{ description = "A flake for building our infra"; outputs = inputs: let nixpkgsLib = inputs.nixpkgs.lib; unstableNixpkgsLib = inputs.nixpkgsUnstable.lib; forAllSystems = function: (nixpkgsLib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: function inputs.nixpkgs.legacyPackages."${system}")); transformer = name: value: ( if name == [ ] then value else (if (builtins.hasAttr "default" value) then value.default else value) ); pathLoader = inputs.haumea.lib.loaders.path; importLoader = inputs.haumea.lib.loaders.verbatim; pkgsLoader = pkgs: (path: path: pkgs.callPackage path { }); loadDir = loader: src: inputs.haumea.lib.load { inherit src loader transformer; }; in { checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) ( nixpkgsLib.filterAttrs (key: value: nixpkgsLib.hasSuffix "linux" key) inputs.deploy-rs.lib ); formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style); resources = loadDir [ (inputs.haumea.lib.matchers.always pathLoader) ] ./resources; sopsSecrets = loadDir [ (inputs.haumea.lib.matchers.always pathLoader) ] ./secrets; packages = forAllSystems (pkgs: (loadDir (pkgsLoader pkgs) ./packages)); nixosModules.default = ./config/nixosModules.nix; homeManagerModules = loadDir pathLoader ./config/home; lib = loadDir (path: path: import path inputs) ./lib; overlays = { nixpkgsUnstable = final: prev: { unstable = inputs.nixpkgsUnstable.legacyPackages.${prev.system}; }; packages = final: prev: loadDir (path: path: final.callPackage path { }) ./packages; }; nixpkgsOverlays = [ inputs.self.overlays.packages inputs.self.overlays.nixpkgsUnstable inputs.zaphyraWebsite.overlays.default inputs.stagit.overlays.default inputs.flauschehornSexy.overlays.default inputs.gpxMap.overlays.default inputs.oeffisearch.overlays.default inputs.things.overlays.default inputs.mqttWebUI.overlays.default ]; hosts = loadDir importLoader ./hosts; nixosConfigurations = builtins.mapAttrs ( hostName: hostConfig: (if !hostConfig.nixpkgsStable then unstableNixpkgsLib.nixosSystem else nixpkgsLib.nixosSystem) { system = hostConfig.system; specialArgs = { inherit inputs; dnsNix = inputs.dnsNix.lib; nixStd = inputs.nixStd.lib; hostConfig = hostConfig // { inherit hostName; }; }; modules = nixpkgsLib.flatten [ { nixpkgs.overlays = inputs.self.nixpkgsOverlays; } ( if !hostConfig.nixpkgsStable then [ inputs.homeManagerUnstable.nixosModules.default inputs.diskoUnstable.nixosModules.default ] else [ inputs.homeManager.nixosModules.default inputs.disko.nixosModules.default ] ) inputs.impermanence.nixosModules.default inputs.lixModule.nixosModules.default inputs.lanzaboote.nixosModules.lanzaboote inputs.sopsNix.nixosModules.sops inputs.simpleNixosMailserver.nixosModules.default inputs.grapevine.nixosModules.default inputs.things.nixosModules.default inputs.self.nixosModules.default hostConfig.configuration ]; } ) inputs.self.hosts; homeConfigurations = builtins.listToAttrs ( builtins.map ( name: (nixpkgsLib.nameValuePair name ( inputs.homeManager.lib.homeManagerConfiguration { pkgs = import inputs.nixpkgs { system = "x86_64-linux"; overlays = inputs.self.nixpkgsOverlays; config = { allowUnfree = true; }; }; modules = [ inputs.self.homeManagerModules."${name}".common ]; extraSpecialArgs = { inherit inputs; inherit (inputs.self) homeManagerModules; }; } )) ) (nixpkgsLib.attrNames inputs.self.homeManagerModules) ); hydraJobs = builtins.listToAttrs ( builtins.map ( name: (nixpkgsLib.nameValuePair name inputs.self.nixosConfigurations."${name}".config.system.build.toplevel ) ) [ # List of systems that should be built by hydra. "empty" ] ); deploy = { activationTimeout = 600; confirmTimeout = 240; nodes = builtins.mapAttrs (nodeName: node: { hostname = node.config.networking.fqdn; sshUser = "root"; sshOpts = [ "-p" "${builtins.toString (nixpkgsLib.head node.config.services.openssh.ports)}" ]; profiles.system = { user = "root"; path = inputs.deploy-rs.lib.${node.config.nixpkgs.system}.activate.nixos node; }; }) inputs.self.nixosConfigurations; }; }; inputs = { # these are just dependencies of other inputs flakeCompat.url = "github:edolstra/flake-compat"; flakeyProfile.url = "github:lf-/flakey-profile"; flakeUtils.url = "github:numtide/flake-utils"; flakeParts.url = "github:hercules-ci/flake-parts"; nixSystemsDefault.url = "github:nix-systems/default"; flakeUtils.inputs.systems.follows = "nixSystemsDefault"; flakeParts.inputs.nixpkgs-lib.follows = "nixpkgs"; # nixpkgs nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; impermanence.url = "github:nix-community/impermanence"; nixStd.url = "github:chessai/nix-std"; dnsNix.url = "git+https://git.zaphyra.eu/dns.nix"; dnsNix.inputs.nixpkgs.follows = "nixpkgs"; haumea.url = "git+https://git.zaphyra.eu/haumea"; haumea.inputs.nixpkgs.follows = "nixpkgs"; sopsNix.url = "github:Mic92/sops-nix"; sopsNix.inputs.nixpkgs.follows = "nixpkgs"; disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; diskoUnstable.url = "github:nix-community/disko"; diskoUnstable.inputs.nixpkgs.follows = "nixpkgsUnstable"; simpleNixosMailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; simpleNixosMailserver.inputs.nixpkgs.follows = "nixpkgs"; simpleNixosMailserver.inputs.nixpkgs-25_05.follows = "nixpkgs"; simpleNixosMailserver.inputs.flake-compat.follows = "flakeCompat"; homeManager.url = "github:nix-community/home-manager/release-25.05"; homeManager.inputs.nixpkgs.follows = "nixpkgs"; homeManagerUnstable.url = "github:nix-community/home-manager/master"; homeManagerUnstable.inputs.nixpkgs.follows = "nixpkgsUnstable"; lanzaboote.url = "github:nix-community/lanzaboote/v0.4.2"; lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; lanzaboote.inputs.flake-parts.follows = "flakeParts"; lanzaboote.inputs.flake-compat.follows = "flakeCompat"; lix.url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz"; lix.flake = false; lixModule.url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; lixModule.inputs.lix.follows = "lix"; lixModule.inputs.flake-utils.follows = "flakeUtils"; lixModule.inputs.flakey-profile.follows = "flakeyProfile"; lixModule.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.inputs.utils.follows = "flakeUtils"; deploy-rs.inputs.flake-compat.follows = "flakeCompat"; grapevine.url = "gitlab:matrix/grapevine?host=gitlab.computer.surgery&ref=lambda/sss"; grapevine.inputs = { nixpkgs.follows = "nixpkgs"; flake-compat.follows = "flakeCompat"; flake-utils.follows = "flakeUtils"; }; zaphyraWebsite.url = "git+https://git.zaphyra.eu/website"; zaphyraWebsite.inputs.nixpkgs.follows = "nixpkgs"; stagit.url = "git+https://git.zaphyra.eu/stagit"; stagit.inputs.nixpkgs.follows = "nixpkgs"; flauschehornSexy.url = "git+https://git.zaphyra.eu/flauschehorn.sexy"; flauschehornSexy.inputs.nixpkgs.follows = "nixpkgs"; gpxMap.url = "git+https://git.zaphyra.eu/gpx-map"; gpxMap.inputs.nixpkgs.follows = "nixpkgs"; oeffisearch.url = "git+https://git.zaphyra.eu/oeffisearch"; oeffisearch.inputs.nixpkgs.follows = "nixpkgs"; things.url = "git+https://git.zaphyra.eu/things"; things.inputs.nixpkgs.follows = "nixpkgs"; mqttWebUI.url = "git+https://git.zaphyra.eu/mqtt-webui"; mqttWebUI.inputs.nixpkgs.follows = "nixpkgs"; firefoxGnomeTheme.flake = false; firefoxGnomeTheme.url = "github:rafaelmardojai/firefox-gnome-theme/v137"; }; }