167 lines
4.8 KiB
Nix
167 lines
4.8 KiB
Nix
{
|
|
description = "A simple system flake using some Aux defaults";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
|
|
home-manager = {
|
|
url = "github:nix-community/home-manager/release-24.05";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
microvm.url = "github:astro/microvm.nix";
|
|
microvm.inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
|
|
outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }:
|
|
let
|
|
hostName = "nixmox-perseverance";
|
|
system = "x86_64-linux";
|
|
username = "tbarnouin";
|
|
in
|
|
{
|
|
nixosConfigurations = {
|
|
${hostName} = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
./hosts/${hostName}/configuration.nix
|
|
{
|
|
networking.hostName = hostName;
|
|
}
|
|
home-manager.nixosModules.home-manager
|
|
{
|
|
home-manager.useGlobalPkgs = true;
|
|
home-manager.useUserPackages = true;
|
|
home-manager.users.${username} = import ./hosts/${hostName}/home.nix;
|
|
}
|
|
microvm.nixosModules.host
|
|
{
|
|
microvm = {
|
|
autostart = [
|
|
"nginx"
|
|
"redis"
|
|
"grafana"
|
|
"authentik"
|
|
];
|
|
vms = {
|
|
nginx = {
|
|
flake = self;
|
|
updateFlake = "git+file:///etc/nixos";
|
|
};
|
|
redis = {
|
|
flake = self;
|
|
updateFlake = "git+file:///etc/nixos";
|
|
};
|
|
grafana = {
|
|
flake = self;
|
|
updateFlake = "git+file:///etc/nixos";
|
|
};
|
|
authentik = {
|
|
flake = self;
|
|
updateFlake = "git+file:///etc/nixos";
|
|
};
|
|
};
|
|
};
|
|
}
|
|
];
|
|
|
|
specialArgs = {
|
|
inherit inputs;
|
|
inherit username;
|
|
inherit hostName;
|
|
inherit system;
|
|
};
|
|
};
|
|
nginx = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
microvm.nixosModules.microvm
|
|
"${inputs.self}/systems"
|
|
"${inputs.self}/services"
|
|
{
|
|
services.vm_nginx = {
|
|
enable = true;
|
|
};
|
|
services.vm = {
|
|
enable = true;
|
|
hostname = "nginx";
|
|
vm_ip = "192.168.122.40";
|
|
macAddr = "02:00:00:00:00:40";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
redis = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
microvm.nixosModules.microvm
|
|
"${inputs.self}/systems"
|
|
"${inputs.self}/services"
|
|
{
|
|
services.vm_redis = {
|
|
enable = true;
|
|
};
|
|
services.vm = {
|
|
enable = true;
|
|
hostname = "redis";
|
|
vm_ip = "192.168.1.16";
|
|
macAddr = "02:00:00:00:00:16";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
grafana = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
microvm.nixosModules.microvm
|
|
"${inputs.self}/systems"
|
|
"${inputs.self}/services"
|
|
{
|
|
services.vm_grafana = {
|
|
enable = true;
|
|
proxy_ip = "${proxy_host}";
|
|
};
|
|
services.vm = {
|
|
enable = true;
|
|
hostname = "grafana";
|
|
vm_ip = "192.168.1.20";
|
|
vm_cpu = 2;
|
|
vm_mem = 2048;
|
|
macAddr = "02:00:00:00:00:20";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
authentik = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
modules = [
|
|
inputs.authentik-nix.nixosModules.default
|
|
{
|
|
services.authentik = {
|
|
enable = true;
|
|
environmentFile = "/run/secrets/authentik/authentik-env";
|
|
settings = {
|
|
disable_startup_analytics = true;
|
|
avatars = "initials";
|
|
};
|
|
};
|
|
services.vm_authentik = {
|
|
enable = true;
|
|
};
|
|
}
|
|
microvm.nixosModules.microvm
|
|
"${inputs.self}/systems"
|
|
"${inputs.self}/services"
|
|
{
|
|
services.vm = {
|
|
enable = true;
|
|
hostname = "authentik";
|
|
vm_ip = "192.168.1.25";
|
|
vm_cpu = 2;
|
|
vm_mem = 2048;
|
|
macAddr = "02:00:00:00:00:25";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|