let sources' = import ./npins; # Patch sources directly sources = builtins.mapAttrs (patch.base { pkgs = import sources'.nixos-unstable { }; }) .applyPatches' sources'; nix-lib = import ./lib/nix-lib; inherit (nix-lib) warn; patch = import ./lib/nix-patches { patchFile = ./patches; }; nodes' = import ./meta/nodes.nix; nodes = builtins.attrNames nodes'; mkNode = node: { # Import the base configuration for each node imports = [ ./machines/${node}/_configuration.nix ]; deployment.systemType = "nixos"; }; nixpkgs' = import ./meta/nixpkgs.nix; # All supported nixpkgs versions × systems, instanciated nixpkgs = nix-lib.mapSingleFuse ( s: nix-lib.mapSingleFuse (mkSystemNixpkgs s) nixpkgs'.versions ) nixpkgs'.systems; # Get the configured nixos version for the node, # defaulting to the one defined in meta/nixpkgs version = node: nodes'.${node}.nixpkgs.version; system = node: nodes'.${node}.nixpkgs.system or (warn "${node}: Not specifying the `deployment.systemType` is deprecated!" "nixos"); nodePkgs = node: nixpkgs.${system node}.${version node}; # Builds a patched version of nixpkgs, only as the source mkNixpkgs' = v: patch.mkNixpkgsSrc rec { src = sources'.${name}; name = "nixos-${v}"; }; # Build up the nixpkgs configuration for Liminix embedded systems mkLiminixConfig = system: _: (import "${sources.liminix}/devices/${system}").system // { overlays = [ (import "${sources.liminix}/overlay.nix") ]; config = { allowUnsupportedSystem = true; # mipsel permittedInsecurePackages = [ "python-2.7.18.8" # Python < 3.x is needed for kernel backports. ]; }; }; # Build up the arguments to instantiate a nixpkgs given a system and a version. mkNixpkgsConfig = system: version: if system == "nixos" then { } else if system == "zyxel-nwa50ax" then (mkLiminixConfig system version) else (throw "Unknown system: ${system} for nixpkgs configuration instantiation"); # Instanciates the required nixpkgs version mkSystemNixpkgs = system: version: import (mkNixpkgs' version) (mkNixpkgsConfig system version); ### # Function to create arguments based on the node # mkArgs = node: rec { lib = nodePkgs.lib // { extra = nix-lib; }; nodePkgs = nodePkgs node; meta = (import ./meta) lib; nodeMeta = meta.nodes.${node}; }; in { meta = { nodeNixpkgs = nix-lib.mapSingleFuse nodePkgs nodes; specialArgs = { inherit nixpkgs sources; dgn-keys = import ./keys; }; nodeSpecialArgs = nix-lib.mapSingleFuse mkArgs nodes; }; registry = { nixos = { evalConfig = args: import "${args.specialArgs.nodePkgs.path}/nixos/lib/eval-config.nix" args; defaults = { name, nodeMeta, ... }: { # Import the default modules imports = [ ./modules (import "${sources.lix-module}/module.nix" { inherit (sources) lix; }) ]; # Include default secrets age-secrets.sources = [ ./machines/${name}/secrets ]; # Deployment config is specified in meta.nodes.${node}.deployment inherit (nodeMeta) deployment; nix = { # Set NIX_PATH to the patched version of nixpkgs nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ]; optimise.automatic = true; gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Use the stateVersion declared in the metadata system = { inherit (nodeMeta) stateVersion; }; }; }; }; } // (nix-lib.mapSingleFuse mkNode nodes)