{ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-master.url = "github:NixOS/nixpkgs/master"; flake-parts.url = "github:hercules-ci/flake-parts"; nixinate.url = "github:maxaudron/nixinate"; secrets = { url = "git+ssh://git@gitlab.com/cocainefarm/k8s/secrets"; flake = false; }; catinator.url = "github:maxaudron/catinator"; pastor.url = "gitlab:cocainefarm/pastor/feature/nix"; authentik-nix.url = "github:nix-community/authentik-nix"; nixos-mailserver = { url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs-25_05.follows = "nixpkgs"; }; }; outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, nixpkgs-master, flake-parts, nixinate, authentik-nix, nixos-mailserver, ... }: flake-parts.lib.mkFlake { inherit inputs; } { imports = [ nixinate.flakeModule ./lib ]; flake = let system = "x86_64-linux"; specialArgs = inputs // { nodes = self.nixosConfigurations; }; overlay-unstable = final: prev: { unstable = import nixpkgs-unstable { system = prev.system; config.allowUnfree = true; }; }; overlay-master = final: prev: { master = import nixpkgs-master { system = prev.system; config.allowUnfree = true; }; }; overlays = { config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable overlay-master ]; }; mkSystem = modules: nixpkgs.lib.nixosSystem { inherit specialArgs system; modules = modules ++ (with self.nixosModules; [ nixinate.nixosModules.default overlays common users wireguard crypto ]); }; in { nixosModules = import ./modules; nixosConfigurations = with self.nixosModules; { # vultr-image = mkSystem [ common users image vultr ]; ettves = mkSystem [ (import ./machines/ettves) inputs.authentik-nix.nixosModules.default zfs teamspeak postgresql quassel powerdns acme authentik hydra homeassistant games languagetool git laplace catinator pastor # litellm monitoring monitoring-node homepage { services.nginx.virtualHosts."musicbrainz.vapor.systems" = (self.lib.nginx.proxyDomain "vapor.systems" "http://127.0.0.1:5000/"); } ]; phaenn = mkSystem [ (import ./machines/phaenn) zfs acme tlmp monitoring-node ]; mail = nixpkgs.lib.nixosSystem { inherit specialArgs; system = "aarch64-linux"; modules = (with self.nixosModules; [ nixinate.nixosModules.default overlays common users wireguard crypto (import ./machines/mail) hetzner acme nixos-mailserver.nixosModules.default mailserver ]); }; fra01 = mkSystem [ (import ./machines/fra01) vultr bgp powerdns acme garage monitoring-node ]; nyc01 = mkSystem [ (import ./machines/nyc01) vultr bgp powerdns acme garage monitoring-node ]; sin01 = mkSystem [ (import ./machines/sin01) vultr bgp powerdns acme garage monitoring-node ]; }; }; perSystem = { config, pkgs, ... }: { formatter = pkgs.nixfmt-rfc-style; }; systems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]; }; }