{ description = "Asgard Eternal's flake for managing system configurations"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; deploy-rs.url = "github:serokell/deploy-rs"; impermanence = { url = "github:nix-community/impermanence"; }; agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; # For the nixd language server flake-compat = { url = "github:inclyc/flake-compat"; flake = false; }; blog = { type = "gitlab"; owner = "blog"; repo = "blog"; host = "gitlab.orion-technologies.io"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = inputs @ { self, nixpkgs, deploy-rs, impermanence, agenix, disko, flake-utils, blog, ... }: let lib = (import ./lib { lib = nixpkgs.lib; }) // nixpkgs.lib; persist-dir = "/persist"; defaults = { config = { environment.etc.machine-id.source = "${persist-dir}/ephemeral/etc/machine-id"; environment.persistence.save = { hideMounts = true; persistentStoragePath = "${persist-dir}/save"; }; environment.persistence.ephemeral = { persistentStoragePath = "${persist-dir}/ephemeral"; hideMounts = true; directories = [ "/var/lib" "/var/log" "/etc/nixos" ]; }; }; }; in { nixosConfigurations.luna = let hostname = "luna"; in nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit self; inherit blog; inherit flake-utils; inherit inputs; inherit hostname; inherit nixpkgs; inherit lib; inherit persist-dir; root-disk = "/dev/nvme0n1"; fqdn = "orion-technologies.io"; }; modules = [ defaults impermanence.nixosModules.impermanence agenix.nixosModules.default disko.nixosModules.disko { config = (import "${self}/secrets" { agenix = false; inherit lib; }).${hostname}; } ./hosts/${hostname} ]; }; deploy.nodes = { luna = { hostname = "luna"; fastConnection = true; profiles = { system = { sshUser = "price"; user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.luna; }; }; }; }; } // flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; overlays = [ agenix.overlays.default ]; }; in { devShells.default = pkgs.mkShell { packages = with pkgs; [ age age-plugin-yubikey pkgs.agenix nixos-rebuild pkgs.deploy-rs ]; shellHook = '' export RULES="$PWD/secrets/secrets.nix" nix eval --json --file ./.nixd.nix > .nixd.json ''; }; }); }