golgi/flake.nix

{
  description = "My server flake";

  inputs = {
    nixpkgs.url = github:NixOS/nixpkgs/nixos-unstable;
    flake-utils-plus.url = github:ravensiris/flake-utils-plus?ref=ravensiris/fix-devshell-legacy-packages;
    agenix.url = "github:ryantm/agenix";
    deploy-rs = {
      url = github:serokell/deploy-rs;
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  nixConfig.sandbox = "relaxed";

  outputs = inputs@{ self, nixpkgs, flake-utils-plus, agenix, ... }:
    let
      modules = flake-utils-plus.lib.exportModules (
        nixpkgs.lib.mapAttrsToList (name: value: ./modules/${name}) (builtins.readDir ./modules)
      );
    in
    flake-utils-plus.lib.mkFlake {
      inherit self inputs modules;

      hosts = {
        golgi.modules = with modules; [
          common
          admin
          zsh
          hardware-hetzner
          hardened
          agenix.nixosModule
          forgejo
          caddy
        ];
      };

      deploy.nodes = {
        golgi = {
          hostname = "tecosaur.net";
          fastConnection = false;
          profiles = {
            system = {
              sshUser = "admin";
              sshOpts = ["-o" "ControlMaster=no"];
              path =
                inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.golgi;
              user = "root";
            };
          };
        };
      };

      outputsBuilder = (channels: {
        devShells.default = channels.nixpkgs.mkShell {
          name = "deploy";
          buildInputs = with channels.nixpkgs; [
            nixUnstable
            inputs.deploy-rs.defaultPackage.${system}
          ];
        };
      });

      checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
    };
}
initial commit 2022-07-29 15:42:48 +00:00			`{`
			`description = "My server flake";`

			`inputs = {`
Move back to nixos-unstable and update 2022-10-01 16:05:47 +00:00			`nixpkgs.url = github:NixOS/nixpkgs/nixos-unstable;`
Temporarily switch flake-utils-plus source While waiting for https://github.com/gytis-ivaskevicius/flake-utils-plus/pull/134 to be merged. 2023-06-24 04:18:19 +00:00			`flake-utils-plus.url = github:ravensiris/flake-utils-plus?ref=ravensiris/fix-devshell-legacy-packages;`
changes 2022-07-29 17:25:12 +00:00			`agenix.url = "github:ryantm/agenix";`
initial commit 2022-07-29 15:42:48 +00:00			`deploy-rs = {`
			`url = github:serokell/deploy-rs;`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
			`};`

Introduce a zsh module for nicer shelling 2023-06-27 12:33:25 +00:00			`nixConfig.sandbox = "relaxed";`

changes 2022-07-29 17:25:12 +00:00			`outputs = inputs@{ self, nixpkgs, flake-utils-plus, agenix, ... }:`
initial commit 2022-07-29 15:42:48 +00:00			`let`
changes 2022-07-29 17:25:12 +00:00			`modules = flake-utils-plus.lib.exportModules (`
			`nixpkgs.lib.mapAttrsToList (name: value: ./modules/${name}) (builtins.readDir ./modules)`
initial commit 2022-07-29 15:42:48 +00:00			`);`
			`in`
			`flake-utils-plus.lib.mkFlake {`
changes 2022-07-29 17:25:12 +00:00			`inherit self inputs modules;`
initial commit 2022-07-29 15:42:48 +00:00
			`hosts = {`
changes 2022-07-29 17:25:12 +00:00			`golgi.modules = with modules; [`
initial commit 2022-07-29 15:42:48 +00:00			`common`
			`admin`
Introduce a zsh module for nicer shelling 2023-06-27 12:33:25 +00:00			`zsh`
initial commit 2022-07-29 15:42:48 +00:00			`hardware-hetzner`
Harden networking (mostly) 2023-06-26 12:56:17 +00:00			`hardened`
changes 2022-07-29 17:25:12 +00:00			`agenix.nixosModule`
Switch from gitea to forgejo 2023-06-24 05:16:32 +00:00			`forgejo`
Make caddy config more conditional 2022-08-05 12:29:25 +00:00			`caddy`
initial commit 2022-07-29 15:42:48 +00:00			`];`
			`};`

			`deploy.nodes = {`
Refer to golgi target as "golgi" not "my-node" 2022-09-19 16:59:07 +00:00			`golgi = {`
changes 2022-07-29 17:25:12 +00:00			`hostname = "tecosaur.net";`
initial commit 2022-07-29 15:42:48 +00:00			`fastConnection = false;`
			`profiles = {`
changes 2022-07-29 17:25:12 +00:00			`system = {`
initial commit 2022-07-29 15:42:48 +00:00			`sshUser = "admin";`
Update flake 2023-06-24 04:52:41 +00:00			`sshOpts = ["-o" "ControlMaster=no"];`
initial commit 2022-07-29 15:42:48 +00:00			`path =`
			`inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.golgi;`
			`user = "root";`
			`};`
			`};`
			`};`
			`};`

			`outputsBuilder = (channels: {`
changes 2022-07-29 17:25:12 +00:00			`devShells.default = channels.nixpkgs.mkShell {`
Shorter dev shell name 2023-06-24 03:52:46 +00:00			`name = "deploy";`
initial commit 2022-07-29 15:42:48 +00:00			`buildInputs = with channels.nixpkgs; [`
			`nixUnstable`
			`inputs.deploy-rs.defaultPackage.${system}`
			`];`
			`};`
			`});`

			`checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;`
			`};`
			`}`