all repos — nixfiles @ 6c18a33c758f0226e660f924ddd71a6d3ad53004

System and user configuration, managed by nix and home-manager

Import server configurations

Alan Pearce
commit

6c18a33c758f0226e660f924ddd71a6d3ad53004

parent

2b09b74ba617346a0c9c932543e658837ef9e5d2

1 file changed, 63 insertions(+), 3 deletions(-)

changed files
M flake.nixflake.nix
@@ -14,6 +14,14 @@ secrets = {
       flake = false;
     };
     utils.url = "github:numtide/flake-utils";
+    agenix.url = "github:ryantm/agenix";
+    agenix.inputs.nixpkgs.follows = "nixpkgs";
+    deploy-rs.url = "github:serokell/deploy-rs";
+  };
+
+  nixConfig = {
+    extra-substituters = [ "https://deploy-rs.cachix.org" ];
+    extra-trusted-public-keys = [ "deploy-rs.cachix.org-1:xfNobmiwF/vzvK1gpfediPwpdIP0rpDV2rYqx40zdSI=" ];
   };
 
   outputs =

@@ -27,6 +35,8 @@ , darwin
     , nix-index-database
     , secrets
     , emacs-overlay
+    , agenix
+    , deploy-rs
     , ...
     }:
     let

@@ -41,7 +51,7 @@ };
     in
     {
       nixosConfigurations.prefect = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
+        system = utils.lib.system.x86_64-linux;
         specialArgs = { inherit inputs; };
         modules = [
           ./system/prefect.nix

@@ -56,7 +66,18 @@ };
       nixosConfigurations.nanopi = nixpkgs.lib.nixosSystem {
         system = utils.lib.system.aarch64-linux;
         specialArgs = { inherit inputs; };
-        modules = [ ./nanopi.nix ];
+        modules = [
+          agenix.nixosModules.default
+          ./system/nanopi.nix
+        ];
+      };
+      nixosConfigurations.linde = nixpkgs.lib.nixosSystem {
+        system = utils.lib.system.aarch64-linux;
+        specialArgs = { inherit inputs; };
+        modules = [
+          agenix.nixosModules.default
+          ./system/linde.nix
+        ];
       };
       darwinConfigurations.mba = darwin.lib.darwinSystem {
         system = utils.lib.system.aarch64-darwin;

@@ -99,5 +120,44 @@ nix-index-database.hmModules.nix-index
           (secrets + "/default.nix")
         ];
       };
-    };
+
+      checks = builtins.mapAttrs
+        (system: deployLib:
+          deployLib.deployChecks self.deploy)
+        deploy-rs.lib;
+
+      deploy = {
+        remoteBuild = true;
+        interactiveSudo = true;
+        nodes.linde = {
+          hostname = "linde";
+          profiles.system = {
+            user = "root";
+            path = deploy-rs.lib.${utils.lib.system.aarch64-linux}.activate.nixos
+              self.nixosConfigurations.linde;
+          };
+        };
+        nodes.nanopi = {
+          hostname = "nanopi";
+          profiles.system = {
+            user = "root";
+            path = deploy-rs.lib.${utils.lib.system.aarch64-linux}.activate.nixos
+              self.nixosConfigurations.nanopi;
+          };
+        };
+      };
+    } // utils.lib.eachDefaultSystem (system:
+    let
+      pkgs = import nixpkgs { inherit system; };
+    in
+    {
+      devShells = {
+        default = pkgs.mkShell {
+          packages = [
+            deploy-rs.packages.${system}.default
+            agenix.packages.${system}.default
+          ];
+        };
+      };
+    });
 }