diff --git a/flake.lock b/flake.lock index 28331ea..fb2e10d 100644 --- a/flake.lock +++ b/flake.lock @@ -1,73 +1,5 @@ { "nodes": { - "apple-silicon": { - "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ], - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1705557527, - "narHash": "sha256-DuxxHTQ/W5KToFLWG4FUF8hLldNo9eXlbt7JgvhrMnY=", - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "rev": "6e324ab06cb27a19409ebc1dc2664bf1e585490a", - "type": "github" - }, - "original": { - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "type": "github" - } - }, - "authentik-nix": { - "inputs": { - "authentik-src": "authentik-src", - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts", - "flake-utils": "flake-utils", - "napalm": "napalm", - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ], - "nixpkgs-23-05": "nixpkgs-23-05", - "poetry2nix": "poetry2nix" - }, - "locked": { - "lastModified": 1706549563, - "narHash": "sha256-yNPk+UP10OU4F1yBAF0w8ubwJER48mrK+tzsLT3Jnlw=", - "owner": "nix-community", - "repo": "authentik-nix", - "rev": "5fa451e05537408bd3d6f109f6740c58c0fd0aff", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "authentik-nix", - "type": "github" - } - }, - "authentik-src": { - "flake": false, - "locked": { - "lastModified": 1706546688, - "narHash": "sha256-+1IdXRt28UZ2KTa0zsmjneNUOcutP99UUwqcYyVyqTI=", - "owner": "goauthentik", - "repo": "authentik", - "rev": "e095e9f694d2a427940bc8616bc4025fef502a8b", - "type": "github" - }, - "original": { - "owner": "goauthentik", - "ref": "version/2023.10.7", - "repo": "authentik", - "type": "github" - } - }, "blobs": { "flake": false, "locked": { @@ -84,38 +16,9 @@ "type": "gitlab" } }, - "colmena": { - "inputs": { - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_2", - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ], - "stable": "stable" - }, - "locked": { - "lastModified": 1699171528, - "narHash": "sha256-ZsN6y+tgN5w84oAqRQpMhIvQM39ZNSZoZvn2AK0QYr4=", - "owner": "zhaofengli", - "repo": "colmena", - "rev": "665603956a1c3040d756987bc7a810ffe86a3b15", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "main", - "repo": "colmena", - "type": "github" - } - }, "deploy-rs": { "inputs": { - "flake-compat": [ - "nix-hexchen", - "apple-silicon", - "flake-compat" - ], + "flake-compat": "flake-compat", "nixpkgs": [ "nixpkgs" ], @@ -136,21 +39,6 @@ } }, "flake-compat": { - "locked": { - "lastModified": 1688025799, - "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", - "owner": "nix-community", - "repo": "flake-compat", - "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { "flake": false, "locked": { "lastModified": 1696426674, @@ -166,94 +54,6 @@ "type": "github" } }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1704982712, - "narHash": "sha256-2Ptt+9h8dczgle2Oo6z5ni5rt/uLMG47UFTR1ry/wgg=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "07f6395285469419cf9d078f59b5b49993198c00", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1706134977, - "narHash": "sha256-KwNb1Li3K6vuVwZ77tFjZ89AWBo7AiCs9t0Cens4BsM=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "6359d40f6ec0b72a38e02b333f343c3d4929ec10", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, "mattermost-server": { "flake": false, "locked": { @@ -284,135 +84,6 @@ "url": "https://releases.mattermost.com/8.1.10/mattermost-8.1.10-linux-amd64.tar.gz" } }, - "napalm": { - "inputs": { - "flake-utils": [ - "nix-hexchen", - "authentik-nix", - "flake-utils" - ], - "nixpkgs": [ - "nix-hexchen", - "authentik-nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703102458, - "narHash": "sha256-3pOV731qi34Q2G8e2SqjUXqnftuFrbcq+NdagEZXISo=", - "owner": "nix-community", - "repo": "napalm", - "rev": "edcb26c266ca37c9521f6a97f33234633cbec186", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "napalm", - "type": "github" - } - }, - "nix-darwin": { - "inputs": { - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1705915768, - "narHash": "sha256-+Jlz8OAqkOwJlioac9wtpsCnjgGYUhvLpgJR/5tP9po=", - "owner": "LnL7", - "repo": "nix-darwin", - "rev": "1e706ef323de76236eb183d7784f3bd57255ec0b", - "type": "github" - }, - "original": { - "owner": "LnL7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "nix-hexchen", - "authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1698974481, - "narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "4bb5e752616262457bc7ca5882192a564c0472d2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, - "nix-hexchen": { - "inputs": { - "apple-silicon": "apple-silicon", - "authentik-nix": "authentik-nix", - "colmena": "colmena", - "flake-compat": [ - "nix-hexchen", - "apple-silicon", - "flake-compat" - ], - "flake-utils": [ - "deploy-rs", - "utils" - ], - "home-manager": "home-manager", - "nix-darwin": "nix-darwin", - "nixos-hardware": "nixos-hardware", - "nixos-mailserver": [ - "nixos-mailserver" - ], - "nixpkgs": "nixpkgs", - "pnpm2nix": "pnpm2nix", - "sops-nix": [ - "sops-nix" - ], - "waybar-iceportal": "waybar-iceportal" - }, - "locked": { - "lastModified": 1707171428, - "narHash": "sha256-Q/DQjwbdPU2RcU+hEHPCmbdUj48EoWaqXwQx7sCUI7o=", - "owner": "hexchen", - "repo": "nixfiles", - "rev": "698d7dbd56720d59bca196aa19e3263490336515", - "type": "gitlab" - }, - "original": { - "owner": "hexchen", - "repo": "nixfiles", - "type": "gitlab" - } - }, - "nixos-hardware": { - "locked": { - "lastModified": 1706182238, - "narHash": "sha256-Ti7CerGydU7xyrP/ow85lHsOpf+XMx98kQnPoQCSi1g=", - "owner": "NixOS", - "repo": "nixos-hardware", - "rev": "f84eaffc35d1a655e84749228cde19922fcf55f1", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixos-hardware", - "type": "github" - } - }, "nixos-mailserver": { "inputs": { "blobs": "blobs", @@ -420,7 +91,7 @@ "deploy-rs", "flake-compat" ], - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nixpkgs-23_05": [ "nixpkgs" ], @@ -447,35 +118,19 @@ }, "nixpkgs": { "locked": { - "lastModified": 1706150372, - "narHash": "sha256-L0ioe5hifmkzltYr8Eo+72QvdDYPKHhDp9oWm3yqHkw=", + "lastModified": 1705856552, + "narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "854f4671883250e456dc1553c783ac9741a0e9a4", + "rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "type": "indirect" } }, - "nixpkgs-23-05": { - "locked": { - "lastModified": 1704290814, - "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-23_11": { "locked": { "lastModified": 1706098335, @@ -491,24 +146,6 @@ "type": "indirect" } }, - "nixpkgs-lib": { - "locked": { - "dir": "lib", - "lastModified": 1703961334, - "narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9", - "type": "github" - }, - "original": { - "dir": "lib", - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-oldstable": { "locked": { "lastModified": 1678761643, @@ -526,21 +163,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1705856552, - "narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-unstable", - "type": "indirect" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1707091808, "narHash": "sha256-LahKBAfGbY836gtpVNnWwBTIzN7yf/uYM/S0g393r0Y=", @@ -555,7 +177,7 @@ "type": "indirect" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1706925685, "narHash": "sha256-hVInjWMmgH4yZgA4ZtbgJM1qEAel72SYhP5nOWX4UIM=", @@ -571,84 +193,21 @@ "type": "github" } }, - "pnpm2nix": { - "flake": false, - "locked": { - "lastModified": 1703106649, - "narHash": "sha256-YhWzfuqNCZmKMbcoDoAT52KodjpuNj/7MklwKD0ojrg=", - "owner": "TSRBerry", - "repo": "pnpm2nix", - "rev": "8df6e2a8bd0174f4e9fa858d37c08ff3e91019bc", - "type": "github" - }, - "original": { - "owner": "TSRBerry", - "repo": "pnpm2nix", - "type": "github" - } - }, - "poetry2nix": { - "inputs": { - "flake-utils": [ - "nix-hexchen", - "authentik-nix", - "flake-utils" - ], - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "nix-hexchen", - "authentik-nix", - "nixpkgs" - ], - "systems": "systems_3", - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1705060653, - "narHash": "sha256-puYyylgrBS4AFAHeyVRTjTUVD8DZdecJfymWJe7H438=", - "owner": "nix-community", - "repo": "poetry2nix", - "rev": "e0b44e9e2d3aa855d1dd77b06f067cd0e0c3860d", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "poetry2nix", - "type": "github" - } - }, "root": { "inputs": { "deploy-rs": "deploy-rs", "mattermost-server": "mattermost-server", "mattermost-webapp": "mattermost-webapp", - "nix-hexchen": "nix-hexchen", "nixos-mailserver": "nixos-mailserver", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nixpkgs-oldstable": "nixpkgs-oldstable", "sops-nix": "sops-nix", "tracktrain": "tracktrain" } }, - "rust-overlay": { - "flake": false, - "locked": { - "lastModified": 1686795910, - "narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "nixpkgs-stable": [ "nixpkgs" ] @@ -667,22 +226,6 @@ "type": "github" } }, - "stable": { - "locked": { - "lastModified": 1696039360, - "narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "32dcb45f66c0487e92db8303a798ebc548cadedc", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.05", - "repo": "nixpkgs", - "type": "github" - } - }, "systems": { "locked": { "lastModified": 1681028828, @@ -698,35 +241,6 @@ "type": "github" } }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "id": "systems", - "type": "indirect" - } - }, "tracktrain": { "flake": false, "locked": { @@ -744,29 +258,6 @@ "url": "https://stuebinm.eu/git/tracktrain" } }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nix-hexchen", - "authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1699786194, - "narHash": "sha256-3h3EH1FXQkIeAuzaWB+nK0XK54uSD46pp+dMD3gAcB4=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "e82f32aa7f06bbbd56d7b12186d555223dc399d1", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "utils": { "inputs": { "systems": "systems" @@ -784,27 +275,6 @@ "repo": "flake-utils", "type": "github" } - }, - "waybar-iceportal": { - "inputs": { - "nixpkgs": [ - "nix-hexchen", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1661258114, - "narHash": "sha256-wdm35mfyjz/eFrtd9fMeAJwfUk6XskbyM115wYI1kVA=", - "owner": "e1mo", - "repo": "waybar-iceportal", - "rev": "13b297c2cc0b4b56d4caccd626a16b455d8d49e5", - "type": "github" - }, - "original": { - "owner": "e1mo", - "repo": "waybar-iceportal", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 8b7f985..b986d53 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,6 @@ nixpkgs.url = "nixpkgs/nixos-23.11"; nixpkgs-oldstable.url = "github:/NixOS/nixpkgs?rev=c4aec3c021620d98861639946123214207e98344"; - nix-hexchen.url = "gitlab:hexchen/nixfiles"; nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11"; tracktrain.url = "git+https://stuebinm.eu/git/tracktrain?ref=main"; @@ -17,18 +16,11 @@ deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; - deploy-rs.inputs.flake-compat.follows = "nix-hexchen/apple-silicon/flake-compat"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; # these exist mostly to make the flake.lock somewhat more human-friendly # note that in theory doing this might break things, but it seems fairly unlikely - nix-hexchen.inputs = { - nixos-mailserver.follows = "nixos-mailserver"; - flake-utils.follows = "/deploy-rs/utils"; - flake-compat.follows = "nix-hexchen/apple-silicon/flake-compat"; - sops-nix.follows = "sops-nix"; - }; nixos-mailserver.inputs = { "nixpkgs-23_05".follows = "nixpkgs"; utils.follows = "/deploy-rs/utils"; @@ -36,13 +28,13 @@ }; }; - outputs = { self, nixpkgs, nix-hexchen, deploy-rs, sops-nix, ... }@inputs: - let modules = nix-hexchen.nixosModules // { + outputs = { self, nixpkgs, deploy-rs, sops-nix, ... }@inputs: + let modules = { bindMounts = import ./modules/bindmounts.nix; nopersist = import ./modules/nopersist.nix; encboot = import ./modules/encboot.nix; }; - profiles = nix-hexchen.nixosModules.profiles // { + profiles = { container = import ./modules/container-profile.nix; }; pkgs = import ./pkgs { @@ -56,18 +48,16 @@ config { nixpkgs.pkgs = pkgs.lib.mkForce pkgs; - imports = [ modules.nopersist profiles.container]; + imports = [ modules.nopersist profiles.container ]; } ]; specialArgs = { - # modules still needed because a profile in nix-hexchen uses it + # some of our modules import each other, and evalConfig is used for containers inherit modules evalConfig; sources = inputs; }; }).config.system.build.toplevel; in { - # do this by hand instead of via nix-hexchen/lib/hosts.nix, since that one - # apparently can't support pkgs depending on flake inputs nixosConfigurations.parsons = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [