system-manager-wakasu
1{
2 description = "System Config";
3
4 nixConfig = {
5 extra-substituters = [
6 "https://nixos-raspberrypi.cachix.org"
7 ];
8 extra-trusted-public-keys = [
9 "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
10 ];
11 };
12
13 outputs =
14 { self, ... }@inputs:
15 let
16 inherit (self) outputs;
17 stateVersion = "24.11";
18
19 libx = import ./lib {
20 inherit
21 self
22 inputs
23 outputs
24 stateVersion
25 ;
26 };
27
28 supportedSystems = [
29 "x86_64-linux"
30 "aarch64-linux"
31 ];
32 forAllSystems = inputs.nixpkgs.lib.genAttrs supportedSystems;
33 in
34 {
35 githubActions = inputs.nix-github-actions.lib.mkGithubMatrix {
36 checks = inputs.nixpkgs.lib.getAttrs [ "x86_64-linux" ] self.packages;
37 };
38 githubActionsMatrix = builtins.toJSON (
39 inputs.nixpkgs.lib.mapAttrsToList
40 (name: value: {
41 inherit name;
42 arch = value._module.specialArgs.system;
43 })
44 (
45 inputs.nixpkgs.lib.attrsets.filterAttrs (
46 _: config:
47 (
48 builtins.hasAttr "system" config._module.specialArgs && config._module.specialArgs.hostname != "foo"
49 )
50 ) self.nixosConfigurations
51 )
52 );
53 # Standalone home configurations
54 # FIXME set this up
55 homeConfigurations = {
56 # headless machine
57 "vincent@aion" = libx.mkHome {
58 username = "vincent";
59 hostname = "aion";
60 system = "aarch64-linux";
61 };
62 "houbeb@aion" = libx.mkHome {
63 username = "houbeb";
64 hostname = "aion";
65 system = "aarch64-linux";
66 };
67 # TODO vincent@honshu (darwin)
68 # TODO vincent@okinawa (wsl ?)
69 };
70 nixosConfigurations = {
71 # Work laptop (unstable)
72 kyushu = libx.mkHost {
73 hostname = "kyushu";
74 # desktop = "sway";
75 desktop = "niri";
76 };
77 # Servers (unstable)
78 aomi = libx.mkHost {
79 hostname = "aomi";
80 };
81 sakhalin = libx.mkHost {
82 hostname = "sakhalin";
83 };
84 # kobe = libx.mkHost {
85 # hostname = "kobe";
86 # };
87 # shikoku = libx.mkHost {
88 # hostname = "shikoku";
89 # };
90 # Servers (stable)
91 athena = libx.mkHost {
92 hostname = "athena";
93 system = "aarch64-linux";
94 hardwareType = "rpi4";
95 pkgsInput = inputs.nixpkgs-25_05;
96 homeInput = inputs.home-manager-25_05;
97 };
98 demeter = libx.mkHost {
99 hostname = "demeter";
100 system = "aarch64-linux";
101 hardwareType = "rpi4";
102 pkgsInput = inputs.nixpkgs-25_05;
103 homeInput = inputs.home-manager-25_05;
104 };
105 aix = libx.mkHost {
106 hostname = "aix";
107 system = "aarch64-linux";
108 hardwareType = "rpi4";
109 pkgsInput = inputs.nixpkgs-25_05;
110 homeInput = inputs.home-manager-25_05;
111 };
112 aion = libx.mkHost {
113 hostname = "aion";
114 system = "aarch64-linux";
115 pkgsInput = inputs.nixpkgs-25_05;
116 homeInput = inputs.home-manager-25_05;
117 };
118 rhea = libx.mkHost {
119 hostname = "rhea";
120 system = "aarch64-linux";
121 pkgsInput = inputs.nixpkgs-25_05;
122 homeInput = inputs.home-manager-25_05;
123 };
124 kerkouane = libx.mkHost {
125 hostname = "kerkouane";
126 pkgsInput = inputs.nixpkgs-25_05;
127 homeInput = inputs.home-manager-25_05;
128 };
129 # NOTE: experimentations
130 foo = libx.newMkHost {
131 hostname = "foo";
132 };
133 };
134
135 nixosModules = {
136 # provided modules (to be upstreamed)
137 wireguard-client = ./modules/wireguard-client.nix;
138 wireguard-server = ./modules/wireguard-server.nix;
139 govanityurl = ./modules/govanityurl.nix;
140 gosmee = ./modules/gosmee.nix;
141 };
142
143 # system-manager configurations
144 # FIXME set this up
145 systemConfigs = {
146 aion = libx.mkSystemManager {
147 hostname = "aion";
148 system = "aarch64-linux";
149 };
150 wakasu = libx.mkSystemManager {
151 hostname = "wakasu";
152 system = "x86_64-linux";
153 };
154 };
155
156 images = {
157 # sdimages
158 aix =
159 (self.nixosConfigurations.aix.extendModules {
160 modules = [
161 "${inputs.nixpkgs-25_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
162 ];
163 }).config.system.build.sdImage;
164 athena =
165 (self.nixosConfigurations.athena.extendModules {
166 modules = [
167 "${inputs.nixpkgs-25_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
168 ];
169 }).config.system.build.sdImage;
170 demeter =
171 (self.nixosConfigurations.demeter.extendModules {
172 modules = [
173 "${inputs.nixpkgs-25_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
174 ];
175 }).config.system.build.sdImage;
176 nagoya =
177 (self.nixosConfigurations.nagoya.extendModules {
178 modules = [
179 "${inputs.nixpkgs-25_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
180 ];
181 }).config.system.build.sdImage;
182 };
183
184 overlays = import ./overlays { inherit inputs; };
185
186 packages = forAllSystems (
187 system:
188 let
189 pkgs = import inputs.nixpkgs {
190 inherit system;
191 config.allowAliases = false;
192 overlays = [
193 self.overlays.additions
194 ];
195 };
196 skipDarwinPackages =
197 system: n:
198 if lib.strings.hasSuffix "darwin" system then !(lib.strings.hasPrefix "koff" n) else true;
199 inherit (inputs.nixpkgs) lib;
200 drvAttrs = builtins.filter (n: lib.isDerivation pkgs.${n} && skipDarwinPackages system n) (
201 builtins.attrNames (self.overlays.additions pkgs pkgs)
202 );
203 in
204 lib.listToAttrs (map (n: lib.nameValuePair n pkgs.${n}) drvAttrs)
205 );
206
207 checks = forAllSystems (system: {
208 pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
209 src = ./.;
210 hooks = {
211 # go
212 gofmt.enable = true;
213 # golangci-lint.enable = true;
214 # nix
215 deadnix.enable = true;
216 nixfmt-rfc-style.enable = true;
217 # statix.enable = true;
218 # python
219 flake8.enable = true;
220 ruff.enable = true;
221 # shell
222 shellcheck.enable = true;
223 };
224 };
225 });
226
227 devShells = forAllSystems (system: {
228 default =
229 let
230 pkgs = import inputs.nixpkgs {
231 inherit system;
232 config.allowUnfree = true;
233 };
234 in
235 inputs.nixpkgs.legacyPackages.${system}.mkShell {
236 inherit (self.checks.${system}.pre-commit-check) shellHook;
237 buildInputs = self.checks.${system}.pre-commit-check.enabledPackages;
238 packages = [
239 pkgs.git
240 pkgs.nodePackages.prettier
241 pkgs.deadnix
242 pkgs.nixfmt-rfc-style
243 inputs.agenix.packages.${system}.default
244 ];
245 name = "home";
246 DIRENV_LOG_FORMAT = "";
247 };
248 });
249 };
250
251 inputs = {
252 # Flake for compatibility with non-flake commands
253 flake-compat = {
254 type = "github";
255 owner = "edolstra";
256 repo = "flake-compat";
257 flake = false;
258 };
259
260 buildkit-tekton = {
261 url = "github:vdemeester/buildkit-tekton";
262 inputs.nixpkgs.follows = "nixpkgs";
263 };
264 go-org-readwise = {
265 url = "github:vdemeester/go-org-readwise";
266 inputs.nixpkgs.follows = "nixpkgs";
267 };
268
269 # nixpkgs
270 nixpkgs = {
271 type = "github";
272 owner = "NixOS";
273 repo = "nixpkgs";
274 ref = "nixos-unstable";
275 };
276 nixpkgs-25_05 = {
277 type = "github";
278 owner = "NixOS";
279 repo = "nixpkgs";
280 ref = "nixos-25.05";
281 };
282 nixpkgs-master.url = "github:nixos/nixpkgs/master";
283 pre-commit-hooks.url = "github:cachix/git-hooks.nix";
284 pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs";
285 pre-commit-hooks.inputs.flake-compat.follows = "flake-compat";
286 # Home Manager
287 home-manager = {
288 type = "github";
289 owner = "nix-community";
290 repo = "home-manager";
291 inputs.nixpkgs.follows = "nixpkgs";
292 };
293 dns = {
294 url = "github:nix-community/dns.nix";
295 inputs.nixpkgs.follows = "nixpkgs";
296 };
297 home-manager-25_05 = {
298 type = "github";
299 owner = "nix-community";
300 repo = "home-manager";
301 ref = "release-25.05";
302 inputs.nixpkgs.follows = "nixpkgs-25_05";
303 };
304
305 niri = {
306 type = "github";
307 owner = "sodiboo";
308 repo = "niri-flake";
309 inputs.nixpkgs.follows = "nixpkgs";
310 inputs.nixpkgs-stable.follows = "nixpkgs-25_05";
311 };
312
313 dagger = {
314 type = "github";
315 owner = "dagger";
316 repo = "nix";
317 inputs.nixpkgs.follows = "nixpkgs";
318 };
319
320 emacs-overlay = {
321 url = "github:nix-community/emacs-overlay";
322 inputs.nixpkgs.follows = "nixpkgs";
323 inputs.nixpkgs-stable.follows = "nixpkgs-25_05";
324 };
325
326 nixos-hardware = {
327 type = "github";
328 owner = "NixOS";
329 "repo" = "nixos-hardware";
330 };
331
332 # Me :D
333 chick-group = {
334 type = "github";
335 owner = "vdemeester";
336 repo = "chick-group";
337 inputs.nixpkgs.follows = "nixpkgs";
338 inputs.pre-commit-hooks.follows = "pre-commit-hooks";
339 };
340 # Red Hat
341 chapeau-rouge = {
342 type = "github";
343 owner = "vdemeester";
344 repo = "chapeau-rouge";
345 inputs.nixpkgs.follows = "nixpkgs";
346 inputs.pre-commit-hooks.follows = "pre-commit-hooks";
347 };
348 agenix.url = "github:ryantm/agenix";
349 agenix.inputs.nixpkgs.follows = "nixpkgs";
350 agenix.inputs.home-manager.follows = "home-manager";
351 agenix-25_05.url = "github:ryantm/agenix";
352 agenix-25_05.inputs.nixpkgs.follows = "nixpkgs-25_05";
353 agenix-25_05.inputs.home-manager.follows = "home-manager-25_05";
354
355 lanzaboote.url = "github:nix-community/lanzaboote";
356 lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
357 lanzaboote.inputs.flake-compat.follows = "flake-compat";
358 lanzaboote.inputs.pre-commit-hooks-nix.follows = "pre-commit-hooks";
359
360 disko.url = "github:nix-community/disko";
361 disko.inputs.nixpkgs.follows = "nixpkgs";
362
363 system-manager.url = "github:numtide/system-manager";
364 system-manager.inputs.nixpkgs.follows = "nixpkgs";
365
366 nix-github-actions.url = "github:nix-community/nix-github-actions";
367 nix-github-actions.inputs.nixpkgs.follows = "nixpkgs";
368
369 nixos-raspberrypi.url = "github:nvmd/nixos-raspberrypi/develop";
370 nixos-raspberrypi.inputs.flake-compat.follows = "flake-compat";
371
372 copilot-cli.url = "github:scarisey/copilot-cli-flake";
373 copilot-cli.inputs.nixpkgs.follows = "nixpkgs";
374 };
375}