self-hosting/flake.nix

{
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    disko.url = "github:nix-community/disko";
    sops-nix.url = "github:Mic92/sops-nix";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
    deploy-rs.url = "github:serokell/deploy-rs";
    simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";
    foundryvtt.url = "github:reckenrode/nix-foundryvtt";
  };

  outputs =
    inputs@{
      self,
      nixpkgs,
      nixpkgs-unstable,
      disko,
      deploy-rs,
      sops-nix,
      simple-nixos-mailserver,
      foundryvtt,
    }:
    let
      pkgs = nixpkgs.legacyPackages.x86_64-linux;
      pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux;

      defaultModuleArgs =
        { pkgs, ... }:
        {
          _module.args.pkgs-unstable = import nixpkgs-unstable {
            system = "x86_64-linux";
            config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ "minecraft-server" ];
          };
        };
    in
    {
      devShells.x86_64-linux.default = pkgs.mkShell {
        sopsPGPKeyDirs = [
          "./keys/hosts"
          "./keys/users"
        ];

        nativeBuildInputs = [ (pkgs.callPackage sops-nix { }).sops-import-keys-hook ];

        buildInputs = with pkgs-unstable; [
          nixpkgs-fmt
          opentofu
          terraform-ls
          sops
          deploy-rs.packages."x86_64-linux".deploy-rs
        ];
      };

      nixosConfigurations = {
        hel1 = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = {
            inherit nixpkgs inputs;
          };

          modules = [
            disko.nixosModules.disko
            defaultModuleArgs
            sops-nix.nixosModules.sops
            simple-nixos-mailserver.nixosModule
            foundryvtt.nixosModules.foundryvtt
            ./profiles/hel.nix
            {
              sops.defaultSopsFile = ./secrets.enc.yml;
              networking.hostName = "hel1";
              networking.domain = "banditlair.com";
              nix.registry.nixpkgs.flake = nixpkgs;

              system.stateVersion = "24.05";
            }
          ];
        };
      };

      deploy.nodes =
        let
          createSystemProfile = configuration: {
            user = "root";
            sshUser = "root";
            path = deploy-rs.lib.x86_64-linux.activate.nixos configuration;
          };
        in
        {
          hel1 = {
            hostname = "37.27.138.62";
            profiles.system = createSystemProfile self.nixosConfigurations.hel1;
          };
        };

      checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
    };
}
Move Synapse on hcloud and deploy it with Terraform + NixOs 2021-07-15 13:38:22 +02:00			`{`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00			`inputs = {`
Update inputs 2025-05-29 02:47:09 +02:00			`nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00			`nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";`
Add hel1 server 2024-12-05 01:57:40 +01:00			`disko.url = "github:nix-community/disko";`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00			`sops-nix.url = "github:Mic92/sops-nix";`
			`sops-nix.inputs.nixpkgs.follows = "nixpkgs";`
			`deploy-rs.url = "github:serokell/deploy-rs";`
Update inputs 2025-05-29 02:47:09 +02:00			`simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";`
Add FoundryVTT 2023-10-12 02:59:56 +02:00			`foundryvtt.url = "github:reckenrode/nix-foundryvtt";`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00			`};`
Move Synapse on hcloud and deploy it with Terraform + NixOs 2021-07-15 13:38:22 +02:00
Add Odoo config 2024-09-20 03:55:11 +02:00			`outputs =`
			`inputs@{`
			`self,`
			`nixpkgs,`
			`nixpkgs-unstable,`
Add hel1 server 2024-12-05 01:57:40 +01:00			`disko,`
Add Odoo config 2024-09-20 03:55:11 +02:00			`deploy-rs,`
			`sops-nix,`
			`simple-nixos-mailserver,`
			`foundryvtt,`
			`}:`
Move Synapse on hcloud and deploy it with Terraform + NixOs 2021-07-15 13:38:22 +02:00			`let`
			`pkgs = nixpkgs.legacyPackages.x86_64-linux;`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00			`pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux;`
Add Odoo config 2024-09-20 03:55:11 +02:00
			`defaultModuleArgs =`
			`{ pkgs, ... }:`
			`{`
			`_module.args.pkgs-unstable = import nixpkgs-unstable {`
			`system = "x86_64-linux";`
			`config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ "minecraft-server" ];`
			`};`
Use minecraft-server from unstable 2022-07-19 06:34:33 +02:00			`};`
Add Odoo config 2024-09-20 03:55:11 +02:00			`in`
			`{`
Use minecraft-server from unstable 2022-07-19 06:34:33 +02:00			`devShells.x86_64-linux.default = pkgs.mkShell {`
Add Odoo config 2024-09-20 03:55:11 +02:00			`sopsPGPKeyDirs = [`
			`"./keys/hosts"`
			`"./keys/users"`
			`];`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00
Add Odoo config 2024-09-20 03:55:11 +02:00			`nativeBuildInputs = [ (pkgs.callPackage sops-nix { }).sops-import-keys-hook ];`
Start migration to NixOS for storage1 2021-11-29 02:04:29 +01:00
			`buildInputs = with pkgs-unstable; [`
Update packages and deploy using deploy-rs 2021-11-25 00:33:28 +01:00			`nixpkgs-fmt`
Update to NixOS 23.11 2023-12-13 18:51:56 +01:00			`opentofu`
Update packages and deploy using deploy-rs 2021-11-25 00:33:28 +01:00			`terraform-ls`
			`sops`
			`deploy-rs.packages."x86_64-linux".deploy-rs`
			`];`
			`};`

			`nixosConfigurations = {`
Add hel1 server 2024-12-05 01:57:40 +01:00			`hel1 = nixpkgs.lib.nixosSystem {`
			`system = "x86_64-linux";`
			`specialArgs = {`
			`inherit nixpkgs inputs;`
			`};`

			`modules = [`
			`disko.nixosModules.disko`
			`defaultModuleArgs`
			`sops-nix.nixosModules.sops`
			`simple-nixos-mailserver.nixosModule`
			`foundryvtt.nixosModules.foundryvtt`
			`./profiles/hel.nix`
			`{`
			`sops.defaultSopsFile = ./secrets.enc.yml;`
			`networking.hostName = "hel1";`
			`networking.domain = "banditlair.com";`
			`nix.registry.nixpkgs.flake = nixpkgs;`

			`system.stateVersion = "24.05";`
			`}`
			`];`
			`};`
Update packages and deploy using deploy-rs 2021-11-25 00:33:28 +01:00			`};`
Fix dkim public key for froidmont.org 2021-09-02 16:11:58 +02:00
Add Odoo config 2024-09-20 03:55:11 +02:00			`deploy.nodes =`
			`let`
			`createSystemProfile = configuration: {`
			`user = "root";`
			`sshUser = "root";`
			`path = deploy-rs.lib.x86_64-linux.activate.nixos configuration;`
			`};`
			`in`
			`{`
Add hel1 server 2024-12-05 01:57:40 +01:00			`hel1 = {`
			`hostname = "37.27.138.62";`
			`profiles.system = createSystemProfile self.nixosConfigurations.hel1;`
			`};`
Update to NixOS 23.05 2023-07-10 19:19:25 +02:00			`};`
Update packages and deploy using deploy-rs 2021-11-25 00:33:28 +01:00
Add Odoo config 2024-09-20 03:55:11 +02:00			`checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;`
Update packages and deploy using deploy-rs 2021-11-25 00:33:28 +01:00			`};`
Move Synapse on hcloud and deploy it with Terraform + NixOs 2021-07-15 13:38:22 +02:00			`}`