{ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-krypton.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; bij = { url = "git+https://git.clerie.de/clerie/bij.git"; inputs.nixpkgs.follows = "nixpkgs"; }; chaosevents = { url = "git+https://git.clerie.de/clerie/chaosevents.git"; #inputs.nixpkgs.follows = "nixpkgs"; }; fernglas = { url = "github:wobcom/fernglas"; inputs.nixpkgs.follows = "nixpkgs"; }; fieldpoc.url = "git+https://git.clerie.de/clerie/fieldpoc.git"; nixos-exporter = { url = "git+https://git.clerie.de/clerie/nixos-exporter.git"; inputs.nixpkgs.follows = "nixpkgs"; }; solid-xmpp-alarm = { url = "git+https://git.clerie.de/clerie/solid-xmpp-alarm.git"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; ssh-to-age = { url = "github:Mic92/ssh-to-age"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, agenix, nixpkgs, nixos-hardware, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ssh-to-age, ... }@inputs: let lib = import ./lib inputs; helper = lib.flake-helper; in { clerie.hosts = { aluminium = { name = "aluminium"; group = "event"; }; astatine = { name = "astatine"; group = "event"; modules = [ ./users/criese-nethinks ./users/isa ]; }; backup-4 = { name = "backup-4"; }; beryllium = { name = "beryllium"; group = "event"; }; carbon = { name = "carbon"; }; clerie-backup = { name = "clerie-backup"; }; dn42-il-gw1 = { name = "dn42-il-gw1"; }; dn42-il-gw5 = { name = "dn42-il-gw5"; }; dn42-il-gw6 = { name = "dn42-il-gw6"; }; dn42-ildix-clerie = { name = "dn42-ildix-clerie"; }; dn42-ildix-service = { name = "dn42-ildix-service"; }; gatekeeper = { name = "gatekeeper"; }; hydra-1 = { name = "hydra-1"; }; hydra-2 = { name = "hydra-2"; }; krypton = { name = "krypton"; modules = [ nixos-hardware.nixosModules.lenovo-thinkpad-x270 ]; }; mail-2 = { name = "mail-2"; }; minecraft-2 = { name = "minecraft-2"; }; monitoring-3 = { name = "monitoring-3"; }; nonat = { name = "nonat"; }; osmium = { name = "osmium"; }; palladium = { name = "palladium"; }; porter = { name = "porter"; }; storage-2 = { name = "storage-2"; }; web-2 = { name = "web-2"; }; zinc = { name = "zinc"; modules = [ nixos-hardware.nixosModules.common-cpu-intel ]; }; # nixfiles-auto-install: add new host above _iso = { name = "_iso"; }; }; nixosConfigurations = helper.mapToNixosConfigurations self.clerie.hosts; colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; }; } // helper.mapToColmenaHosts self.nixosConfigurations; overlays = { clerie = import ./pkgs/overlay.nix; default = self.overlays.clerie; }; packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let pkgs = import nixpkgs { inherit system; overlays = [ self.overlays.clerie (_: _: { inherit (agenix.packages.${system}) agenix; inherit (chaosevents.packages.${system}) chaosevents; inherit (ssh-to-age.packages.${system}) ssh-to-age; }) ]; }; in { inherit (pkgs) clerie-keys clerie-system-upgrade clerie-merge-nixfiles-update clerie-update-nixfiles clerie-sops clerie-sops-config chromium-incognito iot-data nix-remove-result-links nixfiles-add-secret nixfiles-auto-install nixfiles-generate-backup-secrets nixfiles-generate-config nixfiles-update-ssh-host-keys print-afra ssh-gpg update-from-hydra uptimestatus; }); inherit lib self; hydraJobs = { inherit (self) packages; nixosConfigurations = helper.buildHosts self.nixosConfigurations; iso = self.nixosConfigurations._iso.config.system.build.isoImage; }; nixConfig = { extra-substituters = [ "https://nix-cache.clerie.de" ]; extra-trusted-public-keys = [ "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=" ]; }; }; }