let sources = import ./npins; lib = import (sources.nix-lib + "/src/trivial.nix"); lib' = (import sources.nixos-unstable { }).lib; patch = import sources.nix-patches { patchFile = ./patches; }; nodes' = import ./meta/nodes.nix; nodes = builtins.attrNames nodes'; mkNode = node: { # Import the base configuration for each node imports = builtins.map (lib.mkRel (./machines/${node})) [ "_configuration.nix" "_hardware-configuration.nix" ]; deployment.systemType = systemType node; }; nixpkgs' = import ./meta/nixpkgs.nix; # All supported nixpkgs versions, instanciated nixpkgs = lib.mapSingleFuse ( s: lib.mapSingleFuse (mkSystemNixpkgs s) nixpkgs'.versions.supported ) nixpkgs'.systems.supported; # Get the configured nixos version for the node, # defaulting to the one defined in meta/nixpkgs version = node: nodes'.${node}.nixpkgs or nixpkgs'.versions.default; system = node: nodes'.${node}.system or nixpkgs'.systems.default; systemType = node: nodes'.${node}.system or (lib'.warn "Not specifying the `deployment.systemType` is deprecated!" "nixos"); # Builds a patched version of nixpkgs, only as the source mkNixpkgs' = v: let version = "nixos-${v}"; in patch.mkNixpkgsSrc { src = sources.${version}; inherit version; }; mkNixpkgsConfigPerSystem = system: _: if system == "nixos" then { } else (import "${sources.liminix}/devices/${system}").system // { overlays = [ (import "${sources.liminix}/overlay.nix") ]; config = { allowUnsupportedSystem = true; # mipsel permittedInsecurePackages = [ "python-2.7.18.8" # Python < 3 is needed for kernel backports. ]; }; }; # Instanciate a specialized version of nixpkgs mkSystemNixpkgs = system: version: let args = mkNixpkgsConfigPerSystem system version; in import (mkNixpkgs' version) args; ### # Function to create arguments based on the node # mkArgs = node: let pkgs = nixpkgs.${system node}; in rec { lib = import sources.nix-lib { inherit (pkgs.${version node}) lib; nixpkgs = pkgs; keysRoot = ./keys; }; meta = (import ./meta) lib; nodeMeta = meta.nodes.${node}; }; in { registry = { zyxel-nwa50ax = { evalConfig = import "${sources.liminix}/lib/eval-config.nix" { nixpkgs = sources.nixos-unstable; }; defaults = _: { nixpkgs = { source = sources.nixos-unstable; config = { allowUnsupportedSystem = true; # mipsel permittedInsecurePackages = [ "python-2.7.18.8" # Python < 3 is needed for kernel backports. ]; }; hostPlatform = { config = "mipsel-unknown-linux-musl"; gcc = { abi = "32"; arch = "mips32"; # mips32r2? }; }; # It's impure, but who cares? # Can Flakes do that? buildPlatform = builtins.currentSystem; }; }; }; nixos = { evalConfig = import "${sources.nixos-unstable}/nixos/lib/eval-config.nix"; defaults = { nodeMeta, name, ... }: { # Import the default modules imports = [ ./modules ]; # Include default secrets age-secrets.sources = [ ./machines/${name}/secrets ]; # Deployment config is specified in meta.nodes.${node}.deployment inherit (nodeMeta) deployment; nix = { # Set NIX_PATH to the patched version of nixpkgs nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ]; optimise.automatic = true; gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Use the stateVersion declared in the metadata system = { inherit (nodeMeta) stateVersion; }; }; }; }; meta = { nodeNixpkgs = lib.mapSingleFuse (n: nixpkgs.${system n}.${version n}) nodes; specialArgs = { inherit sources; }; nodeSpecialArgs = lib.mapSingleFuse mkArgs nodes; }; } // (lib.mapSingleFuse mkNode nodes)