diff options
Diffstat (limited to 'deploy/flake.nix')
-rw-r--r-- | deploy/flake.nix | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/deploy/flake.nix b/deploy/flake.nix new file mode 100644 index 0000000..f613b19 --- /dev/null +++ b/deploy/flake.nix | |||
@@ -0,0 +1,45 @@ | |||
1 | { | ||
2 | inputs = { | ||
3 | devshell.url = "github:numtide/devshell"; | ||
4 | nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable?dir=lib"; | ||
5 | # Uncomment temporarily below value and replace with local path to | ||
6 | # your secrets, and replace "follows" key below to use it. | ||
7 | #secrets-local.url = "path:/home/immae/projets/mes_sites/nixops-secrets"; | ||
8 | secrets = { | ||
9 | type = "git"; | ||
10 | url = "git+ssh://gitolite@git.immae.eu/perso/Immae/Config/Nix/Nixops/Secrets"; | ||
11 | ref = "master"; | ||
12 | }; | ||
13 | main-flake.url = "path:../flakes"; | ||
14 | main-flake.inputs.secrets.follows = "secrets"; | ||
15 | }; | ||
16 | outputs = inputs@{ self, nixpkgs, main-flake, devshell, ... }: { | ||
17 | sops-vars-file = (inputs.secrets-local or inputs.secrets).vars-file; | ||
18 | # FIXME: next line Can be removed in nix 2.16.* | ||
19 | devShell.x86_64-linux = self.devShells.x86_64-linux.default; | ||
20 | devShells.x86_64-linux.default = devshell.legacyPackages.x86_64-linux.mkShell { | ||
21 | env = [ | ||
22 | { name = "NIX_BUILD_TOP"; value = ""; } | ||
23 | { name = "SOPS_VARS_FILE"; value = builtins.toString self.sops-vars-file; } | ||
24 | ]; | ||
25 | }; | ||
26 | colmena = | ||
27 | let | ||
28 | nodeFlakes = main-flake.subflakes.nodes; | ||
29 | hosts = builtins.attrNames nodeFlakes; | ||
30 | toHostNixpkgs = name: nodeFlakes.${name}.colmena.meta.nixpkgs; | ||
31 | toHostSpecialArgs = name: nodeFlakes.${name}.colmena.meta.specialArgs; | ||
32 | toHostColmena = name: nodeFlakes.${name}.colmena.${name}; | ||
33 | |||
34 | in nixpkgs.lib.genAttrs hosts toHostColmena | ||
35 | // { | ||
36 | meta = { | ||
37 | # nixpkgs is required for colmena, but only lib is actually used | ||
38 | nixpkgs.lib = nixpkgs.lib; | ||
39 | specialArgs.secrets = main-flake.subflakes.secrets; | ||
40 | nodeNixpkgs = nixpkgs.lib.genAttrs hosts toHostNixpkgs; | ||
41 | nodeSpecialArgs = nixpkgs.lib.genAttrs hosts toHostSpecialArgs; | ||
42 | }; | ||
43 | }; | ||
44 | }; | ||
45 | } | ||