r
Radicle
Git
{
description = "radicle-infra";
inputs = {
# This looks redundant, but actually is nice.
# Allows to model "stable" vs. "unstable" vs. "don't care".
# Don't forget to also adjust the URL for home-manager below
# accordingly.
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs.follows = "nixpkgs-stable";
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
hm = {
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
garnix-lib = {
url = "github:garnix-io/garnix-lib";
inputs.nixpkgs.follows = "nixpkgs";
};
compat.url = "github:edolstra/flake-compat";
sops = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
utils.url = "github:numtide/flake-utils";
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs = {
flake-compat.follows = "compat";
nixpkgs.follows = "nixpkgs";
};
};
nix-index-database = {
url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
lorenz = {
url = "github:lorenzleutgeb/nur";
inputs = {
disko.follows = "disko";
nixpkgs.follows = "nixpkgs";
nixpkgs-stable.follows = "nixpkgs-stable";
nixpkgs-unstable.follows = "nixpkgs-unstable";
sops.follows = "sops";
compat.follows = "compat";
utils.follows = "utils";
pre-commit-hooks.follows = "pre-commit-hooks";
};
};
};
outputs = inputs @ {
self,
disko,
garnix-lib,
hm,
nix-index-database,
nixpkgs,
nixpkgs-unstable,
pre-commit-hooks,
sops,
...
}: let
lib = nixpkgs.lib.recursiveUpdate nixpkgs.lib (import ./lib.nix {inherit (nixpkgs) lib;});
inherit
(lib)
attrValues
dirToAttrs
nameValuePair
mapAttrs
mapAttrs'
;
inherit
(builtins)
readDir
;
system = "x86_64-linux";
modules = {
input = [
disko.nixosModules.disko
garnix-lib.nixosModules.garnix
hm.nixosModules.home-manager
nixpkgs.nixosModules.notDetected
sops.nixosModules.sops
];
};
homeModules.input = [
nix-index-database.homeModules.nix-index
sops.homeManagerModule
];
pkgs = import nixpkgs {
inherit system;
};
host = preconfig: let
result = lib.nixosSystem {
specialArgs = {
inherit self inputs lib;
};
modules =
modules.input
++ [
{
system.stateVersion = "23.11";
system.configurationRevision =
pkgs.lib.mkIf (self ? rev) self.rev;
nix.registry = {
nixpkgs-unstable = {
from = {
id = "nixpkgs-unstable";
type = "indirect";
};
flake = nixpkgs-unstable;
};
};
nixpkgs = {
overlays = [
(import ./overlay/radicle-node.nix)
];
config.allowUnfree = true;
};
home-manager = {
users.lorenz.imports = homeModules.input;
useGlobalPkgs = true;
useUserPackages = false;
backupFileExtension = "bak";
extraSpecialArgs = {
inherit inputs self;
};
};
}
preconfig
];
};
in
result;
in {
nixosConfigurations = {
"seed.radicle.dev" = host (import ./os/host/dev/seed);
"iris.radicle.network" = host (import ./os/host/network/iris);
"rosa.radicle.network" = host (import ./os/host/network/rosa);
};
devShells.${system}.default = pkgs.mkShell {
inherit (self.checks.${system}.pre-commit) shellHook;
buildInputs =
self.checks.${system}.pre-commit.enabledPackages
++ (with pkgs; [
dnscontrol
nushell
]);
};
formatter.${system} = pkgs.writeShellApplication {
name = "formatter";
text = ''
# shellcheck disable=all
shell-hook () {
${self.checks.${system}.pre-commit.shellHook}
}
shell-hook
pre-commit run --all-files
'';
};
checks.${system} =
{
pre-commit = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
alejandra.enable = true;
};
};
dnscontrol = pkgs.runCommand "dnscontrol" {} ''
cd ${./dns}
${pkgs.dnscontrol}/bin/dnscontrol check
touch $out
'';
}
#// (mapAttrs' (name: value: nameValuePair "packages/${name}" value) self.packages.${system})
// (mapAttrs' (name: value: nameValuePair "nixosConfigurations/${name}" value.config.system.build.toplevel) self.nixosConfigurations);
};
}