-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
104 lines (76 loc) · 2.95 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
{
description = "e10";
nixConfig = {
extra-substituters = [
"https://nix-community.cachix.org"
"https://numtide.cachix.org"
"https://cache.e10.camp/e10"
"https://e10.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
"e10.cachix.org-1:/++Tmo/ghEqnLwsQJdXn04c262agRCK5PaPYz8NcVfo="
"e10:h64l3MobkrdOGab0Xaambo3ROC/w05Yi70oJ8U8ZEfQ="
];
};
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:NixOS/nixpkgs";
flake-parts.url = "github:hercules-ci/flake-parts";
nixos-anywhere.url = "github:numtide/nixos-anywhere";
nixos-anywhere.inputs.nixpkgs.follows = "nixpkgs";
nixos-anywhere.inputs.disko.follows = "disko";
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
nixos-generators.url = "github:nix-community/nixos-generators";
nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
nixos-hardware.url = "github:nixos/nixos-hardware";
haumea.url = "github:nix-community/haumea";
haumea.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs";
devenv.url = "github:cachix/devenv";
# https://github.com/NixOS/nix/issues/10647#issuecomment-2117844493
devenv.inputs.nixpkgs.follows = "nixpkgs";
treefmt.url = "github:numtide/treefmt-nix";
treefmt.inputs.nixpkgs.follows = "nixpkgs";
nixago.url = "github:nix-community/nixago";
nixago.inputs.nixpkgs.follows = "nixpkgs";
attic.url = "github:zhaofengli/attic";
attic.inputs.nixpkgs.follows = "nixpkgs";
flake-root.url = "github:srid/flake-root";
};
outputs = inputs@{ self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
imports = with inputs; [
./lib
./modules/packages/default.nix
./modules/overlays
./modules/development/shell.nix
./modules/development/ci.nix
./modules/development/treefmt.nix
./modules/development/flake-root.nix
./modules/deploy/shell.nix
./modules/deploy/configuration.nix
./modules/deploy/ansible.nix
./modules/deploy/terraform.nix
./hosts
];
systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ];
perSystem = { pkgs, system, ... }: {
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
# TODO: Make this on a per-system basis, and maybe per-package
config = {
allowUnfree = true;
permittedInsecurePackages =
[ "dotnet-sdk-6.0.428" "aspnetcore-runtime-6.0.36" ];
};
overlays = [ self.overlays.default ];
};
};
};
}