panacea/flake.nix

78 lines
2.1 KiB
Nix

{
description = "System configuration for panacea";
nixConfig = {
extra-substituters =
"https://cachix.cachix.org https://nix-community.cachix.org";
extra-trusted-public-keys = ''
cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=
nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs='';
};
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
openconnect-sso = {
url = "github:ThinkChaos/openconnect-sso/fix/nix-flake";
inputs.nixpkgs.follows = "nixpkgs";
};
cyrus-sasl-xoauth2 = {
url = "github:robn/sasl2-oauth";
flake = false;
};
nix-index-database = {
url = "github:Mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.3.0";
inputs.nixpkgs.follows = "nixpkgs";
};
local-bitwig = {
url = "path:/home/coolneng/Projects/panacea/assets/bitwig";
flake = false;
};
};
outputs = { self, nixpkgs, nixos-hardware, agenix, nix-index-database
, lanzaboote, ... }@inputs:
let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
(final: prev: {
emacs-vterm =
((pkgs.emacsPackagesFor pkgs.emacs29-pgtk).emacsWithPackages
(epkgs: with epkgs; [ vterm mu4e ]));
})
];
};
lib = nixpkgs.lib;
in {
nixosConfigurations.panacea = lib.nixosSystem {
inherit system;
modules = [
(import ./configuration.nix)
nixos-hardware.nixosModules.lenovo-thinkpad-e14-amd
agenix.nixosModules.age
nix-index-database.nixosModules.nix-index
lanzaboote.nixosModules.lanzaboote
];
specialArgs = {
inherit inputs;
inherit pkgs;
};
};
};
}