{ description = "A simple system flake using some Aux defaults"; nixConfig = { extra-substituters = [ "https://nix-community.cachix.org" ]; extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; home-manager = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; microvm.url = "github:astro/microvm.nix"; microvm.inputs.nixpkgs.follows = "nixpkgs"; authentik-nix.url = "github:nix-community/authentik-nix"; }; outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }: let system = "x86_64-linux"; username = "tbarnouin"; proxy_host = "192.168.1.40"; in { nixosConfigurations = { nixmox-curiosity = nixpkgs.lib.nixosSystem { inherit system; modules = [ ./hosts/nixmox-curiosity/configuration.nix { networking.hostName = "nixmox-curiosity"; } home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.${username} = import ./hosts/nixmox-curiosity/home.nix; } microvm.nixosModules.host { microvm = { autostart = [ "nginx" "redis" "grafana" "authentik" ]; vms = { nginx = { flake = self; updateFlake = "git+file:///etc/nixos"; }; redis = { flake = self; updateFlake = "git+file:///etc/nixos"; }; grafana = { flake = self; updateFlake = "git+file:///etc/nixos"; }; authentik = { flake = self; updateFlake = "git+file:///etc/nixos"; }; }; }; } ]; specialArgs = { inherit inputs; inherit username; inherit proxy_host; inherit system; }; }; nixmox-perseverance = nixpkgs.lib.nixosSystem { inherit system; modules = [ ./hosts/nixmox-perseverance/configuration.nix { networking.hostName = "nixmox-perseverance"; } home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.${username} = import ./hosts/nixmox-perseverance/home.nix; } microvm.nixosModules.host { microvm = { autostart = [ "netbox" ]; vms = { netbox = { flake = self; updateFlake = "git+file:///etc/nixos"; }; }; }; } ]; specialArgs = { inherit inputs; inherit username; inherit proxy_host; inherit system; }; }; nginx = nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { services.vm_nginx = { enable = true; }; services.vm = { enable = true; hostname = "nginx"; vm_ip = "192.168.1.40"; macAddr = "02:00:00:00:00:40"; }; } ]; }; jellyfin = nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { services.vm_jellyfin = { enable = true; }; services.vm = { enable = true; hostname = "jellyfin"; vm_ip = "192.168.1.42"; vm_cpu = 4; vm_mem = 8192; macAddr = "02:00:00:00:00:42"; }; } ]; }; redis = nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { services.vm_redis = { enable = true; }; services.vm = { enable = true; hostname = "redis"; vm_ip = "192.168.1.16"; macAddr = "02:00:00:00:00:16"; }; } ]; }; grafana = nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { services.vm_grafana = { enable = true; proxy_ip = "192.168.1.40"; }; services.vm = { enable = true; hostname = "grafana"; vm_ip = "192.168.1.20"; vm_cpu = 2; vm_mem = 2048; macAddr = "02:00:00:00:00:20"; }; } ]; }; netbox = nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { services.vm_netbox = { enable = true; }; services.vm = { enable = true; hostname = "netbox"; vm_ip = "192.168.1.45"; vm_cpu = 2; vm_mem = 2048; macAddr = "02:00:00:00:00:45"; }; } ]; }; authentik = nixpkgs.lib.nixosSystem { inherit system; modules = [ inputs.authentik-nix.nixosModules.default { services.authentik = { enable = true; environmentFile = "/run/secrets/authentik/authentik-env"; settings = { disable_startup_analytics = true; avatars = "initials"; }; }; services.vm_authentik = { enable = true; }; } microvm.nixosModules.microvm "${inputs.self}/systems" "${inputs.self}/services" { microvm = { volumes = [ { mountPoint = "/media"; image = "/var/lib/microvms/authentik/media.img"; size = 2048; } ]; }; services.vm = { enable = true; hostname = "authentik"; vm_ip = "192.168.1.25"; vm_cpu = 2; vm_mem = 2048; macAddr = "02:00:00:00:00:25"; }; } ]; }; }; }; }