev narHash lastModified;
+      };
+    } // import ./extra-flakes.nix;
+  in builtins.toJSON {
+    version = 2;
+    flakes = lib.pipe flakes [
+      (lib.attrsToList)
+      (map (f: {
+        from = {
+          type = "indirect";
+          id = f.name;
+        };
+        to = f.value;
+      }))
+    ];
+  });
+}

cluster/services/flake-reegistry/extra-flakes.nix

@@ -0,0 +1,18 @@
+let
+  github = owner: repo: {
+    type = "github";
+    inherit owner repo;
+  };
+in {
+  # own 
+  hyprspace = github "hyprspace" "hyprspace";
+  ai = github "nixified-ai" "flake";
+  nix-super = github "privatevoid-net" "nix-super";
+  nixpak = github "nixpak" "nixpak";
+
+  # other
+  nix = github "NixOS" "nix";
+  flake-parts = github "hercules-ci" "flake-parts";
+  home-manager = github "nix-community" "home-manager";
+  dream2nix = github "nix-community" "dream2nix";
+}

cluster/services/ways/host.nix

@@ -1,11 +1,15 @@
-{ cluster, config, lib, pkgs, ... }:
+{ cluster, config, depot, lib, pkgs, ... }:
 
 let
   externalWays = lib.filterAttrs (_: cfg: !cfg.internal) cluster.config.ways;
 
   internalWays = lib.filterAttrs (_: cfg: cfg.internal) cluster.config.ways;
 
-  consulServiceWays = lib.filterAttrs (_: cfg: cfg.useConsul) cluster.config.ways;
+  byMode = lib.pipe cluster.config.ways [
+    (lib.attrsToList)
+    (lib.groupBy (way: way.value.mode))
+    (lib.mapAttrs (n: v: lib.listToAttrs v))
+  ];
 in
 
 {
@@ -25,7 +29,13 @@ in
             ];
             locations = lib.mkMerge [
               {
-                "/" = if cfg.grpc then {
+                "/" = if cfg.mode == "static" then {
+                  root = cfg.static {
+                    inherit depot;
+                    inherit pkgs;
+                    inherit (pkgs) system;
+                  };
+                } else if cfg.grpc then {
                   extraConfig = ''
                     set $nix_proxy_grpc_target ${cfg.target};
                     grpc_pass $nix_proxy_grpc_target;
@@ -47,7 +57,7 @@ in
       };
     }) cluster.config.ways;
 
-    appendHttpConfig = lib.mkIf (consulServiceWays != {}) ''
+    appendHttpConfig = lib.mkIf (byMode.consul != {}) ''
       include /run/consul-template/nginx-ways-*.conf;
     '';
   };
@@ -67,7 +77,7 @@ in
     value.distributed.enable = true;
   }) externalWays;
 
-  services.consul-template.instances.ways = lib.mkIf (consulServiceWays != {}) {
+  services.consul-template.instances.ways = lib.mkIf (byMode.consul != {}) {
     user = "nginx";
     group = "nginx";
     settings = {
@@ -86,7 +96,7 @@ in
               {{ else }}
               # upstream ${cfg.nginxUpstreamName} (${cfg.consulService}): no servers available
               {{ end }}
-            '') consulServiceWays;
+            '') byMode.consul;
           in pkgs.writeText "ways-upstreams.ctmpl" (lib.concatStringsSep "\n" (lib.unique upstreams));
           destination = "/run/consul-template/nginx-ways-upstreams.conf";
           exec.command = lib.singleton (pkgs.writeShellScript "ways-reload" ''

cluster/services/ways/options/way.nix

@@ -58,6 +58,10 @@ with lib;
       type = types.str;
     };
 
+    static = mkOption {
+      type = with types; functionTo (coercedTo package (package: "${package.webroot or package}") str);
+    };
+
     healthCheckPath = mkOption {
       type = types.path;
       default = "/.well-known/ways/internal-health-check";
@@ -69,10 +73,10 @@ with lib;
       default = "https://${name}.${config.domainSuffix}";
     };
 
-    useConsul = mkOption {
+    mode = mkOption {
-      type = types.bool;
+      type = types.enum [ "simple" "consul" "static" ];
       internal = true;
-      default = false;
+      default = "simple";
     };
 
     nginxUpstreamName = mkOption {
@@ -105,12 +109,15 @@ with lib;
 
   config = lib.mkMerge [
     (lib.mkIf options.consulService.isDefined {
-      useConsul = true;
+      mode = "consul";
       nginxUpstreamName = "ways_upstream_${builtins.hashString "md5" options.consulService.value}";
       target = "${if config.grpc then "grpc" else "http"}://${options.nginxUpstreamName.value}";
     })
     (lib.mkIf options.bucket.isDefined {
       consulService = "garage-web";
     })
+    (lib.mkIf options.static.isDefined {
+      mode = "static";
+    })
   ];
 }

modules/nix-config/server.nix

@@ -14,7 +14,7 @@
       experimental-features = nix-command flakes cgroups
       use-cgroups = true
       builders-use-substitutes = true
-      flake-registry = https://git.${depot.lib.meta.domain}/private-void/registry/-/raw/master/registry.json
+      flake-registry = https://registry.${depot.lib.meta.domain}/flake-registry.json
       
       # For Hercules CI agent
       narinfo-cache-negative-ttl = 0