StuRa/stura-infra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
stura-infra/flake.nix

117 lines
3.8 KiB
Nix
Raw Blame History

{
description = "StuRa HTWD NixOS Configurations";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
authentik = {
url = "github:nix-community/authentik-nix";
};
mailserver = {
url = "git+https://gitlab.com/simple-nixos-mailserver/nixos-mailserver?ref=nixos-25.11";
};
sops = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
{
self,
nixpkgs,
authentik,
mailserver,
disko,
sops,
}:
let
sshkeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINABEf0jBjtDdezDDtvl1v27l0DbHP2XUgMARTZXC+MR goeranh@node5"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDmYHNdtPmQqvNINEWJgqEojrye+wQKr0S0VwlGv7xUa goeranh@node7"
];
in
rec {
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style;
packages.x86_64-linux =
builtins.foldl'
(
result: name:
result
// {
# run nixos-rebuild switch on the target system
# the config will be built locally and copied over
"${name}-update" = nixpkgs.legacyPackages.x86_64-linux.writeShellScriptBin "update" ''
nixos-rebuild switch --flake .#${name} --target-host root@${(builtins.head (nixosConfigurations.${name}.config.networking.interfaces.${builtins.head (builtins.attrNames nixosConfigurations.${name}.config.networking.interfaces)}.ipv4.addresses)).address}
'';
}
)
{ }
(
# filter all nixos configs containing installer
builtins.filter (item: !nixpkgs.lib.hasInfix "-" item) (builtins.attrNames nixosConfigurations)
)
// (
let
iso-config = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
{
users.users.administration = {
password = "test";
isNormalUser = true;
};
users.users.root.openssh.authorizedKeys.keys = sshkeys;
networking.interfaces.ens18.ipv4.addresses = [
{
address = "141.56.51.98";
prefixLength = 24;
}
];
services.getty.autologinUser = "root";
services.openssh.enable = true;
system.stateVersion = "25.11";
networking.dhcpcd.enable = nixpkgs.lib.mkForce false;
networking.defaultGateway.address = "141.56.51.254";
networking.nameservers = [ "9.9.9.9" ];
}
];
};
in
{
installer-iso = iso-config.config.system.build.isoImage;
installer-vm = iso-config.config.system.build.vm;
}
);
nixosConfigurations = builtins.foldl' (
result: input:
result
// {
"${input}" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
let
modulesPath = "${nixpkgs}";
in
[
./hosts/${input}
./default.nix
disko.nixosModules.disko
authentik.nixosModules.default
mailserver.nixosModules.mailserver
{
_module.args = { inherit self modulesPath; };
}
];
};
}
) { } (builtins.attrNames (builtins.readDir ./hosts));
};
}
Reference in a new issue View git blame Copy permalink