118 lines
3.7 KiB
Nix
118 lines
3.7 KiB
Nix
{
|
|
description = "CCCB services";
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
|
|
#flake-utils.url = "github:numtide/flake-utils";
|
|
agenix = {
|
|
url = "github:ryantm/agenix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
outputs =
|
|
{
|
|
self,
|
|
nixpkgs,
|
|
#flake-utils,
|
|
agenix,
|
|
}:
|
|
#flake-utils.lib.eachDefaultSystem (
|
|
# system:
|
|
let
|
|
pkgs = import nixpkgs { inherit system; };
|
|
system = "x86_64-linux";
|
|
in
|
|
{
|
|
formatter.${system} = pkgs.nixfmt-tree;
|
|
apps.nixos-diff = {
|
|
type = "app";
|
|
program = "${pkgs.writeShellScript "nixos-diff.sh" ''
|
|
${pkgs.git}/bin/git pull --ff-only
|
|
${pkgs.nixos-rebuild}/bin/nixos-rebuild build --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json
|
|
${pkgs.nvd}/bin/nvd diff /run/current-system ./result
|
|
''}";
|
|
};
|
|
devShells.${system}.default = pkgs.mkShell {
|
|
packages = [
|
|
(agenix.packages.${system}.default)
|
|
pkgs.age
|
|
];
|
|
};
|
|
nixosConfigurations."matrix" = nixpkgs.lib.nixosSystem {
|
|
#system = "x86_64-linux";
|
|
#pkgs = import nixpkgs { inherit system; };
|
|
inherit system;
|
|
modules = [
|
|
agenix.nixosModules.default
|
|
{ environment.systemPackages = [ (agenix.packages.${system}.default) ]; }
|
|
{
|
|
age.secrets = {
|
|
pushover_app_token = {
|
|
file = ./secrets/pushover_app_token.age;
|
|
mode = "440";
|
|
owner = "root";
|
|
group = "root";
|
|
};
|
|
pushover_user_key = {
|
|
file = ./secrets/pushover_user_key.age;
|
|
mode = "440";
|
|
owner = "root";
|
|
group = "root";
|
|
};
|
|
matrix_registration_shared_secret = {
|
|
file = ./secrets/matrix_registration_shared_secret.age;
|
|
mode = "440";
|
|
owner = "matrix-synapse";
|
|
group = "matrix-synapse";
|
|
};
|
|
matrix_signing_key = {
|
|
file = ./secrets/matrix_signing_key.age;
|
|
mode = "440";
|
|
owner = "matrix-synapse";
|
|
group = "matrix-synapse";
|
|
};
|
|
draupnir_access_token = {
|
|
file = ./secrets/draupnir_access_token.age;
|
|
mode = "440";
|
|
owner = "root";
|
|
group = "root";
|
|
};
|
|
grafana_secret_key = {
|
|
file = ./secrets/grafana_secret_key.age;
|
|
mode = "440";
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
};
|
|
grafana_admin_password = {
|
|
file = ./secrets/grafana_admin_password.age;
|
|
mode = "440";
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
};
|
|
};
|
|
}
|
|
./hosts/matrix
|
|
];
|
|
};
|
|
nixosConfigurations."hedgedoc" = nixpkgs.lib.nixosSystem {
|
|
#system = "x86_64-linux";
|
|
#pkgs = import nixpkgs { inherit system; };
|
|
inherit system;
|
|
modules = [
|
|
agenix.nixosModules.default
|
|
{ environment.systemPackages = [ (agenix.packages.${system}.default) ]; }
|
|
./hosts/hedgedoc
|
|
];
|
|
};
|
|
nixosConfigurations."sql" = nixpkgs.lib.nixosSystem {
|
|
#system = "x86_64-linux";
|
|
#pkgs = import nixpkgs { inherit system; };
|
|
inherit system;
|
|
modules = [
|
|
agenix.nixosModules.default
|
|
{ environment.systemPackages = [ (agenix.packages.${system}.default) ]; }
|
|
./hosts/sql
|
|
];
|
|
};
|
|
};
|
|
#);
|
|
}
|