{ description = "tlater.net host configuration"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; nvfetcher = { url = "github:berberman/nvfetcher"; inputs.nixpkgs.follows = "nixpkgs"; }; tlaternet-webserver = { url = "git+https://gitea.tlater.net/tlaternet/tlaternet.git"; inputs.nixpkgs.follows = "nixpkgs"; }; foundryvtt = { url = "github:reckenrode/nix-foundryvtt"; inputs.nixpkgs.follows = "nixpkgs"; }; sonnenshift = { url = "git+ssh://git@github.com/sonnenshift/battery-manager?ref=tlater/implement-nix-module"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, nixpkgs, sops-nix, nvfetcher, deploy-rs, ... } @ inputs: let system = "x86_64-linux"; pkgs = nixpkgs.legacyPackages.${system}; in { ################## # Configurations # ################## nixosConfigurations = { # The actual system definition hetzner-1 = nixpkgs.lib.nixosSystem { inherit system; specialArgs.flake-inputs = inputs; modules = [ ./configuration ./configuration/hardware-specific/hetzner ]; }; }; ############################ # Deployment configuration # ############################ deploy.nodes = { hetzner-1 = { hostname = "116.202.158.55"; profiles.system = { user = "root"; path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.hetzner-1; }; sshUser = "tlater"; sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"]; }; }; ######### # Tests # ######### checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; ################### # Utility scripts # ################### apps.${system} = { default = self.apps.${system}.run-vm; run-vm = { type = "app"; program = let vm = nixpkgs.lib.nixosSystem { inherit system; specialArgs.flake-inputs = inputs; modules = [ ./configuration ./configuration/hardware-specific/vm.nix ]; }; in (pkgs.writeShellScript "" '' ${vm.config.system.build.vm.outPath}/bin/run-testvm-vm '') .outPath; }; update-pkgs = { type = "app"; program = let nvfetcher-bin = "${nvfetcher.packages.${system}.default}/bin/nvfetcher"; in (pkgs.writeShellScript "update-pkgs" '' cd "$(git rev-parse --show-toplevel)/pkgs" ${nvfetcher-bin} -o _sources_pkgs -c nvfetcher.toml '') .outPath; }; update-nextcloud-apps = { type = "app"; program = let nvfetcher-bin = "${nvfetcher.packages.${system}.default}/bin/nvfetcher"; in (pkgs.writeShellScript "update-nextcloud-apps" '' cd "$(git rev-parse --show-toplevel)/pkgs" ${nvfetcher-bin} -o _sources_nextcloud -c nextcloud-apps.toml '') .outPath; }; }; ########################### # Development environment # ########################### devShells.${system}.default = nixpkgs.legacyPackages.${system}.mkShell { sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"]; nativeBuildInputs = [ sops-nix.packages.${system}.sops-import-keys-hook ]; packages = with pkgs; [ sops-nix.packages.${system}.sops-init-gpg-key deploy-rs.packages.${system}.default cargo clippy rustc rustfmt rust-analyzer pkg-config openssl ]; }; }; }