peter/haccfiles
1
0
Fork 0
forked from hacc/haccfiles
Code Issues Pull requests Projects Releases Wiki Activity
haccfiles/flake.nix
stuebinm 8d9df0e20e mattermost: 7.1.4 → 7.1.7 
apparently the 7.1.x series is now old enough that even though it
does still get security fixes, the mattermost team no longer mentions
this on their blog, so we missed out on a couple. fun!
2023-03-24 03:49:37 +01:00

94 lines
3.3 KiB
Nix
Raw Blame History

{
description = "hacc infra stuff";
inputs = {
mattermost-webapp.url = "https://releases.mattermost.com/7.1.7/mattermost-7.1.7-linux-amd64.tar.gz";
mattermost-webapp.flake = false;
mattermost-server.url = "github:mattermost/mattermost-server?ref=v7.1.7";
mattermost-server.flake = false;
nixpkgs.url = "nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable";
nix-hexchen.url = "gitlab:hexchen/nixfiles";
nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.05";
tracktrain.url = "git+https://stuebinm.eu/git/tracktrain?ref=main";
tracktrain.flake = false;
deploy-rs.url = "github:serokell/deploy-rs";
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
# these exist mostly to make the flake.lock somewhat more human-friendly
# note that in theory doing this might break things, but it seems fairly unlikely
nix-hexchen.inputs = {
nixos-mailserver.follows = "nixos-mailserver";
nixpkgs.follows = "nixpkgs-unstable";
deploy-rs.follows = "deploy-rs";
doom-emacs.follows = "nix-hexchen/nix-doom-emacs/doom-emacs";
emacs-overlay.follows = "nix-hexchen/nix-doom-emacs/emacs-overlay";
flake-utils.follows = "/deploy-rs/utils";
};
nixos-mailserver.inputs = {
"nixpkgs-22_05".follows = "nixpkgs";
nixpkgs.follows = "nixpkgs-unstable";
};
};
outputs = { self, nixpkgs, nix-hexchen, deploy-rs, ... }@inputs:
let modules = nix-hexchen.nixosModules;
profiles = nix-hexchen.nixosModules.profiles // {
container = import ./modules/container-profile.nix;
};
pkgs = import ./pkgs {
sources = inputs;
system = "x86_64-linux";
};
evalConfig = config: (nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
config
nix-hexchen.nixosModules.network.nftables
{ nixpkgs.pkgs = pkgs; }
];
specialArgs = {
inherit modules profiles evalConfig;
sources = inputs;
};
}).config.system.build.toplevel;
in {
# do this by hand instead of via nix-hexchen/lib/hosts.nix, since that one
# apparently can't support pkgs depending on flake inputs
nixosConfigurations.parsons = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/parsons/configuration.nix
{ nixpkgs.pkgs = pkgs; }
{ environment.etc."haccfiles".source = self.outPath; }
];
specialArgs = {
# with a few exceptions, the flake inputs can be used the same
# as the niv-style (import nix/sources.nix {})
sources = inputs;
inherit modules profiles evalConfig;
};
};
deploy.nodes.parsons = {
hostname = "parsons";
profiles.system = {
user = "root";
autoRollback = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.parsons;
};
};
# This is highly advised, and will prevent many possible mistakes
checks = builtins.mapAttrs
(system: deployLib: deployLib.deployChecks self.deploy)
deploy-rs.lib;
packages.x86_64-linux =
self.nixosConfigurations.parsons.config.hacc.websites.builders;
};
}
Reference in a new issue View git blame Copy permalink