{ description = "NixOS Darkone Framework"; #---------------------------------------------------------------------------- # CACHING #---------------------------------------------------------------------------- nixConfig = { extra-trusted-substituters = [ "https://cache.garnix.io" "https://nix-community.cachix.org" ]; extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; }; #---------------------------------------------------------------------------- # FLAKE INPUTS #---------------------------------------------------------------------------- inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; colmena.url = "github:zhaofengli/colmena/main"; colmena.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; raspberry-pi-nix = { url = "github:nix-community/raspberry-pi-nix?ref=v0.4.1"; inputs.nixpkgs.follows = "nixpkgs"; }; nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; }; }; #---------------------------------------------------------------------------- # FLAKE OUTPUTS #---------------------------------------------------------------------------- outputs = { self, nixpkgs, nixpkgs-stable, home-manager, raspberry-pi-nix, nixos-hardware, sops-nix, disko, ... }: let #------------------------------------------------------------------------ # OUTPUT LET #------------------------------------------------------------------------ # Unstable state version for new hosts / homes installations unstableStateVersion = "25.11"; # Support for multiple architectures supportedSystems = [ "x86_64-linux" "aarch64-linux" ]; # Function to get host architecture from host config or default to x86_64-linux getHostArch = host: host.arch or "x86_64-linux"; # Per-system initialization of pkgs forAllSystems = nixpkgs.lib.genAttrs supportedSystems; nixpkgsFor = forAllSystems ( system: import nixpkgs { inherit system; config.allowUnfree = true; config.allowUnfreePredicate = _: true; overlays = [ ]; } ); nixpkgsStableFor = forAllSystems ( system: import nixpkgs-stable { inherit system; config.allowUnfree = true; } ); # Generated files (with just generate) hosts = import ./var/generated/hosts.nix; users = import ./var/generated/users.nix; network = import ./var/generated/network.nix; # Home manager context creations mkHome = login: { name = login; value = { imports = [ ./dnf/modules/home (import ./${users.${login}.profile}) ]; # Home profiles loading - TODO: stateVersion must be fixed for each user at creation home = { username = login; homeDirectory = nixpkgs.lib.mkDefault "/home/${login}"; stateVersion = nixpkgs.lib.mkDefault "${unstableStateVersion}"; }; }; }; # Generate common args for each architecture mkCommonNodeArgs = system: { inherit users; inherit network; inherit system; pkgs-stable = nixpkgsStableFor.${system}; }; mkNodeSpecialArgs = host: { name = host.hostname; value = { inherit host; inherit network; } // mkCommonNodeArgs (getHostArch host); }; nodeSpecialArgs = builtins.listToAttrs (map mkNodeSpecialArgs hosts); # Host creation mkHost = host: { name = host.hostname; value = host.colmena // { nixpkgs.system = getHostArch host; imports = [ ./dnf/modules/nix ./usr/modules/nix "${nixpkgs}/nixos/modules/misc/nixpkgs.nix" sops-nix.nixosModules.sops disko.nixosModules.disko { _module.args.dnfLib = mkDnfLib (getHostArch host); } home-manager.nixosModules.home-manager { home-manager = { # Use global packages from nixpkgs useGlobalPkgs = true; # Install in /etc/profiles instead of ~/nix-profiles. useUserPackages = true; # Avoid error on replacing a file (.zshrc for example) # LIMITATION: if bkp file already exists -> fail backupFileExtension = "bkp"; # Load users profiles users = builtins.listToAttrs (map mkHome host.users); extraSpecialArgs = { inherit network; inherit host; inherit users; system = getHostArch host; pkgs-stable = nixpkgsStableFor.${getHostArch host}; }; }; } ] ++ nixpkgs.lib.optional ( getHostArch host == "aarch64-linux" ) raspberry-pi-nix.nixosModules.raspberry-pi ++ nixpkgs.lib.optional ( getHostArch host == "aarch64-linux" ) nixos-hardware.nixosModules.raspberry-pi-5 ++ nixpkgs.lib.optional (builtins.pathExists ./usr/machines/${host.hostname}) ./usr/machines/${host.hostname}; }; }; # Multi-arch devshells mkDevShell = system: let pkgs = nixpkgsFor.${system}; in pkgs.mkShell { buildInputs = with pkgs; [ age colmena deadnix git just mkpasswd moreutils # sponge nixfmt-rfc-style php84 php84Packages.composer sops ssh-to-age statix yq zsh ]; }; # DNF tools mkDnfLib = system: let pkgs = nixpkgsFor.${system}; in import ./dnf/lib { inherit (pkgs) lib; }; in { # Exposer la lib directement lib = forAllSystems mkDnfLib; #------------------------------------------------------------------------ # HOSTS MANAGEMENT WITH COLMENA #------------------------------------------------------------------------ #colmenaHive = colmena.lib.makeHive self.outputs.colmena; colmena = { meta = { description = "Darkone Framework Network"; nixpkgs = nixpkgsFor.x86_64-linux; # default system inherit nodeSpecialArgs; }; # Default deployment settings defaults.deployment = { buildOnTarget = nixpkgs.lib.mkDefault false; allowLocalDeployment = nixpkgs.lib.mkDefault true; replaceUnknownProfiles = true; targetUser = "nix"; }; } // builtins.listToAttrs (map mkHost hosts); #------------------------------------------------------------------------ # ISO IMAGE #------------------------------------------------------------------------ # Iso image for first install DNF system # nix build .#nixosConfigurations.iso.config.system.build.isoImage nixosConfigurations = builtins.listToAttrs ( map (system: { name = "iso-${system}"; value = nixpkgs.lib.nixosSystem { inherit system; specialArgs = { imgFormat = nixpkgs.lib.mkDefault "iso"; host = { hostname = "new-dnf-host"; name = "New Darkone NixOS Framework"; profile = "minimal"; users = [ ]; groups = [ ]; arch = system; }; }; modules = [ #"${nixpkgs}/nixos/modules/misc/nixpkgs.nix" { nixpkgs.pkgs = nixpkgsFor.${system}; } ./dnf/hosts/iso.nix ]; }; }) supportedSystems ); #------------------------------------------------------------------------ # DEV SHELL #------------------------------------------------------------------------ # Dev env for all supported architectures devShells = forAllSystems (system: { default = mkDevShell system; }); #------------------------------------------------------------------------ # DNF MODULES #------------------------------------------------------------------------ # Darkone modules nixosModules = { darkone = ./dnf/modules/nix; default = self.nixosModules.darkone; }; homeManagerModules = { darkone = ./dnf/modules/home; }; }; # outputs }