tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nixos-hypervisor/flake.nix
Théo Barnouin 32b60f1ff9
Some checks are pending
/ Build Nix targets (push) Waiting to run
Details
Try pre-commit and formatting with alejandra
2025-06-05 10:42:50 +02:00

243 lines
7.5 KiB
Nix
Raw Blame History

{
description = "A simple system flake using some Aux defaults";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
pre-commit-hooks.url = "github:cachix/git-hooks.nix";
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
crowdsec = {
url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix.url = "github:yaxitech/ragenix";
};
outputs = inputs @ {
self,
nixpkgs,
home-manager,
agenix,
crowdsec,
...
}: let
system = "x86_64-linux";
username = "tbarnouin";
proxy_host = "192.168.1.40";
pgsql_host = "192.168.1.13";
pkgs = import nixpkgs {inherit system;};
supportedSystems = ["x86_64-linux"];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
in {
checks = forAllSystems (system: {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
alejandra.enable = true;
};
};
});
nixosConfigurations = {
nginx = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "nginx";
services = {
vm_nginx = {
enable = true;
proxy_ip = proxy_host;
};
};
}
];
};
pgsql = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "pgsql";
services.vm_postgresql = {
enable = true;
};
}
];
};
forgejo = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "forgejo";
services.vm_forgejo = {
enable = true;
pgsql_ip = pgsql_host;
};
}
];
};
onlyoffice = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "onlyoffice";
services.vm_onlyoffice = {
enable = true;
pgsql_ip = pgsql_host;
};
}
];
};
template = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
"${inputs.self}/systems/minimalVMConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "nixos";
}
];
};
jellyfin = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
"${inputs.self}/systems/minimalVMConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
services.vm_jellyfin = {
enable = true;
};
}
];
};
qbittorrent-vpn = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
"${inputs.self}/systems/minimalVMConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
services.vm_qbittorrent_vpn = {
enable = true;
};
}
];
};
nixarr = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
"${inputs.self}/systems/minimalVMConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
services.vm_nixarr = {
enable = true;
};
}
];
};
arr-box = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-image.nix"
"${inputs.self}/systems/minimalVMConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
services.vm_nixarr = {
enable = true;
};
}
];
};
redis = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
networking.hostName = "redis";
services.vm_redis = {
enable = true;
};
}
];
};
grafana-lxc = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
agenix.nixosModules.default
crowdsec.nixosModules.crowdsec-firewall-bouncer
"${inputs.nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
"${inputs.self}/systems/minimalLXCConfig.nix"
"${inputs.self}/services"
"${inputs.self}/modules"
{
services.vm_grafana = {
enable = true;
vm_ip = "192.168.1.27";
proxy_ip = proxy_host;
pgsql_ip = pgsql_host;
};
}
];
};
};
};
}
Reference in a new issue View git blame Copy permalink