{ description = "NixOS system configuration"; inputs = { nixpkgs.url = "nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; # nixpkgs-master.url = "nixpkgs"; agenix.url = "github:ryantm/agenix"; deploy-rs.url = "github:serokell/deploy-rs"; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; home-manager = { url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; firefox-gnome-theme = { url = "github:rafaelmardojai/firefox-gnome-theme"; flake = false; }; gitea-github-theme = { url = "git+ssh://git@git.vimium.com/jordan/gitea-github-theme.git?ref=main"; flake = false; }; impermanence.url = "github:nix-community/impermanence"; kvlibadwaita = { url = "github:GabePoel/KvLibadwaita"; flake = false; }; nixos-hardware.url = "github:NixOS/nixos-hardware"; nixos-mailserver = { url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; inputs.nixpkgs.follows = "nixpkgs"; }; nixvim = { url = "github:nix-community/nixvim/nixos-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; pre-commit-hooks = { url = "github:cachix/git-hooks.nix"; inputs.nixpkgs.follows = "nixpkgs"; }; secrets = { url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git"; flake = false; }; stylix.url = "github:danth/stylix/release-24.11"; thunderbird-gnome-theme = { url = "github:rafaelmardojai/thunderbird-gnome-theme"; flake = false; }; }; outputs = inputs@{ self, nixpkgs, ... }: let inherit (nixpkgs) lib; domain = "mesh.vimium.net"; forEachSystem = lib.genAttrs [ "x86_64-linux" "aarch64-linux" ]; mkDeployNode = hostName: { hostname = "${hostName}.${domain}"; profiles.system = { user = "root"; path = inputs.deploy-rs.lib.${ self.nixosConfigurations.${hostName}.config.system.build.toplevel.system }.activate.nixos self.nixosConfigurations.${hostName}; }; }; in { overlays = lib.packagesFromDirectoryRecursive { callPackage = path: overrides: import path; directory = ./overlays; }; legacyPackages = forEachSystem ( system: lib.packagesFromDirectoryRecursive { callPackage = nixpkgs.legacyPackages.${system}.callPackage; directory = ./pkgs; } ); nixosConfigurations = lib.pipe ./hosts [ builtins.readDir (lib.filterAttrs (name: value: value == "directory")) (lib.mapAttrs ( name: value: lib.nixosSystem { specialArgs = { inherit inputs; }; modules = [ { networking = { inherit domain; hostName = name; }; } ./hosts/${name} ]; } )) ]; checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib // (forEachSystem (system: { pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run { src = ./.; hooks = { check-case-conflicts.enable = true; check-executables-have-shebangs.enable = true; check-merge-conflicts.enable = true; deadnix = { enable = true; settings = { noLambdaArg = true; }; }; detect-private-keys.enable = true; end-of-file-fixer.enable = true; fix-byte-order-marker.enable = true; mixed-line-endings.enable = true; nixfmt-rfc-style.enable = true; trim-trailing-whitespace.enable = true; }; }; })); formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style); devShells = forEachSystem (system: { default = nixpkgs.legacyPackages.${system}.mkShell { inherit (self.checks.${system}.pre-commit-check) shellHook; buildInputs = [ inputs.agenix.packages.${system}.agenix inputs.deploy-rs.packages.${system}.deploy-rs ] ++ self.checks.${system}.pre-commit-check.enabledPackages; }; }); deploy = { magicRollback = true; autoRollback = true; sshUser = "root"; nodes = lib.genAttrs [ "mail" # "pi" # "skycam" "vps1" ] mkDeployNode; }; }; }