{ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; # naersk and flake utils are not used by this flake directly, but needed # for the follows in all the other ones. naersk = { url = "github:nix-community/naersk"; inputs.nixpkgs.follows = "nixpkgs"; }; # DO NOT remame this to utils flake-utils.url = github:numtide/flake-utils; microvm = { url = "github:astro/microvm.nix"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; ## TLMS stuff below documentation-src = { url = "github:tlm-solutions/documentation"; flake = false; }; trekkie = { url = "github:tlm-solutions/trekkie"; inputs = { nixpkgs.follows = "nixpkgs"; naersk.follows = "naersk"; tlms-rs.follows = "tlms-rs"; utils.follows = "flake-utils"; }; }; datacare = { url = "github:tlm-solutions/datacare"; }; kindergarten = { url = "github:tlm-solutions/kindergarten"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; telegram-decoder = { url = "github:tlm-solutions/telegram-decoder"; inputs = { nixpkgs.follows = "nixpkgs"; naersk.follows = "naersk"; utils.follows = "flake-utils"; }; }; gnuradio-decoder = { url = "github:tlm-solutions/gnuradio-decoder"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; data-accumulator = { url = "github:tlm-solutions/data-accumulator"; inputs.nixpkgs.follows = "nixpkgs"; inputs.naersk.follows = "naersk"; inputs.utils.follows = "flake-utils"; }; lizard = { url = "github:tlm-solutions/lizard"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; bureaucrat = { url = "github:tlm-solutions/bureaucrat"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; funnel = { url = "github:tlm-solutions/funnel"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; windshield = { url = "github:tlm-solutions/windshield/hotfix"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; }; tlms-rs = { url = "github:tlm-solutions/tlms.rs"; inputs.nixpkgs.follows = "nixpkgs"; }; chemo = { url = "github:tlm-solutions/chemo"; inputs.nixpkgs.follows = "nixpkgs"; }; borzoi = { url = "github:tlm-solutions/borzoi"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = inputs@{ self , borzoi , data-accumulator , datacare , documentation-src , funnel , gnuradio-decoder , kindergarten , microvm , nixpkgs , sops-nix , lizard , bureaucrat , telegram-decoder , trekkie , windshield , chemo , ... }: let pkgs = nixpkgs.legacyPackages."x86_64-linux"; lib = pkgs.lib; data-hoarder-modules = [ ./modules/data-hoarder ./modules/TLMS data-accumulator.nixosModules.default datacare.nixosModules.default funnel.nixosModules.default sops-nix.nixosModules.sops lizard.nixosModules.default bureaucrat.nixosModules.default trekkie.nixosModules.default chemo.nixosModules.default { nixpkgs.overlays = [ datacare.overlays.default kindergarten.overlays.default trekkie.overlays.default lizard.overlays.default bureaucrat.overlays.default funnel.overlays.default data-accumulator.overlays.default windshield.overlays.default chemo.overlays.default (final: prev: { inherit documentation-src; options-docs = (pkgs.nixosOptionsDoc { options = self.nixosConfigurations.data-hoarder.options.TLMS; }).optionsCommonMark; }) ]; } ]; stop-box-modules = [ ./modules/TLMS telegram-decoder.nixosModules.default gnuradio-decoder.nixosModules.default { nixpkgs.overlays = [ telegram-decoder.overlays.default gnuradio-decoder.overlays.default ]; } ]; # function that generates a system with the given number generate_system = (id: arch: monitoring: { "traffic-stop-box-${toString id}" = nixpkgs.lib.nixosSystem { system = arch; specialArgs = inputs; modules = let monitoring-mod = if monitoring then { deployment-TLMS.monitoring.enable = true; } else { deployment-TLMS.monitoring.enable = false; }; in [ # box-specific config ./hosts/traffic-stop-box/${toString id} # default modules sops-nix.nixosModules.sops ./modules/traffic-stop-box ./modules/TLMS { deployment-TLMS.systemNumber = id; } monitoring-mod ] ++ stop-box-modules; }; } ); id_list = [ { # Barkhausen Bau id = 0; arch = "x86_64-linux"; monitoring = true; } { # Zentralwerk id = 1; arch = "x86_64-linux"; monitoring = true; } { # Chemnitz id = 2; arch = "x86_64-linux"; monitoring = false; } { # unused id = 3; arch = "aarch64-linux"; monitoring = false; } { # Wundstr. 9 id = 4; arch = "x86_64-linux"; monitoring = true; } { # Warpzone id = 6; arch = "x86_64-linux"; monitoring = true; } { id = 7; arch = "x86_64-linux"; monitoring = false; } { id = 8; arch = "aarch64-linux"; monitoring = false; } { id = 9; arch = "aarch64-linux"; monitoring = false; } { id = 10; arch = "x86_64-linux"; monitoring = false; } ]; # attribute set of all traffic stop boxes stop_boxes = nixpkgs.lib.foldl (x: y: nixpkgs.lib.mergeAttrs x (generate_system y.id y.arch y.monitoring)) { } id_list; packages = { staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner; borken-microvm = self.nixosConfigurations.borken-data-hoarder.config.microvm.declaredRunner; data-hoarder-microvm = self.nixosConfigurations.data-hoarder.config.microvm.declaredRunner; fuck-microvm = self.nixosConfigurations.fuck.config.system.build.vm; docs = pkgs.callPackage ./pkgs/documentation.nix { inherit documentation-src; options-docs = (pkgs.nixosOptionsDoc { options = self.nixosConfigurations.data-hoarder.options.TLMS; }).optionsCommonMark; }; test-vm-wrapper = let cfg = self.nixosConfigurations.fuck.config; in (pkgs.writeScript "datacare-test-vm-wrapper" '' set -e echo Datacare-McTest: enterprise-grade, free-range, grass-fed testing vm echo "ALL RELEVANT SERVICES WILL BE EXPOSED TO THE HOST:" echo -e "Service\t\tPort" echo -e "SSH:\t\t2223\troot:lol" echo -e "trekkie:\t${toString cfg.TLMS.trekkie.port}" echo -e "datacare:\t${toString cfg.TLMS.datacare.http.port}" echo -e "data-accumulator:\t${toString cfg.TLMS.dataAccumulator.port}" echo -e "funnel:\t${toString cfg.TLMS.funnel.defaultWebsocket.port}" echo set -x export QEMU_NET_OPTS="hostfwd=tcp::2223-:22,hostfwd=tcp::80-:80,hostfwd=tcp::8050-:${toString cfg.TLMS.trekkie.port},hostfwd=tcp::8060-:${toString cfg.TLMS.datacare.http.port},hostfwd=tcp::8070-:${toString cfg.TLMS.dataAccumulator.port},hostfwd=tcp::8080-:${toString cfg.TLMS.funnel.defaultWebsocket.port}" echo "running the vm now..." ${self.packages."x86_64-linux".fuck-microvm}/bin/run-staging-data-hoarder-vm ''); } // (import ./pkgs/deployment.nix { inherit self pkgs; systems = stop_boxes; }) // (lib.foldl (x: y: lib.mergeAttrs x { "${y.config.system.name}-vm" = y.config.system.build.vm; }) { } (lib.attrValues self.nixosConfigurations)); in { packages."x86_64-linux" = packages; nixosConfigurations = stop_boxes // { data-hoarder = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ microvm.nixosModules.microvm ./hosts/data-hoarder ] ++ data-hoarder-modules; }; staging-data-hoarder = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ ./hosts/staging-data-hoarder microvm.nixosModules.microvm ] ++ data-hoarder-modules; }; borken-data-hoarder = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ ./hosts/borken-data-hoarder microvm.nixosModules.microvm ] ++ data-hoarder-modules; }; fuck = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ microvm.nixosModules.microvm ./hosts/staging-data-hoarder ./hosts/fuck { deployment-TLMS.monitoring.enable = false; } ] ++ data-hoarder-modules; }; notice-me-senpai = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ sops-nix.nixosModules.sops ./modules/TLMS ./hosts/notice-me-senpai ]; }; tram-borzoi = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs self; }; modules = [ sops-nix.nixosModules.sops microvm.nixosModules.microvm borzoi.nixosModules.default { nixpkgs.overlays = [ borzoi.overlays.default ]; } ./modules/TLMS ./hosts/tram-borzoi ]; }; }; apps."x86_64-linux".mctest = { type = "app"; program = "${self.packages."x86_64-linux".test-vm-wrapper}"; }; nixosModules."x86_64-linux".watch-me-senpai = import ./modules/watch-me-senpai; hydraJobs = (lib.mapAttrs (_name: value: { ${value.config.system.build.toplevel.system} = value.config.system.build.toplevel; }) self.nixosConfigurations) // { sops-binaries."x86_64-linux" = sops-nix.packages."x86_64-linux".sops-install-secrets; }; }; }