{ description = "Price Hiller's flake for managing system configurations"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; impermanence = { url = "github:nix-community/impermanence"; }; agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; blog = { type = "gitlab"; owner = "blog"; repo = "blog"; host = "gitlab.orion-technologies.io"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = inputs @ { self, nixpkgs, impermanence, agenix, disko, flake-utils, blog, ... }: let lib = import ./lib // nixpkgs.lib; pkgs = nixpkgs.legacyPackages."x86_64-linux"; defaults = { config = { environment.etc.machine-id.source = "/nix/persist/ephemeral/etc/machine-id"; environment.persistence.save = { hideMounts = true; persistentStoragePath = "/nix/persist/save"; }; environment.persistence.ephemeral = { persistentStoragePath = "/nix/persist/ephemeral"; hideMounts = true; directories = [ "/var/lib" "/var/log" "/etc/nixos" { directory = "/persist"; user = "root"; group = "root"; mode = "0700"; } ]; }; }; }; in { nixosConfigurations.luna = let hostname = "luna"; in nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit self; inherit flake-utils; inherit inputs; inherit hostname; inherit lib; inherit blog; secrets = "${self}/secrets/${hostname}"; disk = "nvme0n1"; fqdn = "orion-technologies.io"; }; modules = [ { _module.args = { }; } defaults impermanence.nixosModules.impermanence agenix.nixosModules.default disko.nixosModules.disko ./hosts/${hostname} ]; }; } // flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; overlays = [ agenix.overlays.default ]; }; in { devShells.default = pkgs.mkShell { packages = with pkgs; [ age age-plugin-yubikey pkgs.agenix ]; shellHook = '' export RULES="$PWD/secrets/secrets.nix" ''; }; }); }