deploy/flake.nix

   1 {
   2   inputs = {
   3     devshell.url = "github:numtide/devshell";
   4     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable?dir=lib";
   5     # Uncomment temporarily below value and replace with local path to
   6     # your secrets, and replace "follows" key below to use it.
   7     #secrets-local.url = "path:/home/immae/projets/mes_sites/nixops-secrets";
   8     secrets = {
   9       type = "git";
  10       url = "git+ssh://gitolite@git.immae.eu/perso/Immae/Config/Nix/Nixops/Secrets";
  11       ref = "master";
  12     };
  13     main-flake.url = "path:../flakes";
  14     main-flake.inputs.secrets.follows = "secrets";
  15   };
  16   outputs = inputs@{ self, nixpkgs, main-flake, devshell, ... }: {
  17     sops-vars-file = (inputs.secrets-local or inputs.secrets).vars-file;
  18     devShells.x86_64-linux.default = devshell.legacyPackages.x86_64-linux.mkShell {
  19       env = [
  20         { name = "NIX_BUILD_TOP"; value = ""; }
  21         { name = "SOPS_VARS_FILE"; value = builtins.toString self.sops-vars-file; }
  22       ];
  23     };
  24     colmena =
  25       let
  26         nodeFlakes = main-flake.subflakes.nodes;
  27         hosts = builtins.attrNames nodeFlakes;
  28         toHostNixpkgs = name: nodeFlakes.${name}.colmena.meta.nixpkgs;
  29         toHostSpecialArgs = name: nodeFlakes.${name}.colmena.meta.specialArgs;
  30         toHostColmena = name: nodeFlakes.${name}.colmena.${name};
  31
  32       in nixpkgs.lib.genAttrs hosts toHostColmena
  33         // {
  34         meta = {
  35           # nixpkgs is required for colmena, but only lib is actually used
  36           nixpkgs.lib = nixpkgs.lib;
  37           specialArgs.secrets = main-flake.subflakes.secrets;
  38           nodeNixpkgs = nixpkgs.lib.genAttrs hosts toHostNixpkgs;
  39           nodeSpecialArgs = nixpkgs.lib.genAttrs hosts toHostSpecialArgs;
  40         };
  41       };
  42   };
  43 }