{ description = "tlater.net host configuration"; inputs = { nixpkgs.url = "https://channels.nixos.org/nixos-25.05-small/nixexprs.tar.xz"; nixpkgs-unstable.url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"; ## Nix/OS utilities disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; deploy-rs = { url = "github:serokell/deploy-rs"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; ## Programs flint = { url = "github:NotAShelf/flint"; inputs.nixpkgs.follows = "nixpkgs"; }; ## Services foundryvtt = { url = "github:reckenrode/nix-foundryvtt"; inputs.nixpkgs.follows = "nixpkgs"; }; sonnenshift = { url = "git+ssh://git@github.com/sonnenshift/battery-manager"; inputs = { nixpkgs.follows = "nixpkgs"; crate2nix.inputs = { flake-compat.follows = "deploy-rs/flake-compat"; devshell.inputs.flake-utils.follows = "deploy-rs/utils"; }; }; }; }; outputs = { self, nixpkgs, sops-nix, ... }@inputs: let system = "x86_64-linux"; vm = nixpkgs.lib.nixosSystem { inherit system; specialArgs.flake-inputs = inputs; modules = [ ./configuration ./configuration/hardware-specific/vm.nix ]; }; # deploy-rs unfortunately uses an `import nixpkgs`, and its # library functions depend on an instantiated nixpkgs, so we # can't get around multi-nixpkgs-eval. inherit (import nixpkgs { inherit system; overlays = [ inputs.deploy-rs.overlays.default (_: prev: { deploy-rs = { inherit (nixpkgs.legacyPackages.${system}) deploy-rs; inherit (prev.deploy-rs) lib; }; }) ]; }) deploy-rs ; in { ################## # Configurations # ################## nixosConfigurations = { # The actual system definition hetzner-1 = nixpkgs.lib.nixosSystem { inherit system; specialArgs.flake-inputs = inputs; modules = [ ./configuration ./configuration/hardware-specific/hetzner ]; }; }; ############################ # Deployment configuration # ############################ deploy.nodes = { hetzner-1 = { hostname = "116.202.158.55"; profiles.system = { user = "root"; path = deploy-rs.lib.activate.nixos self.nixosConfigurations.hetzner-1; }; sshUser = "tlater"; sshOpts = [ "-p" "2222" "-o" "ForwardAgent=yes" ]; }; }; ######### # Tests # ######### checks = import ./checks { flake-inputs = inputs; }; ########################### # Garbage collection root # ########################### packages.${system} = { default = vm.config.system.build.vm; } // import ./pkgs { pkgs = nixpkgs.legacyPackages.${system}; flake-inputs = inputs; }; ################### # Utility scripts # ################### apps.${system} = { default = self.apps.${system}.run-vm; run-vm = { type = "app"; program = (nixpkgs.legacyPackages.${system}.writeShellScript "" '' ${vm.config.system.build.vm.outPath}/bin/run-testvm-vm '').outPath; }; }; ########################### # Development environment # ########################### devShells.${system} = { default = nixpkgs.legacyPackages.${system}.mkShell { sopsPGPKeyDirs = [ "./keys/hosts/" "./keys/users/" ]; packages = nixpkgs.lib.attrValues { inherit (sops-nix.packages.${system}) sops-import-keys-hook sops-init-gpg-key; inherit (deploy-rs) deploy-rs; }; }; minecraft = nixpkgs.legacyPackages.${system}.mkShell { packages = nixpkgs.lib.attrValues { inherit (nixpkgs.legacyPackages.${system}) packwiz; }; }; webserver = self.packages.${system}.webserver.devShell; }; }; }