This repository has been archived by the owner on Feb 28, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
flake.nix
89 lines (82 loc) · 3.05 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
description = "Bitte for Mantis";
inputs = {
bitte-cli.follows = "bitte/bitte-cli";
bitte.url = "github:input-output-hk/bitte";
# bitte.url = "path:/home/manveru/github/input-output-hk/bitte";
# bitte.url = "path:/home/jlotoski/work/iohk/bitte-wt/bitte";
nixpkgs.follows = "bitte/nixpkgs";
terranix.follows = "bitte/terranix";
utils.url = "github:numtide/flake-utils";
ops-lib.url = "github:input-output-hk/ops-lib/zfs-image?dir=zfs";
inclusive.follows = "bitte/inclusive";
midnight-automation = {
url =
"git+ssh://github.com/input-output-hk/midnight-automation?ref=etcm-99-mantis-agen";
flake = false;
};
mantis-explorer.url = "github:input-output-hk/mantis-explorer";
mantis-faucet-web.url =
"github:input-output-hk/mantis-faucet-web/nix-build";
};
outputs = { self, nixpkgs, utils, ops-lib, bitte, ... }:
(utils.lib.eachSystem [ "x86_64-linux" "x86_64-darwin" ] (system: rec {
overlay = import ./overlay.nix { inherit system self; };
legacyPackages = import nixpkgs {
inherit system;
config.allowUnfreePredicate = pkg:
let name = nixpkgs.lib.getName pkg;
in (builtins.elem name [ "ssm-session-manager-plugin" ])
|| throw "unfree not allowed: ${name}";
overlays = [ overlay ];
};
inherit (legacyPackages) devShell;
packages = {
inherit (legacyPackages)
bitte nixFlakes sops generate-mantis-keys terraform-with-plugins cfssl
consul;
};
hydraJobs = packages // {
prebuilt-devshell =
devShell.overrideAttrs (_: { nobuildPhase = "touch $out"; });
};
apps.bitte = utils.lib.mkApp { drv = legacyPackages.bitte; };
})) // (let
pkgs = import nixpkgs {
overlays = [ self.overlay.x86_64-linux ];
system = "x86_64-linux";
};
in {
inherit (pkgs) clusters nomadJobs;
nixosConfigurations = pkgs.nixosConfigurations // {
# attrs of interest:
# * config.system.build.zfsImage
# * config.system.build.uploadAmi
zfs-ami = import "${nixpkgs}/nixos" {
configuration = { pkgs, lib, ... }: {
imports = [
ops-lib.nixosModules.make-zfs-image
ops-lib.nixosModules.zfs-runtime
"${nixpkgs}/nixos/modules/profiles/headless.nix"
"${nixpkgs}/nixos/modules/virtualisation/ec2-data.nix"
];
nix.package = self.packages.x86_64-linux.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
systemd.services.amazon-shell-init.path = [ pkgs.sops ];
nixpkgs.config.allowUnfreePredicate = x:
builtins.elem (lib.getName x) [ "ec2-ami-tools" "ec2-api-tools" ];
zfs.regions = [
"eu-west-1"
"ap-northeast-1"
"ap-northeast-2"
"eu-central-1"
"us-east-2"
];
};
system = "x86_64-linux";
};
};
});
}