185 lines
6.1 KiB
Nix
185 lines
6.1 KiB
Nix
{
|
|
description = "snoot.tube config";
|
|
|
|
inputs = { # update a single input; nix flake lock --update-input nixpkgs
|
|
nixpkgs = { url = "github:NixOS/nixpkgs/nixpkgs-unstable"; };
|
|
sops-nix = {
|
|
url = "github:Mic92/sops-nix";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
nixos-generators = {
|
|
url = "path:/home/vivlim/git/nixos-generators";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
eisfunke-nixpkgs = {
|
|
url = "git+https://git.eisfunke.com/config/nixos.git";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs = inputs@{ self, nixpkgs, sops-nix, nixos-generators, eisfunke-nixpkgs, ... }:
|
|
let
|
|
# Module that provides an overlay containing an overridden mastodon package.
|
|
overlayModule =
|
|
({ config, pkgs, ... }: {
|
|
nixpkgs = {
|
|
config = { };
|
|
overlays = [
|
|
(new: prev: # The overlay providing an overridden mastodon package
|
|
rec {
|
|
mastodon-custom = (eisfunke-nixpkgs.packages.${prev.system}.glitch-soc.override {
|
|
pname = "mastodon-custom";
|
|
srcOverride = (pkgs.callPackage ./mastodon/source.nix {
|
|
patches = [
|
|
./yarn-typescript.patch # from https://git.eisfunke.com/config/nixos/-/commit/2bfd28ad0d213b98b77ca330ece0bed5e1147e1b#02d7069e5f0791835ce58490aaaa3b734b0c92f7
|
|
# create patches with `git diff -a --binary glitch-main > snoot-2024-02.patch`
|
|
./snoot-2024-02.patch
|
|
];
|
|
});
|
|
gemset = ./mastodon/gemset.nix;
|
|
});
|
|
mastodon-custom-staging = mastodon-custom; # for now these are just the same.
|
|
})
|
|
];
|
|
};
|
|
});
|
|
|
|
nestedContainerExtras = {
|
|
# additional module imports to use in the nested container.
|
|
imports = [
|
|
# the module that contains the overridden mastodon package
|
|
overlayModule
|
|
];
|
|
disabledModules = [];
|
|
|
|
};
|
|
in {
|
|
colmena = {
|
|
meta = {
|
|
nixpkgs = import nixpkgs {
|
|
system = "x86_64-linux";
|
|
};
|
|
specialArgs = {
|
|
inherit inputs;
|
|
|
|
# extra stuff we need when defining nested container config
|
|
inherit nestedContainerExtras;
|
|
};
|
|
};
|
|
frontend = { name, nodes, pkgs, ... }: {
|
|
deployment.targetHost = "20.120.214.87";
|
|
deployment.targetPort = 6922;
|
|
deployment.targetUser = "root";
|
|
|
|
imports = [
|
|
./configs/common.nix
|
|
./configs/frontend.nix
|
|
./configs/firewall.nix
|
|
nixos-generators.nixosModules.azure # azure base machine config.
|
|
./modules/prometheus_exporters.nix
|
|
];
|
|
};
|
|
backend = { name, nodes, pkgs, ... }: {
|
|
deployment.targetHost = "mastodon-snoottube.lan.vvn.space";
|
|
deployment.targetUser = "root";
|
|
|
|
imports = [
|
|
overlayModule
|
|
sops-nix.nixosModules.sops
|
|
./configs/common.nix
|
|
./configs/backend.nix
|
|
nixos-generators.nixosModules.proxmox # proxmox base machine config.
|
|
./modules/prometheus_exporters.nix
|
|
./modules/lemmy.nix
|
|
#./modules/gotosocial.nix
|
|
];
|
|
};
|
|
wob = { name, nodes, pkgs, ... }: {
|
|
deployment.targetHost = "wob.vvn.space";
|
|
deployment.targetPort = 6922;
|
|
deployment.targetUser = "root";
|
|
|
|
imports = [
|
|
overlayModule
|
|
sops-nix.nixosModules.sops
|
|
./configs/common.nix
|
|
./configs/firewall.nix
|
|
./configs/wob.nix
|
|
./modules/prometheus_exporters.nix
|
|
./modules/gotosocial.nix
|
|
];
|
|
};
|
|
};
|
|
|
|
devShells = let
|
|
devShellSupportedSystems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];
|
|
devShellForEachSupportedSystem = f: nixpkgs.lib.genAttrs devShellSupportedSystems (system: f {
|
|
pkgs = import nixpkgs { inherit system; };
|
|
inherit system;
|
|
});
|
|
in devShellForEachSupportedSystem ({ pkgs, system }: {
|
|
default = pkgs.mkShell {
|
|
packages = let
|
|
build-masto-vm = pkgs.writeShellScriptBin "toy-vm" ''
|
|
nix build .#nixosConfigurations.toy-backend.config.system.build.vm
|
|
./result/bin/run-nixos-toy-backend-vm
|
|
'';
|
|
in with pkgs; [
|
|
# Deps of mastodon/update.sh, but from the flake
|
|
bundix
|
|
coreutils
|
|
diffutils
|
|
nix-prefetch-github
|
|
gnused
|
|
jq
|
|
prefetch-yarn-deps
|
|
fixup_yarn_lock
|
|
yarn-lock-converter
|
|
azure-cli
|
|
azure-storage-azcopy
|
|
build-masto-vm
|
|
];
|
|
};
|
|
});
|
|
nixosConfigurations = {
|
|
toy-backend = nixpkgs.lib.nixosSystem { # don't try to use this, i don't think it actually works and i had to deal with other stuff first.
|
|
system = "x86_64-linux";
|
|
imports = [
|
|
overlayModule
|
|
sops-nix.nixosModules.sops
|
|
./configs/common.nix
|
|
./configs/backend.nix
|
|
({config, pkgs, ...}: {
|
|
network.hostname = "toy-backend";
|
|
services.mastodon = {
|
|
enable = true;
|
|
package = pkgs.mastodon-custom;
|
|
};
|
|
})
|
|
];
|
|
};
|
|
};
|
|
packages = {
|
|
azure-frontend = nixos-generators.nixosGenerate {
|
|
# /!\ PERIL: SWITCH LETSENCRYPT TO STAGING BEFORE TRYING TO CONSTRUCT A NEW ONE.
|
|
system = "x86_64-linux";
|
|
specialArgs = {
|
|
inherit inputs;
|
|
channels = {
|
|
inherit nixpkgs;
|
|
};
|
|
inherit nixpkgs;
|
|
};
|
|
modules = [
|
|
./configs/common.nix
|
|
./configs/frontend.nix
|
|
./configs/firewall.nix
|
|
nixos-generators.nixosModules.azure # azure base machine config.
|
|
./modules/prometheus_exporters.nix
|
|
];
|
|
format = "azure";
|
|
};
|
|
};
|
|
};
|
|
}
|