summaryrefslogtreecommitdiffstats
path: root/flake.nix
blob: 4c31b3794f05bf3f226e945e9870cd6f37a80998 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
{
  description = "My NixOS configurations";

  inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-20.09";
  inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
  inputs.flake-utils.url = "github:numtide/flake-utils";
  inputs.home-manager = {
    url = "github:nix-community/home-manager/release-20.09";
    inputs.nixpkgs.follows = "nixpkgs";
  };

  outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, flake-utils, home-manager }: {

    nixosModules = {
      default = { ... }: {
        imports = [
          home-manager.nixosModules.home-manager
          (import ./configuration.nix inputs)
        ];
      };

      test = { config, ... }: {
        imports = [ self.nixosModules.default ];

        home-manager.users.minijackson.home.stateVersion = "20.09";
        home-manager.users.root.home.stateVersion = "20.09";

        users.users.minijackson.initialHashedPassword = "";
        users.users.root.initialHashedPassword = "";

        topology.mainVpn = {
          interfaceName = "tinc.testNet";
          subnet = "fd1f:340c:c5eb:9b18::/64";
          currentNodeIP = "fd1f:340c:c5eb:9b18::1";
        };

        services.tinc.networks.testNet = { };

        # TODO: automate that? {{{
        networking.interfaces."tinc.testNet" = {
          virtual = true;
          virtualType = "tun";
          ipv6.addresses = [{
            address = config.topology.mainVpn.currentNodeIP;
            prefixLength = 64;
          }];
        };

        systemd.services."tinc.testNet" = {
          after = [ "network-addresses-tinc.testNet.service" ];
          requires = [ "network-addresses-tinc.testNet.service" ];
        };
        # }}}
      };

      usecases.common = {
        backupClient = (import ./usecases/common/backup-client.nix inputs);
      };

      usecases.desktop = {
        default = (import ./usecases/desktop/default.nix inputs);
      };

      usecases.server = {
        default = (import ./usecases/server/default.nix inputs);
        fail2ban = (import ./usecases/server/fail2ban.nix inputs);
        monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs);
      };

      profiles = {
        desktop = (import ./profiles/desktop.nix inputs);
        server = (import ./profiles/server.nix inputs);
      };
    };

    nixosConfigurations = {
      testDefault = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          self.nixosModules.test
        ];
      };

      testDesktop = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          self.nixosModules.test
          self.nixosModules.profiles.desktop
          ({ modulesPath, ... }: {
            imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];

            virtualisation = {
              memorySize = 2048;
              cores = 3;
            };
          })
        ];
      };

      testServer = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          self.nixosModules.test
          self.nixosModules.profiles.server
        ];
      };
    };

  };
}