git.delta.rocks / jrsonnet / refs/commits / b47cfbf24126

1{1{
2  "nodes": {2  "nodes": {
3    "flake-utils": {
4      "locked": {
5        "lastModified": 1631561581,
6        "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
7        "owner": "numtide",
8        "repo": "flake-utils",
9        "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
10        "type": "github"
11      },
12      "original": {
13        "owner": "numtide",
14        "repo": "flake-utils",
15        "type": "github"
16      }
17    },
3    "nixpkgs": {18    "nixpkgs": {
4      "locked": {19      "locked": {
5        "lastModified": 1605344435,20        "lastModified": 1632011270,
6        "narHash": "sha256-Xx66M/eTwLc97sge6y210qMBZe2qwrpSqWagfEAOF0M=",21        "narHash": "sha256-UyEYSWTKB3boKu5JX/TrQtnAgaYvfSWT61VU8ZT1juk=",
7        "owner": "nixos",22        "owner": "nixos",
8        "repo": "nixpkgs",23        "repo": "nixpkgs",
9        "rev": "d67b00e8f0b378b1700e12f5b8e68c0706839c9a",24        "rev": "7f59b4b5295b58659064a91d0bcc8e8a11d0b351",
10        "type": "github"25        "type": "github"
11      },26      },
12      "original": {27      "original": {
13        "owner": "nixos",28        "owner": "nixos",
29        "ref": "staging-next",
14        "repo": "nixpkgs",30        "repo": "nixpkgs",
15        "type": "github"31        "type": "github"
16      }32      }
17    },33    },
18    "root": {34    "root": {
19      "inputs": {35      "inputs": {
36        "flake-utils": "flake-utils",
20        "nixpkgs": "nixpkgs"37        "nixpkgs": "nixpkgs",
38        "rust-overlay": "rust-overlay"
21      }39      }
22    }40    },
41    "rust-overlay": {
42      "flake": false,
43      "locked": {
44        "lastModified": 1631758650,
45        "narHash": "sha256-7OAtO2V8omtPaoFBASTfPA5m8MzN5LX8agk0k5p8dH0=",
46        "owner": "oxalica",
47        "repo": "rust-overlay",
48        "rev": "4e79ebf67452cca4ae938180728f9f513e828d5b",
49        "type": "github"
50      },
51      "original": {
52        "owner": "oxalica",
53        "repo": "rust-overlay",
54        "type": "github"
55      }
56    }
23  },57  },
24  "root": "root",58  "root": "root",
25  "version": 759  "version": 7

2  description = "NixOS configuration management";2  description = "NixOS configuration management";
33
4  inputs = {4  inputs = {
5    nixpkgs.url = "github:nixos/nixpkgs";5    nixpkgs.url = "github:nixos/nixpkgs/staging-next";
6    rust-overlay = { url = "github:oxalica/rust-overlay"; flake = false; };
7    flake-utils.url = "github:numtide/flake-utils";
6  };8  };
7  outputs = { self, nixpkgs }: with nixpkgs.lib; rec {9  outputs = { self, rust-overlay, flake-utils, nixpkgs }: with nixpkgs.lib; rec {
8    lib = import ./lib;10    lib = import ./lib;
9  };11  } // flake-utils.lib.eachDefaultSystem (system:
12    let
13      pkgs = import nixpkgs
14        {
15          inherit system; overlays = [ (import rust-overlay) ];
16        };
17      llvmPkgs = pkgs.buildPackages.llvmPackages_11;
18      rust = (pkgs.rustChannelOf { date = "2021-08-16"; channel = "nightly"; }).default.override { extensions = [ "rust-src" ]; };
19      rustPlatform = pkgs.makeRustPlatform { cargo = rust; rustc = rust; };
20    in
21    {
22      devShell = (pkgs.mkShell.override { stdenv = llvmPkgs.stdenv; }) {
23        nativeBuildInputs = with pkgs; [
24          rust
25          cargo-edit
26          cargo-udeps
27
28          pkgconfig
29          openssl
30        ];
31      };
32    });
10}33}
1134

1{1{
2  fleetConfiguration = { nixpkgs, hosts, ... }@allConfig:2  fleetConfiguration = { data, nixpkgs, hosts, ... }@allConfig:
3    let3    let
4      config = builtins.removeAttrs allConfig [ "nixpkgs" ];4      config = builtins.removeAttrs allConfig [ "nixpkgs" "data" ];
5    in5    in
6    rec {6    rec {
7      root = nixpkgs.lib.evalModules {7      root = nixpkgs.lib.evalModules {
8        modules =8        modules = (import ../modules/modules.nix { inherit data; }) ++ [ config ];
9          (import ../modules/modules.nix) ++ [
10            config
11            (
12              { ... }: {
13                options = { };
14                config = {
15                  # Secret data is available only via fleet build-systems
16                  secrets =
17                    if builtins?getEnv then
18                      let
19                        stringData = builtins.getEnv "SECRET_DATA";
20                      in
21                      if stringData != "" then (builtins.fromJSON stringData) else { }
22                    else { };
23                };
24              }
25            )
26          ];
27        specialArgs = {9        specialArgs = {
28          inherit nixpkgs;10          inherit nixpkgs;

1# Shared functions for fleet configuration, available as `fleet` module argument1# Shared functions for fleet configuration, available as `fleet` module argument
2{ nixpkgs, hosts }: with nixpkgs.lib; rec {2{ nixpkgs, hosts }: with nixpkgs.lib; rec {
3  mkSecret =
4    let
5      system = builtins.currentSystem;
6      pkgs = import nixpkgs { inherit system; };
7      keys = builtins.getEnv "RAGE_KEYS";
8      encryptCmd = "rage ${keys} -a";
9      impuritySource = builtins.getEnv "IMPURITY_SOURCE";
10    in
11    f:
12    let
13      data = f { inherit pkgs encryptCmd; };
14    in
15    builtins.derivation {
16      inherit system;
17      name = "secret";
18
19      builder = "${pkgs.bash}/bin/bash";
20      args = [
21        (
22          pkgs.writeTextFile {
23            name = "./build-${impuritySource}.sh";
24            text = data.script;
25            executable = true;
26          }
27        )
28      ];
29
30      PATH = "${pkgs.coreutils}/bin:${pkgs.rage}/bin${builtins.concatStringsSep "" (builtins.map (n: ":${n}/bin") data.utils)}";
31    };
32  # Modules can't register hosts because of infinite recursion3  # Modules can't register hosts because of infinite recursion
33  hostNames = attrNames hosts;4  hostNames = attrNames hosts;
34  hostsToAttrs = f: listToAttrs (5  hostsToAttrs = f: listToAttrs (

1[1{ data }: [
2  ./networking/wireguard2  ./hosts.nix
3  ./root.nix3  ./secrets
4  data
4]5]
56