blob: 9319a7a1f4031324e50d2e1198d78ea48501b852 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
{
description = "getchoo's flake for system configurations";
nixConfig = {
extra-substituters = ["https://nix-community.cachix.org"];
extra-trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="];
};
inputs = {
nixpkgsUnstable.url = "nixpkgs/nixos-unstable";
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgsUnstable";
};
# this is just to avoid having multiple versions in flake.lock
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
flake-utils.url = "github:numtide/flake-utils";
getchoo = {
url = "github:getchoo/overlay";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-compat.follows = "flake-compat";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# TODO: remove when this commit is used in lanzaboote:
# https://github.com/oxalica/rust-overlay/commit/c949d341f2b507857d589c48d1bd719896a2a224
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-compat.follows = "flake-compat";
inputs.flake-utils.follows = "flake-utils";
inputs.pre-commit-hooks-nix.follows = "pre-commit-hooks";
# TODO: ditto
inputs.rust-overlay.follows = "rust-overlay";
};
nixos-wsl = {
url = "github:nix-community/NixOS-WSL/main";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-compat.follows = "flake-compat";
inputs.flake-utils.follows = "flake-utils";
};
nixos-hardware.url = "github:NixOS/nixos-hardware";
nur.url = "github:nix-community/NUR";
openwrt-imagebuilder = {
url = "github:astro/nix-openwrt-imagebuilder";
inputs.nixpkgs.follows = "nixpkgs";
};
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgsUnstable";
inputs.nixpkgs-stable.follows = "nixpkgs";
inputs.flake-compat.follows = "flake-compat";
inputs.flake-utils.follows = "flake-utils";
};
};
outputs = inputs @ {
self,
nixpkgs,
agenix,
getchoo,
flake-utils,
openwrt-imagebuilder,
pre-commit-hooks,
...
}: let
getchooLib = getchoo.lib (inputs // {inherit self;});
inherit (getchooLib.configs) mapHMUsers mapHosts;
in
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system};
in {
checks = {
pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
actionlint.enable = true;
alejandra.enable = true;
deadnix.enable = true;
statix.enable = true;
stylua.enable = true;
};
};
};
devShells = with pkgs; {
default = mkShell {
inherit (self.checks.${system}.pre-commit-check) shellHook;
packages = [
actionlint
agenix.packages.${system}.agenix
alejandra
deadnix
fzf
git-crypt
just
statix
stylua
];
};
};
formatter = pkgs.alejandra;
homeConfigurations = mapHMUsers system ./users;
})
// {
nixosConfigurations = mapHosts ./hosts;
nixosModules.getchoo = import ./modules;
packages.x86_64-linux = let
pkgs = import nixpkgs {system = "x86_64-linux";};
in {
turret = pkgs.callPackage ./hosts/_turret {inherit openwrt-imagebuilder;};
};
};
}
|
