{ description = "My NixOS configurations"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11"; inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; inputs.flake-utils.url = "github:numtide/flake-utils"; inputs.home-manager = { url = "github:nix-community/home-manager/release-21.11"; inputs.nixpkgs.follows = "nixpkgs"; }; inputs.nur.url = "github:nix-community/NUR"; inputs.musnix = { url = "github:musnix/musnix"; flake = false; }; inputs.shmart-prompt-dir = { url = "github:minijackson/shmart-prompt-dir"; flake = false; }; outputs = inputs @ { self, nixpkgs, home-manager, ... }: { lib = import ./lib { inherit (nixpkgs) lib; }; nixosModules = { default = { ... }: { imports = [ home-manager.nixosModules.home-manager (import ./configuration.nix inputs) ]; }; test = { config, ... }: { imports = [ self.nixosModules.default ]; home-manager.users.minijackson.home.stateVersion = "21.05"; home-manager.users.root.home.stateVersion = "21.05"; users.users.minijackson.initialHashedPassword = ""; users.users.root.initialHashedPassword = ""; networking.domain = "localdomain"; topology.mainVpn = { interfaceName = "tinc.testNet"; subnet = "fd1f:340c:c5eb:9b18::/64"; currentNodeIP = "fd1f:340c:c5eb:9b18::1"; }; services.tinc.networks.testNet = { }; # TODO: automate that? {{{ networking.interfaces."tinc.testNet" = { virtual = true; virtualType = "tun"; ipv6.addresses = [{ address = config.topology.mainVpn.currentNodeIP; prefixLength = 64; }]; }; systemd.services."tinc.testNet" = { after = [ "network-addresses-tinc.testNet.service" ]; requires = [ "network-addresses-tinc.testNet.service" ]; }; # }}} }; usecases.common = { backupClient = (import ./usecases/common/backup-client.nix inputs); dnscrypt = (import ./usecases/common/dnscrypt.nix inputs); fwupd = (import ./usecases/common/fwupd.nix inputs); }; usecases.desktop = { default = (import ./usecases/desktop/default.nix inputs); development = (import ./usecases/desktop/development.nix inputs); music = (import ./usecases/desktop/music.nix inputs); networkManager = (import ./usecases/desktop/networking/network-manager.nix inputs); graphical = { audioProduction = (import ./usecases/desktop/graphical/audio-production.nix inputs); gaming = (import ./usecases/desktop/graphical/gaming.nix inputs); imageManipulation = (import ./usecases/desktop/graphical/image-manipulation.nix inputs); kodi = (import ./usecases/desktop/graphical/kodi.nix inputs); }; }; usecases.server = { default = (import ./usecases/server/default.nix inputs); ankisyncd = (import ./usecases/server/ankisyncd.nix inputs); audit = (import ./usecases/server/audit.nix inputs); fail2ban = (import ./usecases/server/fail2ban.nix inputs); gotifyServer = (import ./usecases/server/gotify-server.nix inputs); hydraServer = (import ./usecases/server/hydra-server.nix inputs); jellyfin = (import ./usecases/server/jellyfin.nix inputs); grocy = (import ./usecases/server/grocy.nix inputs); miniflux = (import ./usecases/server/miniflux.nix inputs); monitoringServer = (import ./usecases/server/monitoring-server.nix inputs); monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs); nginx = (import ./usecases/server/nginx.nix inputs); radicale = (import ./usecases/server/radicale.nix inputs); searx = (import ./usecases/server/searx.nix inputs); shiori = (import ./usecases/server/shiori.nix inputs); smartd = (import ./usecases/server/smartd.nix inputs); taskserver = (import ./usecases/server/taskserver.nix inputs); zfs = (import ./usecases/server/zfs.nix inputs); }; profiles = { desktop = (import ./profiles/desktop.nix inputs); laptop = (import ./profiles/laptop.nix inputs); server = (import ./profiles/server.nix inputs); }; }; templates = { desktop = { path = ./templates/desktop; description = "Flake template for a new desktop machine"; }; }; defaultTemplate = self.templates.desktop; hydraJobs = let # Use the nixpkgs configuration of a test machine, so that it # contains the list of allowed unfree packages nixpkgsConfig = let testConfiguration = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.test ]; }; in testConfiguration.config.nixpkgs.config; pkgs = import nixpkgs { system = "x86_64-linux"; config = nixpkgsConfig; }; inherit (pkgs) nixosTest; in { tests.testDefault = nixosTest { machine = self.nixosModules.test; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testPlainDesktop = nixosTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.desktop self.nixosModules.usecases.common.fwupd ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testFullDesktop = nixosTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.desktop self.nixosModules.usecases.common.fwupd self.nixosModules.usecases.desktop.development self.nixosModules.usecases.desktop.music self.nixosModules.usecases.desktop.graphical.audioProduction self.nixosModules.usecases.desktop.graphical.gaming self.nixosModules.usecases.desktop.graphical.imageManipulation self.nixosModules.usecases.desktop.graphical.kodi { home-manager.users.minijackson.programs.beets.settings.acoustid.apikey = "0000000000"; } ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; tests.testServer = nixosTest { machine = { ... }: { imports = [ self.nixosModules.test self.nixosModules.profiles.server self.nixosModules.usecases.server.ankisyncd self.nixosModules.usecases.server.gotifyServer self.nixosModules.usecases.server.hydraServer self.nixosModules.usecases.server.jellyfin self.nixosModules.usecases.server.miniflux self.nixosModules.usecases.server.monitoringServer self.nixosModules.usecases.server.nginx self.nixosModules.usecases.server.radicale self.nixosModules.usecases.server.shiori self.nixosModules.usecases.server.taskserver self.nixosModules.usecases.server.zfs ({ modulesPath, ... }: { imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; virtualisation.memorySize = 1024; # Needed for ZFS networking.hostId = "4e98920d"; services.hydra = { secretKeyLocation = builtins.toFile "store-secret-key" "testServer:0d5jJjOxIoe6sTr2YKWkQxsM3ZcW+9GAk52yYNVxfYBUxS2nUfzfQk5Jo0OwHnT95bTLXCVNQETGV4m6KHsVCA=="; }; services.jellyfin.allowedPaths = [ ]; services.miniflux.adminCredentialsFile = builtins.toFile "miniflux-secret.env" '' ADMIN_USERNAME=admin ADMIN_PASSWORD='hello world' ''; }) ]; }; testScript = '' # TODO machine.wait_for_unit("multi-user.target") ''; }; isoImage.x86_64-linux = let isoSystem = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.default ({ modulesPath, ... }: { imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-base.nix") ]; environment.etc.nixos-config-reborn.source = toString self; isoImage.makeEfiBootable = true; isoImage.makeUsbBootable = true; home-manager.users.minijackson.home.stateVersion = "21.05"; home-manager.users.root.home.stateVersion = "21.05"; users.users.minijackson.initialHashedPassword = ""; users.users.root.initialHashedPassword = ""; }) ]; }; in isoSystem.config.system.build.isoImage; }; }; }