infra/flake.nix

{
  outputs =
    {
      flake-parts,
      nixpkgs,
      nixpkgs-unstable,
      self,
      ...
    }@inputs:
    let
      overlays = [
        (final: _: {
          unstable = nixpkgs-unstable.legacyPackages.${final.system};
          prometheus-fail2ban-exporter = final.callPackage ./pkgs/prometheus-fail2ban-exporter { };
        })
      ];
    in
    flake-parts.lib.mkFlake { inherit inputs; } {
      flake = {
        nixosConfigurations.main-node = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          modules = [
            {
              nixpkgs = {
                inherit overlays;
                config.allowUnfreePredicate =
                  pkg:
                  builtins.elem (nixpkgs.lib.getName pkg) [
                    "elasticsearch"
                    "satisfactory-server"
                    "steamworks-sdk-redist"
                    "valheim-server"
                  ];
              };
            }
            ./hosts/main-node
            ./config
            ./modules
            inputs.agenix.nixosModules.default
            inputs.attic.nixosModules.atticd
            inputs.home-manager.nixosModules.home-manager
            inputs.satisfactory-server.nixosModules.default
            inputs.valheim-server.nixosModules.default
          ];
          specialArgs = {
            inherit inputs;
          };
        };

        checks = builtins.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;

        deploy.nodes.main-node = {
          hostname = "winston.sh";
          profiles.system = {
            sshUser = "root";
            path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.main-node;
          };
        };
      };

      perSystem =
        {
          config,
          inputs',
          pkgs,
          self',
          system,
          ...
        }:
        {
          _module.args.pkgs = import nixpkgs { inherit overlays system; };

          devShells.default = pkgs.mkShell {
            inherit (config.pre-commit.devShell) shellHook;
            packages = [
              inputs'.agenix.packages.agenix
              pkgs.age-plugin-yubikey
              pkgs.unstable.deploy-rs
              self'.formatter
            ];
          };

          formatter = pkgs.nixfmt-rfc-style;

          pre-commit = {
            check.enable = true;
            settings.excludes = [ "_sources/" ];
            settings.hooks = {
              commitizen.enable = true;
              editorconfig-checker.enable = true;
              nil.enable = true;
              nixfmt-rfc-style.enable = true;
              shellcheck.enable = true;
            };
          };
        };

      imports = [ inputs.git-hooks.flakeModule ];
      systems = [
        "aarch64-darwin"
        "aarch64-linux"
        "x86_64-darwin"
        "x86_64-linux"
      ];
    };

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    home-manager = {
      url = "github:nix-community/home-manager/release-24.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    flake-parts = {
      url = "github:hercules-ci/flake-parts";
      inputs.nixpkgs-lib.follows = "nixpkgs";
    };
    flake-utils.url = "github:numtide/flake-utils";

    agenix = {
      url = "github:ryantm/agenix";
      inputs.darwin.follows = "";
      inputs.home-manager.follows = "";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    attic = {
      url = "github:zhaofengli/attic";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
      inputs.nixpkgs-stable.follows = "nixpkgs";
      inputs.flake-compat.follows = "";
      inputs.flake-parts.follows = "flake-parts";
    };
    deploy-rs = {
      url = "github:serokell/deploy-rs";
      inputs.flake-compat.follows = "";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.utils.follows = "flake-utils";
    };
    git-hooks = {
      url = "github:cachix/git-hooks.nix";
      inputs.flake-compat.follows = "";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
      inputs.nixpkgs-stable.follows = "nixpkgs";
    };

    # game servers
    steam-fetcher = {
      url = "github:nix-community/steam-fetcher";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    satisfactory-server = {
      url = "github:nekowinston/satisfactory-server-flake";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.steam-fetcher.follows = "steam-fetcher";
    };
    valheim-server = {
      url = "github:aidalgol/valheim-server-flake";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.steam-fetcher.follows = "steam-fetcher";
    };
  };

  nixConfig = {
    substituters = [
      "https://cache.nixos.org"
      "https://cache.garnix.io"
      "https://pre-commit-hooks.cachix.org"
    ];
    trusted-public-keys = [
      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
      "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
      "pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="
    ];
  };
}
feat: init 2023-05-06 06:49:46 +02:00			`{`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`outputs =`
			`{`
			`flake-parts,`
			`nixpkgs,`
			`nixpkgs-unstable,`
			`self,`
			`...`
			`}@inputs:`
			`let`
			`overlays = [`
			`(final: _: {`
			`unstable = nixpkgs-unstable.legacyPackages.${final.system};`
			`prometheus-fail2ban-exporter = final.callPackage ./pkgs/prometheus-fail2ban-exporter { };`
			`})`
			`];`
			`in`
			`flake-parts.lib.mkFlake { inherit inputs; } {`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`flake = {`
chore: clean up flake inputs 2024-09-16 16:56:18 +02:00			`nixosConfigurations.main-node = nixpkgs.lib.nixosSystem {`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`system = "x86_64-linux";`
			`modules = [`
			`{`
feat(gitea): add elasticsearch 2023-07-03 21:25:18 +02:00			`nixpkgs = {`
chore: update 2023-10-18 20:31:26 +02:00			`inherit overlays;`
chore: security hardening 2024-09-18 23:32:50 +02:00			`config.allowUnfreePredicate =`
			`pkg:`
			`builtins.elem (nixpkgs.lib.getName pkg) [`
			`"elasticsearch"`
			`"satisfactory-server"`
			`"steamworks-sdk-redist"`
			`"valheim-server"`
			`];`
feat(gitea): add elasticsearch 2023-07-03 21:25:18 +02:00			`};`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`}`
			`./hosts/main-node`
			`./config`
feat(wakapi): add module, init 2023-07-06 16:58:43 +02:00			`./modules`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`inputs.agenix.nixosModules.default`
feat: reenable attic-server 2024-08-23 20:35:59 +02:00			`inputs.attic.nixosModules.atticd`
feat: hm init 2024-03-08 12:47:39 +01:00			`inputs.home-manager.nixosModules.home-manager`
feat: add satisfactory server flake 2024-09-11 08:52:28 +02:00			`inputs.satisfactory-server.nixosModules.default`
chore: clean up flake inputs 2024-09-16 16:56:18 +02:00			`inputs.valheim-server.nixosModules.default`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`];`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`specialArgs = {`
			`inherit inputs;`
			`};`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`};`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00
chore: drop compute-heavy checks 2024-09-18 19:44:09 +02:00			`checks = builtins.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00
			`deploy.nodes.main-node = {`
			`hostname = "winston.sh";`
			`profiles.system = {`
feat: add deploy-rs user config 2024-09-16 20:57:30 +02:00			`sshUser = "root";`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00			`path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.main-node;`
			`};`
			`};`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`};`
feat: init 2023-05-06 06:49:46 +02:00
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`perSystem =`
			`{`
			`config,`
			`inputs',`
			`pkgs,`
			`self',`
			`system,`
			`...`
			`}:`
			`{`
			`_module.args.pkgs = import nixpkgs { inherit overlays system; };`
feat: update and gitea tweaks 2024-03-03 00:24:08 +01:00
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`devShells.default = pkgs.mkShell {`
			`inherit (config.pre-commit.devShell) shellHook;`
chore: security hardening 2024-09-18 23:32:50 +02:00			`packages = [`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`inputs'.agenix.packages.agenix`
			`pkgs.age-plugin-yubikey`
			`pkgs.unstable.deploy-rs`
			`self'.formatter`
			`];`
			`};`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`formatter = pkgs.nixfmt-rfc-style;`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`pre-commit = {`
			`check.enable = true;`
			`settings.excludes = [ "_sources/" ];`
			`settings.hooks = {`
			`commitizen.enable = true;`
			`editorconfig-checker.enable = true;`
			`nil.enable = true;`
			`nixfmt-rfc-style.enable = true;`
			`shellcheck.enable = true;`
			`};`
feat: init 2023-05-06 06:49:46 +02:00			`};`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`};`

chore(nix): update lockfile 2024-09-19 00:20:13 +02:00			`imports = [ inputs.git-hooks.flakeModule ];`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`systems = [`
			`"aarch64-darwin"`
chore: drop compute-heavy checks 2024-09-18 19:44:09 +02:00			`"aarch64-linux"`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`"x86_64-darwin"`
chore: drop compute-heavy checks 2024-09-18 19:44:09 +02:00			`"x86_64-linux"`
style: format with nixfmt-rfc-style 2024-09-18 16:10:20 +02:00			`];`
refactor: use flake-parts 2023-07-03 05:37:43 +02:00			`};`
refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00
			`inputs = {`
chore: update 2024-08-13 07:21:27 +02:00			`nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";`
refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00			`nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";`
feat: hm init 2024-03-08 12:47:39 +01:00			`home-manager = {`
chore: update 2024-08-13 07:21:27 +02:00			`url = "github:nix-community/home-manager/release-24.05";`
feat: hm init 2024-03-08 12:47:39 +01:00			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
feat: fish config, gitea fixes 2024-03-07 22:16:02 +01:00
			`flake-parts = {`
			`url = "github:hercules-ci/flake-parts";`
			`inputs.nixpkgs-lib.follows = "nixpkgs";`
			`};`
			`flake-utils.url = "github:numtide/flake-utils";`

refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00			`agenix = {`
			`url = "github:ryantm/agenix";`
			`inputs.darwin.follows = "";`
			`inputs.home-manager.follows = "";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
feat: reenable attic-server 2024-08-23 20:35:59 +02:00			`attic = {`
			`url = "github:zhaofengli/attic";`
			`inputs.nixpkgs.follows = "nixpkgs-unstable";`
			`inputs.nixpkgs-stable.follows = "nixpkgs";`
			`inputs.flake-compat.follows = "";`
chore(nix): update lockfile 2024-09-19 00:20:13 +02:00			`inputs.flake-parts.follows = "flake-parts";`
feat: reenable attic-server 2024-08-23 20:35:59 +02:00			`};`
feat: add deploy-rs 2024-09-16 17:04:33 +02:00			`deploy-rs = {`
			`url = "github:serokell/deploy-rs";`
			`inputs.flake-compat.follows = "";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`inputs.utils.follows = "flake-utils";`
			`};`
chore(nix): update lockfile 2024-09-19 00:20:13 +02:00			`git-hooks = {`
			`url = "github:cachix/git-hooks.nix";`
feat: fish config, gitea fixes 2024-03-07 22:16:02 +01:00			`inputs.flake-compat.follows = "";`
refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00			`inputs.nixpkgs.follows = "nixpkgs-unstable";`
			`inputs.nixpkgs-stable.follows = "nixpkgs";`
			`};`
chore: clean up flake inputs 2024-09-16 16:56:18 +02:00
			`# game servers`
			`steam-fetcher = {`
			`url = "github:nix-community/steam-fetcher";`
feat: fish config, gitea fixes 2024-03-07 22:16:02 +01:00			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
feat: add satisfactory server flake 2024-09-11 08:52:28 +02:00			`satisfactory-server = {`
chore: clean up flake inputs 2024-09-16 16:56:18 +02:00			`url = "github:nekowinston/satisfactory-server-flake";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`inputs.steam-fetcher.follows = "steam-fetcher";`
			`};`
			`valheim-server = {`
			`url = "github:aidalgol/valheim-server-flake";`
refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00			`inputs.nixpkgs.follows = "nixpkgs";`
chore: clean up flake inputs 2024-09-16 16:56:18 +02:00			`inputs.steam-fetcher.follows = "steam-fetcher";`
refactor(nix): use precommit flake module 2023-11-27 08:00:57 +01:00			`};`
			`};`

			`nixConfig = {`
			`substituters = [`
			`"https://cache.nixos.org"`
			`"https://cache.garnix.io"`
			`"https://pre-commit-hooks.cachix.org"`
			`];`
			`trusted-public-keys = [`
			`"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="`
			`"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="`
			`"pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="`
			`];`
			`};`
feat: init 2023-05-06 06:49:46 +02:00			`}`