infra/flake.nix

{
  description = "NixOS configuration of our builders";

  nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];
  nixConfig.extra-trusted-public-keys = [
    "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
  ];

  inputs = {
    buildbot-nix.inputs.flake-parts.follows = "flake-parts";
    buildbot-nix.inputs.hercules-ci-effects.follows = "hercules-ci-effects";
    buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";
    buildbot-nix.inputs.treefmt-nix.follows = "treefmt-nix";
    buildbot-nix.url = "github:nix-community/buildbot-nix";
    disko.inputs.nixpkgs.follows = "nixpkgs";
    disko.url = "github:nix-community/disko";
    empty.url = "github:nix-systems/empty";
    flake-compat.url = "github:nix-community/flake-compat";
    flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
    flake-parts.url = "github:hercules-ci/flake-parts";
    hercules-ci-effects.inputs.flake-parts.follows = "flake-parts";
    hercules-ci-effects.inputs.nixpkgs.follows = "nixpkgs";
    hercules-ci-effects.url = "github:qowoz/hercules-ci-effects/darwin-sudo";
    hydra.flake = false;
    hydra.url = "github:qowoz/hydra/community";
    lite-config.url = "github:yelite/lite-config";
    nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
    nix-darwin.url = "github:qowoz/nix-darwin/darwin-sudo";
    nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
    nix-index-database.url = "github:nix-community/nix-index-database";
    nixos-facter-modules.url = "github:nix-community/nixos-facter-modules";
    nixpkgs-update-github-releases.flake = false;
    nixpkgs-update-github-releases.url = "github:nix-community/nixpkgs-update-github-releases";
    nixpkgs-update.inputs.mmdoc.follows = "empty";
    nixpkgs-update.inputs.treefmt-nix.follows = "treefmt-nix";
    nixpkgs-update.url = "github:nix-community/nixpkgs-update/infra";
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
    nur-update.inputs.nixpkgs.follows = "nixpkgs";
    nur-update.url = "github:nix-community/nur-update";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
    sops-nix.url = "github:Mic92/sops-nix";
    srvos.inputs.nixpkgs.follows = "nixpkgs";
    srvos.url = "github:nix-community/srvos";
    systems.url = "github:nix-systems/default";
    treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
    treefmt-nix.url = "github:numtide/treefmt-nix";
  };

  outputs =
    inputs@{ flake-parts, self, ... }:
    flake-parts.lib.mkFlake { inherit inputs; } {
      systems = import inputs.systems;

      imports = [
        ./dev/docs.nix
        ./dev/effect-deploy.nix
        ./modules
        inputs.hercules-ci-effects.flakeModule
        inputs.lite-config.flakeModule
        inputs.treefmt-nix.flakeModule
      ];

      lite-config =
        { lib, ... }:
        {
          nixpkgs = {
            config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "terraform" ];
            overlays = [
              (final: prev: (import ./dev/packages.nix { inherit final prev inputs; }))
            ];
          };

          hostModuleDir = ./hosts;

          hosts = {
            build01.system = "x86_64-linux";
            build02.system = "x86_64-linux";
            build03.system = "x86_64-linux";
            build04.system = "aarch64-linux";
            build05.system = "aarch64-linux";
            darwin01.system = "aarch64-darwin";
            darwin02.system = "aarch64-darwin";
            web02.system = "x86_64-linux";
          };

          systemModules = [
            (
              { hostPlatform, ... }:
              {
                imports =
                  lib.optionals hostPlatform.isDarwin [ ./modules/darwin/common ]
                  ++ lib.optionals hostPlatform.isLinux [ ./modules/nixos/common ];
              }
            )
          ];
        };

      perSystem =
        {
          inputs',
          lib,
          pkgs,
          self',
          system,
          ...
        }:
        {
          imports = [
            ./dev/shell.nix
            ./terraform/shell.nix
          ];
          treefmt = {
            flakeCheck = system == "x86_64-linux";
            imports = [ ./dev/treefmt.nix ];
          };

          checks =
            let
              darwinConfigurations = lib.mapAttrs' (
                name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
              ) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.darwinConfigurations);
              devShells = lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells;
              nixosConfigurations = lib.mapAttrs' (
                name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel
              ) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.nixosConfigurations);
            in
            darwinConfigurations
            // devShells
            // {
              inherit (self') formatter;
            }
            // nixosConfigurations
            // pkgs.lib.optionalAttrs (system == "x86_64-linux") {
              inherit (self'.packages) docs docs-linkcheck;
              nixpkgs-update-supervisor-test = pkgs.callPackage ./hosts/build02/supervisor_test.nix { };
              nixosTests-buildbot = pkgs.nixosTests.buildbot;
              nixosTests-buildbot-nix-master = inputs'.buildbot-nix.checks.master;
              nixosTests-buildbot-nix-worker = inputs'.buildbot-nix.checks.worker;
              nixosTests-harmonia = pkgs.nixosTests.harmonia;
              nixosTests-hydra = pkgs.nixosTests.hydra.hydra;
            };
        };
    };
}
switch to flake 2022-04-10 20:57:52 +02:00			`{`
			`description = "NixOS configuration of our builders";`

format tree 2024-07-24 19:05:26 +10:00			`nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];`
export binary caches via flake 2022-04-18 07:42:44 +02:00			`nixConfig.extra-trusted-public-keys = [`
			`"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="`
			`];`

switch to flake 2022-04-10 20:57:52 +02:00			`inputs = {`
add buildbot 2023-10-25 11:53:51 +10:00			`buildbot-nix.inputs.flake-parts.follows = "flake-parts";`
flake: sort inputs 2024-11-27 13:15:38 +10:00			`buildbot-nix.inputs.hercules-ci-effects.follows = "hercules-ci-effects";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`buildbot-nix.inputs.nixpkgs.follows = "nixpkgs";`
add buildbot 2023-10-25 11:53:51 +10:00			`buildbot-nix.inputs.treefmt-nix.follows = "treefmt-nix";`
flake: update buildbot-nix 2024-09-23 23:24:31 +10:00			`buildbot-nix.url = "github:nix-community/buildbot-nix";`
re-install build04 2022-12-30 20:49:32 +01:00			`disko.inputs.nixpkgs.follows = "nixpkgs";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`disko.url = "github:nix-community/disko";`
flake: use empty flake input easier to read than `""` and `[]` 2024-06-01 13:56:59 +10:00			`empty.url = "github:nix-systems/empty";`
flake: add nix-community/flake-compat 2023-04-12 13:20:42 +10:00			`flake-compat.url = "github:nix-community/flake-compat";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";`
			`flake-parts.url = "github:hercules-ci/flake-parts";`
flake: add hercules-ci-effects 2024-07-22 15:02:19 +10:00			`hercules-ci-effects.inputs.flake-parts.follows = "flake-parts";`
			`hercules-ci-effects.inputs.nixpkgs.follows = "nixpkgs";`
flake.lock: Update Flake lock file updates: • Updated input 'hercules-ci-effects': 'github:hercules-ci/hercules-ci-effects/06519cec8fb32d219006da6eacd255504a9996af?narHash=sha256-0CjCfbq0yHWexOrpO06e2WU1r5JAqR6ffy1zgM3NksI%3D' (2025-02-15) → 'github:qowoz/hercules-ci-effects/e129a705754c7dff65239e04c3b7f42f84790690?narHash=sha256-Etb3XEeFxj/8OyPrKmOH6ULv7PlxfQPtC3bterTv63I%3D' (2025-03-09) • Updated input 'nix-darwin': 'github:LnL7/nix-darwin/adf5c88ba1fe21af5c083b4d655004431f20c5ab?narHash=sha256-0HwrTDXp9buEwal/1ymK9uQmzUD5ozIA7CJGqnT/gLs%3D' (2025-03-06) → 'github:qowoz/nix-darwin/6ff917b5dc3fdd5e5381dcfb3082c6047a67f517?narHash=sha256-0y4rgdVnX5yw6Dma90URwjareAOBIX96i/xxFLWx7S4%3D' (2025-03-09) 2025-03-09 15:24:41 +10:00			`hercules-ci-effects.url = "github:qowoz/hercules-ci-effects/darwin-sudo";`
hydra: switch to fork 2024-07-06 16:58:34 +10:00			`hydra.flake = false;`
			`hydra.url = "github:qowoz/hydra/community";`
flake: add lite-config 2024-08-17 21:49:16 +10:00			`lite-config.url = "github:yelite/lite-config";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`nix-darwin.inputs.nixpkgs.follows = "nixpkgs";`
flake.lock: Update Flake lock file updates: • Updated input 'hercules-ci-effects': 'github:hercules-ci/hercules-ci-effects/06519cec8fb32d219006da6eacd255504a9996af?narHash=sha256-0CjCfbq0yHWexOrpO06e2WU1r5JAqR6ffy1zgM3NksI%3D' (2025-02-15) → 'github:qowoz/hercules-ci-effects/e129a705754c7dff65239e04c3b7f42f84790690?narHash=sha256-Etb3XEeFxj/8OyPrKmOH6ULv7PlxfQPtC3bterTv63I%3D' (2025-03-09) • Updated input 'nix-darwin': 'github:LnL7/nix-darwin/adf5c88ba1fe21af5c083b4d655004431f20c5ab?narHash=sha256-0HwrTDXp9buEwal/1ymK9uQmzUD5ozIA7CJGqnT/gLs%3D' (2025-03-06) → 'github:qowoz/nix-darwin/6ff917b5dc3fdd5e5381dcfb3082c6047a67f517?narHash=sha256-0y4rgdVnX5yw6Dma90URwjareAOBIX96i/xxFLWx7S4%3D' (2025-03-09) 2025-03-09 15:24:41 +10:00			`nix-darwin.url = "github:qowoz/nix-darwin/darwin-sudo";`
modules/community-builder: add nix-index, comma 2024-09-05 18:00:13 +10:00			`nix-index-database.inputs.nixpkgs.follows = "nixpkgs";`
			`nix-index-database.url = "github:nix-community/nix-index-database";`
flake: nixos-facter-modules: numtide -> nix-community 2025-01-08 08:55:27 +10:00			`nixos-facter-modules.url = "github:nix-community/nixos-facter-modules";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`nixpkgs-update-github-releases.flake = false;`
			`nixpkgs-update-github-releases.url = "github:nix-community/nixpkgs-update-github-releases";`
flake: use empty flake input easier to read than `""` and `[]` 2024-06-01 13:56:59 +10:00			`nixpkgs-update.inputs.mmdoc.follows = "empty";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`nixpkgs-update.inputs.treefmt-nix.follows = "treefmt-nix";`
nixpkgs-update: use tools from $PATH 2024-12-24 07:20:31 +10:00			`nixpkgs-update.url = "github:nix-community/nixpkgs-update/infra";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";`
			`nur-update.inputs.nixpkgs.follows = "nixpkgs";`
			`nur-update.url = "github:nix-community/nur-update";`
			`sops-nix.inputs.nixpkgs.follows = "nixpkgs";`
			`sops-nix.url = "github:Mic92/sops-nix";`
			`srvos.inputs.nixpkgs.follows = "nixpkgs";`
			`srvos.url = "github:nix-community/srvos";`
flake: add nix-systems adding this so we can use it for follows and limit clutter in the lockfile 2024-05-30 10:10:06 +10:00			`systems.url = "github:nix-systems/default";`
flake: `treefmt-nix` follow nixpkgs Flake lock file updates: • Updated input 'treefmt-nix/nixpkgs': 'github:nixos/nixpkgs/0591d6b57bfeb55dfeec99a671843337bc2c3323' (2023-02-04) → follows 'nixpkgs' 2023-02-06 14:42:30 +10:00			`treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";`
flake: sort inputs I find the sorted inputs both easier to read and work with. Idea copied from https://github.com/zimbatm/home/blob/c93fff3f319a31d6ba0ef46e1f68cb91b5bafda4/flake.nix 2024-06-01 13:49:55 +10:00			`treefmt-nix.url = "github:numtide/treefmt-nix";`
switch to flake 2022-04-10 20:57:52 +02:00			`};`

format tree 2024-07-24 19:05:26 +10:00			`outputs =`
			`inputs@{ flake-parts, self, ... }:`
			`flake-parts.lib.mkFlake { inherit inputs; } {`
			`systems = import inputs.systems;`
Revert "flake: split up per host" This reverts commit 9db2dcf124346219cce4457c729058481b83edbc. 2023-05-16 06:54:11 +10:00
flake: add lite-config 2024-08-17 21:49:16 +10:00			`imports = [`
docs: refactor 2025-01-18 10:09:22 +10:00			`./dev/docs.nix`
switch to effect for darwin ssh deploy 2023-12-27 10:43:18 +10:00			`./dev/effect-deploy.nix`
flake: expose {darwin,nixos}Modules automatically Co-authored-by: Jonas Chevalier <zimbatm@zimbatm.com> 2024-11-11 15:16:37 +10:00			`./modules`
switch to effect for darwin ssh deploy 2023-12-27 10:43:18 +10:00			`inputs.hercules-ci-effects.flakeModule`
flake: add lite-config 2024-08-17 21:49:16 +10:00			`inputs.lite-config.flakeModule`
			`inputs.treefmt-nix.flakeModule`
			`];`

			`lite-config =`
			`{ lib, ... }:`
			`{`
			`nixpkgs = {`
			`config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "terraform" ];`
hydra: switch to fork 2024-07-06 16:58:34 +10:00			`overlays = [`
refactor packages 2024-12-09 15:57:39 +10:00			`(final: prev: (import ./dev/packages.nix { inherit final prev inputs; }))`
hydra: switch to fork 2024-07-06 16:58:34 +10:00			`];`
flake: add lite-config 2024-08-17 21:49:16 +10:00			`};`

			`hostModuleDir = ./hosts;`

			`hosts = {`
			`build01.system = "x86_64-linux";`
			`build02.system = "x86_64-linux";`
			`build03.system = "x86_64-linux";`
			`build04.system = "aarch64-linux";`
build05: init (aarch64-build-box.nix-community.org) 2024-11-14 20:08:12 +10:00			`build05.system = "aarch64-linux";`
flake: add lite-config 2024-08-17 21:49:16 +10:00			`darwin01.system = "aarch64-darwin";`
			`darwin02.system = "aarch64-darwin";`
			`web02.system = "x86_64-linux";`
			`};`

			`systemModules = [`
			`(`
			`{ hostPlatform, ... }:`
			`{`
			`imports =`
			`lib.optionals hostPlatform.isDarwin [ ./modules/darwin/common ]`
			`++ lib.optionals hostPlatform.isLinux [ ./modules/nixos/common ];`
			`}`
			`)`
			`];`
			`};`
add treefmt-nix to repository 2022-12-31 07:18:49 +01:00
format tree 2024-07-24 19:05:26 +10:00			`perSystem =`
			`{`
			`inputs',`
			`lib,`
			`pkgs,`
			`self',`
			`system,`
			`...`
			`}:`
			`{`
			`imports = [`
			`./dev/shell.nix`
			`./terraform/shell.nix`
			`];`
			`treefmt = {`
			`flakeCheck = system == "x86_64-linux";`
			`imports = [ ./dev/treefmt.nix ];`
			`};`
flake: refactor checks 2023-09-13 11:35:21 +10:00
format tree 2024-07-24 19:05:26 +10:00			`checks =`
			`let`
			`darwinConfigurations = lib.mapAttrs' (`
flake: use host prefix for darwin and nixos configuations 2024-09-23 12:47:18 +10:00			`name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel`
format tree 2024-07-24 19:05:26 +10:00			`) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.darwinConfigurations);`
			`devShells = lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells;`
			`nixosConfigurations = lib.mapAttrs' (`
flake: use host prefix for darwin and nixos configuations 2024-09-23 12:47:18 +10:00			`name: config: lib.nameValuePair "host-${name}" config.config.system.build.toplevel`
format tree 2024-07-24 19:05:26 +10:00			`) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.nixosConfigurations);`
			`in`
			`darwinConfigurations`
			`// devShells`
			`// {`
			`inherit (self') formatter;`
			`}`
			`// nixosConfigurations`
			`// pkgs.lib.optionalAttrs (system == "x86_64-linux") {`
Revert "disable docs-linkcheck" This reverts commit 8d3c1886d9d921a2d392657c0c57c8de2688fc1d. 2024-12-30 11:41:48 +10:00			`inherit (self'.packages) docs docs-linkcheck;`
format tree 2024-07-24 19:05:26 +10:00			`nixpkgs-update-supervisor-test = pkgs.callPackage ./hosts/build02/supervisor_test.nix { };`
			`nixosTests-buildbot = pkgs.nixosTests.buildbot;`
			`nixosTests-buildbot-nix-master = inputs'.buildbot-nix.checks.master;`
			`nixosTests-buildbot-nix-worker = inputs'.buildbot-nix.checks.worker;`
nixpkgs-update: use harmonia for cache instead of cachix 2024-12-18 13:40:14 +10:00			`nixosTests-harmonia = pkgs.nixosTests.harmonia;`
flake: update hydra nixosTest 2024-09-02 13:06:43 +10:00			`nixosTests-hydra = pkgs.nixosTests.hydra.hydra;`
flake: allow unfree terraform, treefmt: switch to terraform 2024-06-01 19:33:53 +10:00			`};`
format tree 2024-07-24 19:05:26 +10:00			`};`
			`};`
switch to flake 2022-04-10 20:57:52 +02:00			`}`