nix-infra/flake.nix

{
  description = "CCCHH Nix Infrastructure";

  inputs = {
    # Use the NixOS small channels for nixpkgs.
    # https://nixos.org/manual/nixos/stable/#sec-upgrading
    # https://github.com/NixOS/nixpkgs
    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11-small";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";

    # Add nixos-generators as an input.
    # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake
    nixos-generators = {
      url = "github:nix-community/nixos-generators";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = { nixpkgs, nixpkgs-unstable, nixos-generators, ... }:
    let
      pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
      # Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support.
      shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
        shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
          # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
          configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
          buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
          # Use specific Shairport Sync and nqptp versions, since with those the
          # following error doesn't happen:
          # fatal error: The nqptp service on this system, which is required for
          # Shairport Sync to operate, does not seem to be initialised.
          #
          # Also use a more recent dev version to fix Pipewire stuttering issue.
          # See:
          # https://github.com/mikebrady/shairport-sync/issues/1736
          # https://github.com/mikebrady/shairport-sync/blob/a65ec2d7f1f380bbae196d7f8f1cd6a88ef5777b/RELEASENOTES-DEVELOPMENT.md#version-432-dev-51-g98679bbb
          src = final.fetchFromGitHub {
            owner = "mikebrady";
            repo = finalAttr.pname;
            rev = "98679bbb54f5aaeda859e34aa28425647b8d179e";
            hash = "sha256-k0kcgtWk2xlG34lP0ryEaqdskYMNM68YnIRLwFR3jaY=";
          };
        });
        nqptp = prev.nqptp.overrideAttrs (finalAttr: previousAttr: {
          # See Shairport Sync version note.
          src = final.fetchFromGitHub {
            owner = "mikebrady";
            repo = finalAttr.pname;
            rev = "1.2.4";
            hash = "sha256-roTNcr3v2kzE6vQ5plAVtlw1+2yJplltOYsGGibtoZo=";
          };
          # Custom install phase to avoid setcap.
          # See:
          # https://github.com/mikebrady/nqptp/blob/1.2.4/Makefile.am#L23
          installPhase = ''
            mkdir -p $out/bin
            cp nqptp $out/bin/
          '';
        });
      };
    in {
    colmena = {
      meta = {
        nixpkgs = nixpkgs.legacyPackages."x86_64-linux";
        nodeNixpkgs = {
          audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
          audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
        };
        nodeSpecialArgs = {
          public-web-static = { inherit pkgs-unstable; };
        };
      };

      audio-hauptraum-kueche = {
        deployment = {
          targetHost = "audio-hauptraum-kueche.z9.ccchh.net";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "thinkcccluster" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/audio-hauptraum-kueche
        ];
      };

      audio-hauptraum-tafel = {
        deployment = {
          targetHost = "audio-hauptraum-tafel.z9.ccchh.net";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "thinkcccluster" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/audio-hauptraum-tafel
        ];
      };

      esphome = {
        deployment = {
          targetHost = "esphome.z9.ccchh.net";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "thinkcccluster" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/esphome
        ];
      };

      public-reverse-proxy = {
        deployment = {
          targetHost = "public-reverse-proxy.z9.ccchh.net";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "thinkcccluster" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/public-reverse-proxy
        ];
      };

      netbox = {
        deployment = {
          targetHost = "netbox-intern.hamburg.ccc.de";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "chaosknoten" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/netbox
        ];
      };

      matrix = {
        deployment = {
          targetHost = "matrix-intern.hamburg.ccc.de";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "chaosknoten" ];
        };
        imports = [ 
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/matrix
        ];
      };

      public-web-static = {
        deployment = {
          targetHost = "public-web-static-intern.hamburg.ccc.de";
          targetPort = 22;
          targetUser = "colmena-deploy";
          tags = [ "chaosknoten" ];
        };
        imports = [
          ./config/common
          ./config/proxmox-vm
          ./config/hosts/public-web-static
        ];
      };
    };

    packages.x86_64-linux = {
      proxmox-nixos-template = nixos-generators.nixosGenerate {
        system = "x86_64-linux";
        modules = [
          ./config/nixos-generators/proxmox.nix
          ./config/common
          ./config/proxmox-vm
        ];
        format = "proxmox";
      };

      proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate {
        system = "x86_64-linux";
        modules = [
          ./config/nixos-generators/proxmox-chaosknoten.nix
          ./config/proxmox-chaosknoten-additional-initial-config.nix
          ./config/common
          ./config/proxmox-vm
        ];
        format = "proxmox";
      };
    };
  };
}
Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`{`
			`description = "CCCHH Nix Infrastructure";`

			`inputs = {`
Use the small channels for stable and unstable 2023-09-14 20:44:54 +02:00			`# Use the NixOS small channels for nixpkgs.`
			`# https://nixos.org/manual/nixos/stable/#sec-upgrading`
			`# https://github.com/NixOS/nixpkgs`
Upgrade to NixOS 23.11 Also see the release notes for more information: https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11 2023-12-05 17:33:49 +01:00			`nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11-small";`
Use the small channels for stable and unstable 2023-09-14 20:44:54 +02:00			`nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00
Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`# Add nixos-generators as an input.`
			`# See here: https://github.com/nix-community/nixos-generators#using-in-a-flake`
			`nixos-generators = {`
			`url = "github:nix-community/nixos-generators";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
			`};`

Upgrade to NixOS 23.11 Also see the release notes for more information: https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11 2023-12-05 17:33:49 +01:00			`outputs = { nixpkgs, nixpkgs-unstable, nixos-generators, ... }:`
Enable Shairport Sync metadata and MQTT support 2023-09-11 23:19:38 +02:00			`let`
Introduce spaceapid running at spaceapi.hamburg.ccc.de 2023-11-05 00:03:20 +01:00			`pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";`
Make AirPlay 2 work for Shairport Sync on Audio host - use nqptp - use Shairport Sync and nqptp versions, which work - disable IPv6, since Shairport Sync doesn't work with it for some reason - configure firewall for AirPlay 2 - use correct subnet 2023-10-15 21:44:25 +02:00			`# Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support.`
			`shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {`
			`shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {`
Enable Shairport Sync metadata and MQTT support 2023-09-11 23:19:38 +02:00			`# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md`
			`configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];`
			`buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];`
Make AirPlay 2 work for Shairport Sync on Audio host - use nqptp - use Shairport Sync and nqptp versions, which work - disable IPv6, since Shairport Sync doesn't work with it for some reason - configure firewall for AirPlay 2 - use correct subnet 2023-10-15 21:44:25 +02:00			`# Use specific Shairport Sync and nqptp versions, since with those the`
			`# following error doesn't happen:`
			`# fatal error: The nqptp service on this system, which is required for`
			`# Shairport Sync to operate, does not seem to be initialised.`
Use Pipewire and switch to Pipewire audio backend 2023-10-16 16:59:14 +02:00			`#`
			`# Also use a more recent dev version to fix Pipewire stuttering issue.`
			`# See:`
			`# https://github.com/mikebrady/shairport-sync/issues/1736`
			`# https://github.com/mikebrady/shairport-sync/blob/a65ec2d7f1f380bbae196d7f8f1cd6a88ef5777b/RELEASENOTES-DEVELOPMENT.md#version-432-dev-51-g98679bbb`
Make AirPlay 2 work for Shairport Sync on Audio host - use nqptp - use Shairport Sync and nqptp versions, which work - disable IPv6, since Shairport Sync doesn't work with it for some reason - configure firewall for AirPlay 2 - use correct subnet 2023-10-15 21:44:25 +02:00			`src = final.fetchFromGitHub {`
			`owner = "mikebrady";`
			`repo = finalAttr.pname;`
Use Pipewire and switch to Pipewire audio backend 2023-10-16 16:59:14 +02:00			`rev = "98679bbb54f5aaeda859e34aa28425647b8d179e";`
			`hash = "sha256-k0kcgtWk2xlG34lP0ryEaqdskYMNM68YnIRLwFR3jaY=";`
Make AirPlay 2 work for Shairport Sync on Audio host - use nqptp - use Shairport Sync and nqptp versions, which work - disable IPv6, since Shairport Sync doesn't work with it for some reason - configure firewall for AirPlay 2 - use correct subnet 2023-10-15 21:44:25 +02:00			`};`
			`});`
			`nqptp = prev.nqptp.overrideAttrs (finalAttr: previousAttr: {`
			`# See Shairport Sync version note.`
			`src = final.fetchFromGitHub {`
			`owner = "mikebrady";`
			`repo = finalAttr.pname;`
			`rev = "1.2.4";`
			`hash = "sha256-roTNcr3v2kzE6vQ5plAVtlw1+2yJplltOYsGGibtoZo=";`
			`};`
			`# Custom install phase to avoid setcap.`
			`# See:`
			`# https://github.com/mikebrady/nqptp/blob/1.2.4/Makefile.am#L23`
			`installPhase = ''`
			`mkdir -p $out/bin`
			`cp nqptp $out/bin/`
			`'';`
Enable Shairport Sync metadata and MQTT support 2023-09-11 23:19:38 +02:00			`});`
			`};`
			`in {`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`colmena = {`
			`meta = {`
			`nixpkgs = nixpkgs.legacyPackages."x86_64-linux";`
			`nodeNixpkgs = {`
Rename Audio to Audio Hauptraum Küche 2023-11-02 23:26:55 +01:00			`audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;`
Configure Audio-Hauptraum-Tafel 2023-11-04 20:49:02 +01:00			`audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`};`
Introduce spaceapid running at spaceapi.hamburg.ccc.de 2023-11-05 00:03:20 +01:00			`nodeSpecialArgs = {`
			`public-web-static = { inherit pkgs-unstable; };`
			`};`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`};`

Rename Audio to Audio Hauptraum Küche 2023-11-02 23:26:55 +01:00			`audio-hauptraum-kueche = {`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`deployment = {`
Rename Audio to Audio Hauptraum Küche 2023-11-02 23:26:55 +01:00			`targetHost = "audio-hauptraum-kueche.z9.ccchh.net";`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`targetPort = 22;`
Introduce colmena-deploy user 2023-09-14 20:19:49 +02:00			`targetUser = "colmena-deploy";`
Fix tags 2023-09-14 21:02:27 +02:00			`tags = [ "thinkcccluster" ];`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
Rename Audio to Audio Hauptraum Küche 2023-11-02 23:26:55 +01:00			`./config/hosts/audio-hauptraum-kueche`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`];`
			`};`
Configure Public-Reverse-Proxy 2023-09-14 22:12:38 +02:00
Configure Audio-Hauptraum-Tafel 2023-11-04 20:49:02 +01:00			`audio-hauptraum-tafel = {`
			`deployment = {`
			`targetHost = "audio-hauptraum-tafel.z9.ccchh.net";`
			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
			`tags = [ "thinkcccluster" ];`
			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/audio-hauptraum-tafel`
			`];`
			`};`

Add esphome host 2023-11-04 22:20:49 +01:00			`esphome = {`
			`deployment = {`
			`targetHost = "esphome.z9.ccchh.net";`
			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
			`tags = [ "thinkcccluster" ];`
			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/esphome`
			`];`
			`};`

Configure Public-Reverse-Proxy 2023-09-14 22:12:38 +02:00			`public-reverse-proxy = {`
			`deployment = {`
			`targetHost = "public-reverse-proxy.z9.ccchh.net";`
			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
			`tags = [ "thinkcccluster" ];`
			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/public-reverse-proxy`
			`];`
			`};`
Configure NetBox 2023-09-14 23:52:20 +02:00
			`netbox = {`
			`deployment = {`
Migrate NetBox to Chaosknoten and hamburg.ccc.de domain 2023-09-21 19:09:28 +02:00			`targetHost = "netbox-intern.hamburg.ccc.de";`
Configure NetBox 2023-09-14 23:52:20 +02:00			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
Migrate NetBox to Chaosknoten and hamburg.ccc.de domain 2023-09-21 19:09:28 +02:00			`tags = [ "chaosknoten" ];`
Configure NetBox 2023-09-14 23:52:20 +02:00			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/netbox`
			`];`
			`};`
Configure Matrix host Co-authored-by: julian <julian@jsts.xyz> 2023-10-06 05:33:28 +02:00
			`matrix = {`
			`deployment = {`
			`targetHost = "matrix-intern.hamburg.ccc.de";`
			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
			`tags = [ "chaosknoten" ];`
			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/matrix`
			`];`
			`};`
Configure public-web-static host for Element Web hosting Co-authored-by: julian <julian@jsts.xyz> 2023-10-07 04:29:08 +02:00
			`public-web-static = {`
			`deployment = {`
			`targetHost = "public-web-static-intern.hamburg.ccc.de";`
			`targetPort = 22;`
			`targetUser = "colmena-deploy";`
			`tags = [ "chaosknoten" ];`
			`};`
			`imports = [`
			`./config/common`
			`./config/proxmox-vm`
			`./config/hosts/public-web-static`
			`];`
			`};`
Introduce colmena config and add shairport-sync host 2023-09-11 21:40:35 +02:00			`};`

Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`packages.x86_64-linux = {`
Give the proxmox nixos template output a more descriptive name 2023-09-14 20:23:00 +02:00			`proxmox-nixos-template = nixos-generators.nixosGenerate {`
Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`system = "x86_64-linux";`
			`modules = [`
			`./config/nixos-generators/proxmox.nix`
			`./config/common`
			`./config/proxmox-vm`
			`];`
			`format = "proxmox";`
			`};`
Add configuration for Chaosknoten NixOS Proxmox image 2023-10-07 03:13:22 +02:00
			`proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate {`
			`system = "x86_64-linux";`
			`modules = [`
			`./config/nixos-generators/proxmox-chaosknoten.nix`
			`./config/proxmox-chaosknoten-additional-initial-config.nix`
			`./config/common`
			`./config/proxmox-vm`
			`];`
			`format = "proxmox";`
			`};`
Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`};`
			`};`
			`}`