{ description = "My NixOS configurations"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-20.09"; inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; inputs.flake-utils.url = "github:numtide/flake-utils"; inputs.home-manager = { url = "github:nix-community/home-manager/release-20.09"; inputs.nixpkgs.follows = "nixpkgs"; }; inputs.neovim-master = { url = "github:neovim/neovim?dir=contrib"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; outputs = inputs @ { self, nixpkgs, home-manager, ... }: { nixosModules = { default = { ... }: { imports = [ home-manager.nixosModules.home-manager (import ./configuration.nix inputs) ]; }; test = { config, ... }: { imports = [ self.nixosModules.default ]; home-manager.users.minijackson.home.stateVersion = "20.09"; home-manager.users.root.home.stateVersion = "20.09"; users.users.minijackson.initialHashedPassword = ""; users.users.root.initialHashedPassword = ""; topology.mainVpn = { interfaceName = "tinc.testNet"; subnet = "fd1f:340c:c5eb:9b18::/64"; currentNodeIP = "fd1f:340c:c5eb:9b18::1"; }; services.tinc.networks.testNet = { }; # TODO: automate that? {{{ networking.interfaces."tinc.testNet" = { virtual = true; virtualType = "tun"; ipv6.addresses = [{ address = config.topology.mainVpn.currentNodeIP; prefixLength = 64; }]; }; systemd.services."tinc.testNet" = { after = [ "network-addresses-tinc.testNet.service" ]; requires = [ "network-addresses-tinc.testNet.service" ]; }; # }}} }; usecases.common = { backupClient = (import ./usecases/common/backup-client.nix inputs); dnscrypt = (import ./usecases/common/dnscrypt.nix inputs); fwupd = (import ./usecases/common/fwupd.nix inputs); }; usecases.desktop = { default = (import ./usecases/desktop/default.nix inputs); development = (import ./usecases/desktop/development.nix inputs); networkManager = (import ./usecases/desktop/networking/network-manager.nix inputs); }; usecases.server = { default = (import ./usecases/server/default.nix inputs); ankisyncd = (import ./usecases/server/ankisyncd.nix inputs); audit = (import ./usecases/server/audit.nix inputs); fail2ban = (import ./usecases/server/fail2ban.nix inputs); gotifyServer = (import ./usecases/server/gotify-server.nix inputs); hydraServer = (import ./usecases/server/hydra-server.nix inputs); jellyfin = (import ./usecases/server/jellyfin.nix inputs); miniflux = (import ./usecases/server/miniflux.nix inputs); monitoringServer = (import ./usecases/server/monitoring-server.nix inputs); monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs); nginx = (import ./usecases/server/nginx.nix inputs); radicale = (import ./usecases/server/radicale.nix inputs); shiori = (import ./usecases/server/shiori.nix inputs); smartd = (import ./usecases/server/smartd.nix inputs); taskserver = (import ./usecases/server/taskserver.nix inputs); zfs = (import ./usecases/server/zfs.nix inputs); }; profiles = { desktop = (import ./profiles/desktop.nix inputs); server = (import ./profiles/server.nix inputs); }; }; nixosConfigurations = { testDefault = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.test ]; }; testPlainDesktop = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.test self.nixosModules.profiles.desktop ]; }; testDevDesktop = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.test self.nixosModules.profiles.desktop self.nixosModules.usecases.desktop.development ]; }; testServer = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.test self.nixosModules.profiles.server ]; }; }; hydraJobs = let testing = import (nixpkgs + "/nixos/lib/testing-python.nix") { system = "x86_64-linux"; }; in { tests.testDefault = testing.simpleTest { machine = self.nixosModules.test; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testPlainDesktop = testing.simpleTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.desktop self.nixosModules.usecases.common.fwupd ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testDevDesktop = testing.simpleTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.desktop self.nixosModules.usecases.common.fwupd self.nixosModules.usecases.desktop.development ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testServer = testing.simpleTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.server self.nixosModules.usecases.server.ankisyncd self.nixosModules.usecases.server.gotifyServer self.nixosModules.usecases.server.hydraServer self.nixosModules.usecases.server.jellyfin self.nixosModules.usecases.server.miniflux self.nixosModules.usecases.server.monitoringServer self.nixosModules.usecases.server.nginx self.nixosModules.usecases.server.radicale self.nixosModules.usecases.server.shiori self.nixosModules.usecases.server.taskserver self.nixosModules.usecases.server.zfs ({ modulesPath, ... }: { imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; virtualisation.memorySize = 1024; # Needed for ZFS networking.hostId = "4e98920d"; services.hydra = { hydraURL = "localhost:3000"; notificationSender = "hydra@localhost"; secretKeyLocation = builtins.toFile "store-secret-key" "testServer:0d5jJjOxIoe6sTr2YKWkQxsM3ZcW+9GAk52yYNVxfYBUxS2nUfzfQk5Jo0OwHnT95bTLXCVNQETGV4m6KHsVCA=="; }; services.jellyfin.allowedPaths = [ ]; services.miniflux.adminCredentialsFile = builtins.toFile "miniflux-secret.env" '' ADMIN_USERNAME=admin ADMIN_PASSWORD='hello world' ''; }) ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; }; }; }