forked from tiiuae/ghaf-infra
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
104 lines (92 loc) · 2.5 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# SPDX-FileCopyrightText: 2022-2024 TII (SSRC) and the Ghaf contributors
# SPDX-License-Identifier: Apache-2.0
{
description = "NixOS configurations for Ghaf Infra";
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
# jenkins-job-builder is broken on 24.11 currently
nixpkgs-24-05.url = "github:nixos/nixpkgs/nixos-24.05";
# Allows us to structure the flake with the NixOS module system
flake-parts.url = "github:hercules-ci/flake-parts";
flake-root.url = "github:srid/flake-root";
# Secrets with sops-nix
sops-nix = {
url = "github:mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# Disko for disk partitioning
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
# Format all the things
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# For preserving compatibility with non-Flake users
flake-compat = {
url = "github:nix-community/flake-compat";
flake = false;
};
# Used for deploying remote systems
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
# Utilities used in the jenkins pipelines
robot-framework = {
url = "github:tiiuae/ci-test-automation";
inputs.nixpkgs.follows = "nixpkgs";
};
sbomnix = {
url = "github:tiiuae/sbomnix";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
flake-compat.follows = "flake-compat";
flake-root.follows = "flake-root";
treefmt-nix.follows = "treefmt-nix";
};
};
ci-yubi = {
url = "github:tiiuae/ci-yubi";
inputs.nixpkgs.follows = "nixpkgs";
};
# Installed into devshell
nix-fast-build = {
url = "github:Mic92/nix-fast-build";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
treefmt-nix.follows = "treefmt-nix";
};
};
};
outputs =
inputs@{ flake-parts, nixpkgs, ... }:
flake-parts.lib.mkFlake
{
inherit inputs;
specialArgs = {
inherit (nixpkgs) lib;
};
}
{
systems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
imports = [
./hosts
./nix
./services
./users
];
};
}