# SPDX-FileCopyrightText: 2024 Ryan Lahfa # SPDX-FileCopyrightText: 2024 Tom Hubrecht # SPDX-FileContributor: Maurice Debray # # SPDX-License-Identifier: EUPL-1.2 let sources' = import ./npins; # Patch sources directly sources = builtins.mapAttrs (patch.base { pkgs = import sources'.nixos-unstable { }; }) .applyPatches' sources'; nix-lib = import ./lib/nix-lib; inherit (nix-lib) mapSingleFuse; patch = import ./lib/nix-patches { patchFile = ./patches; }; nodes' = import ./meta/nodes; nodes = builtins.attrNames nodes'; mkNode = node: { deployment.systemType = system node; }; nixpkgs' = import ./meta/nixpkgs.nix; # All supported nixpkgs versions × systems, instanciated nixpkgs = mapSingleFuse (s: mapSingleFuse (mkSystemNixpkgs s) nixpkgs'.versions) nixpkgs'.systems; # Get the configured nixos version for the node, # defaulting to the one defined in meta/nixpkgs version = node: nodes'.${node}.nixpkgs.version; system = node: nodes'.${node}.nixpkgs.system; category = node: nixpkgs'.categories.${system node}; nodePkgs = node: nixpkgs.${system node}.${version node}; # Builds a patched version of nixpkgs, only as the source mkNixpkgs' = v: patch.mkNixpkgsSrc rec { src = sources'.${name}; name = "nixos-${v}"; }; # Build up the nixpkgs configuration for Liminix embedded systems mkLiminixConfig = system: _: (import "${sources.liminix}/devices/${system}").system // { overlays = [ (import "${sources.liminix}/overlay.nix") ]; config = { allowUnsupportedSystem = true; # mipsel permittedInsecurePackages = [ "python-2.7.18.8" # Python < 3.x is needed for kernel backports. ]; }; }; # Build up the arguments to instantiate a nixpkgs given a system and a version. mkNixpkgsConfig = system: { nixos = _: { }; zyxel-nwa50ax = mkLiminixConfig system; netconf = _: { }; } .${system} or (throw "Unknown system: ${system} for nixpkgs configuration instantiation"); # Instanciates the required nixpkgs version mkSystemNixpkgs = system: version: import (mkNixpkgs' version) (mkNixpkgsConfig system version); ### # Function to create arguments based on the node # mkArgs = node: rec { lib = sourcePkgs.lib // { extra = nix-lib; }; sourcePkgs = nodePkgs node; meta = (import ./meta) lib; nodeMeta = meta.nodes.${node}; nodePath = "machines/${category node}/${node}"; }; in { meta = { nixpkgs = import nixpkgs.nixos.unstable.path; nodeNixpkgs = mapSingleFuse nodePkgs nodes; specialArgs = { inherit nixpkgs sources; dgn-keys = import ./keys; }; nodeSpecialArgs = mapSingleFuse mkArgs nodes; }; registry = { zyxel-nwa50ax = { evalConfig = args: (import "${sources.liminix}/lib/eval-config.nix" { nixpkgs = args.specialArgs.sourcePkgs.path; }) args; defaults = { name, nodePath, ... }: { # Import the default modules imports = [ # Import the base configuration for each node ./${nodePath}/_configuration.nix ./modules/generic ./modules/${category name} ]; # It's impure, but who cares? # Can Flakes even do that? :) nixpkgs.buildPlatform = builtins.currentSystem; }; }; netconf = { evalConfig = args: (import nixpkgs.nixos.unstable.path { }).lib.evalModules args; defaults = { nodePath, ... }: { # Import the default modules imports = [ # Import the base configuration for each node ./${nodePath}.nix ./modules/netconf ./lib/netconf-junos ]; }; }; nixos = { evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args; defaults = { lib, name, nodes, nodeMeta, nodePath, meta, sourcePkgs, ... }: { # Import the default modules imports = [ # Import the base configuration for each node ./${nodePath}/_configuration.nix ./modules/generic (import "${sources.lix-module}/module.nix" { inherit (sources) lix; }) ./modules/${category name} ]; _module.args.serverNodes = lib.filterAttrs ( name: _: meta.nodes.${name}.nixpkgs.system == "nixos" ) nodes; # Include default secrets age-secrets.sources = [ ./${nodePath}/secrets ]; # Deployment config is specified in meta.nodes.${node}.deployment inherit (nodeMeta) deployment; nix = { # Set NIX_PATH to the patched version of nixpkgs nixPath = [ "nixpkgs=${builtins.storePath sourcePkgs.path}" ]; optimise.automatic = true; gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; settings = { substituters = [ "https://tvix-store.dgnum.eu/infra" ]; } // (import ./machines/nixos/storage01/tvix-cache/cache-settings.nix { caches = [ "infra" ]; }); }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Use the stateVersion declared in the metadata system = { inherit (nodeMeta) stateVersion; }; }; }; }; } // (mapSingleFuse mkNode nodes)