{ description = "A simple system flake using some Aux defaults"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; pre-commit-hooks.url = "github:cachix/git-hooks.nix"; home-manager = { url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; crowdsec = { url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git"; inputs.nixpkgs.follows = "nixpkgs"; }; agenix.url = "github:yaxitech/ragenix"; }; outputs = inputs @ { self, nixpkgs, home-manager, agenix, crowdsec, ... }: let system = "x86_64-linux"; username = "tbarnouin"; proxy_host = "192.168.1.40"; pgsql_host = "192.168.1.13"; pkgs = import nixpkgs {inherit system;}; supportedSystems = ["x86_64-linux"]; forAllSystems = nixpkgs.lib.genAttrs supportedSystems; in { checks = forAllSystems (system: { pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run { src = ./.; hooks = { alejandra.enable = true; }; }; }); nixosConfigurations = { nginx = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "nginx"; services = { vm_nginx = { enable = true; proxy_ip = proxy_host; }; }; } ]; }; pgsql = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "pgsql"; services.vm_postgresql = { enable = true; }; } ]; }; forgejo = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "forgejo"; services.vm_forgejo = { enable = true; pgsql_ip = pgsql_host; }; } ]; }; onlyoffice = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "onlyoffice"; services.vm_onlyoffice = { enable = true; pgsql_ip = pgsql_host; }; } ]; }; template = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix" "${inputs.self}/systems/minimalVMConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "nixos"; } ]; }; jellyfin = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix" "${inputs.self}/systems/minimalVMConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { services.vm_jellyfin = { enable = true; }; } ]; }; qbittorrent-vpn = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix" "${inputs.self}/systems/minimalVMConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { services.vm_qbittorrent_vpn = { enable = true; }; } ]; }; nixarr = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix" "${inputs.self}/systems/minimalVMConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { services.vm_nixarr = { enable = true; }; } ]; }; arr-box = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix" "${inputs.self}/systems/minimalVMConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { services.vm_nixarr = { enable = true; }; } ]; }; redis = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { networking.hostName = "redis"; services.vm_redis = { enable = true; }; } ]; }; grafana-lxc = nixpkgs.lib.nixosSystem { inherit system; specialArgs = {inherit inputs;}; modules = [ agenix.nixosModules.default crowdsec.nixosModules.crowdsec-firewall-bouncer "${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix" "${inputs.self}/systems/minimalLXCConfig.nix" "${inputs.self}/services" "${inputs.self}/modules" { services.vm_grafana = { enable = true; vm_ip = "192.168.1.27"; proxy_ip = proxy_host; pgsql_ip = pgsql_host; }; } ]; }; }; }; }