82 lines
1.9 KiB
Nix
82 lines
1.9 KiB
Nix
{
|
|
description = "Definition of the Seattle NixOps network.";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "nixpkgs/nixos-21.05";
|
|
|
|
fudo-home.url = "path:/state/nixos/nix-home";
|
|
|
|
fudo-secrets.url = "path:/state/secrets";
|
|
|
|
# fudo-pkgs.url = "path:/state/nixos/fudo-pkgs";
|
|
|
|
fudo-nixos = {
|
|
url = "path:/state/nixos";
|
|
# Don't import it as a flake
|
|
flake = false;
|
|
};
|
|
};
|
|
|
|
outputs = { self,
|
|
nixpkgs,
|
|
fudo-home,
|
|
fudo-nixos,
|
|
fudo-secrets,
|
|
... }: let
|
|
lib = nixpkgs.lib;
|
|
|
|
domain = "sea.fudo.org";
|
|
|
|
build-timestamp = builtins.trace self.sourceInfo self.sourceInfo.lastModified;
|
|
|
|
hostlib = import (fudo-nixos + /lib/hosts.nix) {
|
|
inherit lib;
|
|
};
|
|
|
|
hosts = lib.filterAttrs (hostname: hostOpts:
|
|
hostOpts.nixos-system && hostOpts.domain == domain)
|
|
(hostlib.base-host-config (fudo-nixos + /config/hosts));
|
|
|
|
pkgs-for = system: import nixpkgs {
|
|
inherit system;
|
|
config = {
|
|
allowUnfree = true;
|
|
permittedInsecurePackages = [
|
|
"openssh-with-gssapi-8.4p1"
|
|
];
|
|
};
|
|
overlays = [
|
|
(import (fudo-nixos + /fudo-pkgs/overlay.nix))
|
|
(import (fudo-nixos + /lib/overlay.nix))
|
|
];
|
|
};
|
|
|
|
initialize-host = import (fudo-nixos + /initialize.nix);
|
|
|
|
in {
|
|
nixopsConfigurations.default = {
|
|
inherit nixpkgs;
|
|
|
|
network = {
|
|
description = "Seattle NixOps network.";
|
|
enableRollback = true;
|
|
};
|
|
|
|
defaults._module.args = { inherit domain; };
|
|
} // lib.mapAttrs (hostname: hostOpts: let
|
|
#system = hostOpts.arch;
|
|
pkgs = pkgs-for hostOpts.arch;
|
|
lib = pkgs.lib;
|
|
in {
|
|
#inherit system;
|
|
modules = [
|
|
fudo-home.nixosModule
|
|
fudo-secrets.nixosModule
|
|
(initialize-host {
|
|
inherit hostname pkgs lib build-timestamp fudo-secrets;
|
|
})
|
|
];
|
|
}) hosts;
|
|
};
|
|
}
|