summary refs log tree commit diff stats
path: root/flake.nix
diff options
context:
space:
mode:
Diffstat (limited to 'flake.nix')
-rw-r--r--flake.nix66
1 files changed, 63 insertions, 3 deletions
diff --git a/flake.nix b/flake.nix
index 9115ef97..0ce7efb8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -14,6 +14,14 @@
       flake = false;
     };
     utils.url = "github:numtide/flake-utils";
+    agenix.url = "github:ryantm/agenix";
+    agenix.inputs.nixpkgs.follows = "nixpkgs";
+    deploy-rs.url = "github:serokell/deploy-rs";
+  };
+
+  nixConfig = {
+    extra-substituters = [ "https://deploy-rs.cachix.org" ];
+    extra-trusted-public-keys = [ "deploy-rs.cachix.org-1:xfNobmiwF/vzvK1gpfediPwpdIP0rpDV2rYqx40zdSI=" ];
   };
 
   outputs =
@@ -27,6 +35,8 @@
     , nix-index-database
     , secrets
     , emacs-overlay
+    , agenix
+    , deploy-rs
     , ...
     }:
     let
@@ -41,7 +51,7 @@
     in
     {
       nixosConfigurations.prefect = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
+        system = utils.lib.system.x86_64-linux;
         specialArgs = { inherit inputs; };
         modules = [
           ./system/prefect.nix
@@ -56,7 +66,18 @@
       nixosConfigurations.nanopi = nixpkgs.lib.nixosSystem {
         system = utils.lib.system.aarch64-linux;
         specialArgs = { inherit inputs; };
-        modules = [ ./nanopi.nix ];
+        modules = [
+          agenix.nixosModules.default
+          ./system/nanopi.nix
+        ];
+      };
+      nixosConfigurations.linde = nixpkgs.lib.nixosSystem {
+        system = utils.lib.system.aarch64-linux;
+        specialArgs = { inherit inputs; };
+        modules = [
+          agenix.nixosModules.default
+          ./system/linde.nix
+        ];
       };
       darwinConfigurations.mba = darwin.lib.darwinSystem {
         system = utils.lib.system.aarch64-darwin;
@@ -99,5 +120,44 @@
           (secrets + "/default.nix")
         ];
       };
-    };
+
+      checks = builtins.mapAttrs
+        (system: deployLib:
+          deployLib.deployChecks self.deploy)
+        deploy-rs.lib;
+
+      deploy = {
+        remoteBuild = true;
+        interactiveSudo = true;
+        nodes.linde = {
+          hostname = "linde";
+          profiles.system = {
+            user = "root";
+            path = deploy-rs.lib.${utils.lib.system.aarch64-linux}.activate.nixos
+              self.nixosConfigurations.linde;
+          };
+        };
+        nodes.nanopi = {
+          hostname = "nanopi";
+          profiles.system = {
+            user = "root";
+            path = deploy-rs.lib.${utils.lib.system.aarch64-linux}.activate.nixos
+              self.nixosConfigurations.nanopi;
+          };
+        };
+      };
+    } // utils.lib.eachDefaultSystem (system:
+    let
+      pkgs = import nixpkgs { inherit system; };
+    in
+    {
+      devShells = {
+        default = pkgs.mkShell {
+          packages = [
+            deploy-rs.packages.${system}.default
+            agenix.packages.${system}.default
+          ];
+        };
+      };
+    });
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 01:42:44 +0000