Pim Kunis
b4fbc0b955
- deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script
55 lines
1.5 KiB
Nix
55 lines
1.5 KiB
Nix
{
|
|
description = "NixOS definitions for our physical servers";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
|
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
deploy-rs.url = "github:serokell/deploy-rs";
|
|
disko = {
|
|
url = "github:nix-community/disko";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
agenix = {
|
|
url = "github:ryantm/agenix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs = { self, nixpkgs, deploy-rs, disko, agenix, nixpkgs-unstable, ... }:
|
|
let
|
|
system = "x86_64-linux";
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
|
|
in {
|
|
devShells.${system}.default = pkgs.mkShell {
|
|
packages = with pkgs-unstable; [ libsecret nixos-anywhere ];
|
|
};
|
|
|
|
formatter = pkgs.nixfmt;
|
|
|
|
nixosConfigurations.hypervisor = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
disko.nixosModules.disko
|
|
agenix.nixosModules.default
|
|
./configuration.nix
|
|
];
|
|
};
|
|
|
|
deploy = {
|
|
sshUser = "root";
|
|
user = "root";
|
|
|
|
nodes.jefke = {
|
|
hostname = "jefke.hyp";
|
|
profiles.hypervisor = {
|
|
path = deploy-rs.lib.${system}.activate.nixos
|
|
self.nixosConfigurations.hypervisor;
|
|
};
|
|
};
|
|
};
|
|
|
|
checks = builtins.mapAttrs
|
|
(system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
|
};
|
|
}
|