nix-config/flake.nix

{
  description = "NixOS system configuration";

  inputs = {
    nixpkgs.url = "nixpkgs/nixos-23.11";
    agenix.url = "github:ryantm/agenix";
    deploy-rs.url = "github:serokell/deploy-rs";
    home-manager = {
      url = "github:nix-community/home-manager/release-23.11";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    firefox-gnome-theme = {
      url = "github:rafaelmardojai/firefox-gnome-theme";
      flake = false;
    };
    nixos-hardware.url = "github:NixOS/nixos-hardware";
    secrets = {
      url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
      flake = false;
    };
    thunderbird-gnome-theme = {
      url = "github:rafaelmardojai/thunderbird-gnome-theme";
      flake = false;
    };
  };

  outputs = inputs @ { self, nixpkgs, agenix, deploy-rs, home-manager, nixos-hardware, secrets, ... }:
    let
      nixpkgsForSystem = system: inputs.nixpkgs;
      overlays = [
        agenix.overlays.default
        (import ./overlays/gnome.nix)
      ];
      commonModules = [
        agenix.nixosModules.age
        home-manager.nixosModule
        ./modules
      ];
      nixosSystem = { system, name, extraModules ? [] }:
        let
          nixpkgs = nixpkgsForSystem system;
          lib = (import nixpkgs { inherit overlays system; }).lib;
        in
        inputs.nixpkgs.lib.nixosSystem {
          inherit lib system;
          specialArgs = { modulesPath = toString (nixpkgs + "/nixos/modules"); inherit inputs; };
          baseModules = import (nixpkgs + "/nixos/modules/module-list.nix");
          modules = commonModules ++ [
            ({ config, ... }:
              {
                nixpkgs.pkgs = import nixpkgs {
                  inherit overlays system;
                  config.allowUnfree = true;
                };
                networking.hostName = name;
                nix = {
                  extraOptions = "experimental-features = nix-command flakes";
                };
              })
            ./hosts/${name}
          ] ++ extraModules;
        };
    in
    {
      nixosConfigurations = {
        atlas = nixosSystem { system = "x86_64-linux"; name = "atlas"; };
        eos = nixosSystem { system = "x86_64-linux"; name = "eos"; };
        helios = nixosSystem { system = "x86_64-linux"; name = "helios"; };
        odyssey = nixosSystem { system = "x86_64-linux"; name = "odyssey"; };
        pi = nixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
        vps1 = nixosSystem { system = "x86_64-linux"; name = "vps1"; };
      };

      deploy.nodes = {
        pi = {
          hostname = "10.0.1.191";
          sshUser = "jordan";
          user = "root";

          profiles.system = {
            user = "root";
            path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.pi;
          };
        };
        vps1 = {
          magicRollback = true;
          autoRollback = true;
          hostname = "vps1.mesh.vimium.net";
          profiles.system = {
            user = "root";
            path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.vps1;
      };

      # checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
    };
}