forked from CCCHH/nix-infra
June
41f04732c2
Those can then be deployed using for example nixos-rebuild or bij. Also ensure all hosts have an fqdn, where possible, in order for bij to be able to work with them more easily. Tho not really, since for actual deployment one still needs to set the target manually to set usage of the colmena-deploy user. https://git.clerie.de/clerie/bij
216 lines
7 KiB
Nix
216 lines
7 KiB
Nix
{
|
|
description = "CCCHH Nix Infrastructure";
|
|
|
|
inputs = {
|
|
# Use the NixOS small channels for nixpkgs.
|
|
# https://nixos.org/manual/nixos/stable/#sec-upgrading
|
|
# https://github.com/NixOS/nixpkgs
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11-small";
|
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
|
|
|
|
# Add nixos-generators as an input.
|
|
# See here: https://github.com/nix-community/nixos-generators#using-in-a-flake
|
|
nixos-generators = {
|
|
url = "github:nix-community/nixos-generators";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
# Add sops-nix as an input for secret management.
|
|
# See here: https://github.com/Mic92/sops-nix?tab=readme-ov-file#flakes-current-recommendation
|
|
sops-nix = {
|
|
url = "github:Mic92/sops-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs = { nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }:
|
|
let
|
|
system = "x86_64-linux";
|
|
# Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support.
|
|
shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
|
|
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
|
|
# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
|
|
configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
|
|
buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
|
|
# Use specific Shairport Sync and nqptp versions, since with those the
|
|
# following error doesn't happen:
|
|
# fatal error: The nqptp service on this system, which is required for
|
|
# Shairport Sync to operate, does not seem to be initialised.
|
|
#
|
|
# Also use a more recent dev version to fix Pipewire stuttering issue.
|
|
# See:
|
|
# https://github.com/mikebrady/shairport-sync/issues/1736
|
|
# https://github.com/mikebrady/shairport-sync/blob/a65ec2d7f1f380bbae196d7f8f1cd6a88ef5777b/RELEASENOTES-DEVELOPMENT.md#version-432-dev-51-g98679bbb
|
|
src = final.fetchFromGitHub {
|
|
owner = "mikebrady";
|
|
repo = finalAttr.pname;
|
|
rev = "98679bbb54f5aaeda859e34aa28425647b8d179e";
|
|
hash = "sha256-k0kcgtWk2xlG34lP0ryEaqdskYMNM68YnIRLwFR3jaY=";
|
|
};
|
|
});
|
|
nqptp = prev.nqptp.overrideAttrs (finalAttr: previousAttr: {
|
|
# See Shairport Sync version note.
|
|
src = final.fetchFromGitHub {
|
|
owner = "mikebrady";
|
|
repo = finalAttr.pname;
|
|
rev = "1.2.4";
|
|
hash = "sha256-roTNcr3v2kzE6vQ5plAVtlw1+2yJplltOYsGGibtoZo=";
|
|
};
|
|
# Custom install phase to avoid setcap.
|
|
# See:
|
|
# https://github.com/mikebrady/nqptp/blob/1.2.4/Makefile.am#L23
|
|
installPhase = ''
|
|
mkdir -p $out/bin
|
|
cp nqptp $out/bin/
|
|
'';
|
|
});
|
|
};
|
|
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
|
|
in
|
|
{
|
|
nixosConfigurations = {
|
|
audio-hauptraum-kueche = nixpkgs-unstable.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
|
|
./config/hosts/audio-hauptraum-kueche
|
|
];
|
|
};
|
|
|
|
audio-hauptraum-tafel = nixpkgs-unstable.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
|
|
./config/hosts/audio-hauptraum-tafel
|
|
];
|
|
};
|
|
|
|
esphome = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
./config/hosts/esphome
|
|
];
|
|
};
|
|
|
|
public-reverse-proxy = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
./config/hosts/public-reverse-proxy
|
|
];
|
|
};
|
|
|
|
netbox = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
sops-nix.nixosModules.sops
|
|
./config/hosts/netbox
|
|
];
|
|
};
|
|
|
|
matrix = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
sops-nix.nixosModules.sops
|
|
./config/hosts/matrix
|
|
];
|
|
};
|
|
|
|
public-web-static = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
sops-nix.nixosModules.sops
|
|
./config/hosts/public-web-static
|
|
];
|
|
};
|
|
|
|
git = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
sops-nix.nixosModules.sops
|
|
./config/hosts/git
|
|
];
|
|
specialArgs = {
|
|
inherit pkgs-unstable;
|
|
};
|
|
};
|
|
|
|
forgejo-actions-runner = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
sops-nix.nixosModules.sops
|
|
./config/hosts/forgejo-actions-runner
|
|
];
|
|
};
|
|
|
|
ptouch-print-server = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
./config/hosts/ptouch-print-server
|
|
];
|
|
};
|
|
|
|
eh22-wiki = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
./config/hosts/eh22-wiki
|
|
];
|
|
};
|
|
|
|
nix-box-june = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./config/common
|
|
./config/proxmox-vm
|
|
./config/hosts/nix-box-june
|
|
];
|
|
};
|
|
};
|
|
|
|
packages.x86_64-linux = {
|
|
proxmox-nixos-template = nixos-generators.nixosGenerate {
|
|
system = "x86_64-linux";
|
|
modules = [
|
|
./config/nixos-generators/proxmox.nix
|
|
./config/common
|
|
./config/proxmox-vm
|
|
];
|
|
format = "proxmox";
|
|
};
|
|
|
|
proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate {
|
|
system = "x86_64-linux";
|
|
modules = [
|
|
./config/nixos-generators/proxmox-chaosknoten.nix
|
|
./config/proxmox-chaosknoten-additional-initial-config.nix
|
|
./config/common
|
|
./config/proxmox-vm
|
|
];
|
|
format = "proxmox";
|
|
};
|
|
};
|
|
|
|
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
|
|
};
|
|
}
|