nix-config/flake.nix

{
  description = "EscapeAngle's Nix config";

  inputs = {
    # Nixpkgs
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";

    # Secrets
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # disko
    disko = {
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # theme
    catppuccin = {
      url = "github:catppuccin/nix/release-25.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # Home manager
    home-manager = {
      url = "github:nix-community/home-manager/release-25.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # colmena
    colmena = {
      url = "github:zhaofengli/colmena";
      inputs = {
        nixpkgs.follows = "nixpkgs-unstable";
        stable.follows = "nixpkgs";
      };
    };

    # nixos-wsl
    nixos-wsl = {
      url = "github:nix-community/NixOS-WSL/main";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };

    # neovim
    nixvim = {
      url = "git+https://git.escapeangle.com/lander/nixvim.git";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };

    # mailserver
    nixos-mailserver = {
      url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # headplane
    headplane = {
      url = "github:igor-ramazanov/headplane";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # tidalcycles
    tidalcycles = {
      url = "github:mitchmindtree/tidalcycles.nix";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };
  };

  outputs =
    {
      self,
      nixpkgs,
      tidalcycles,
      colmena,
      ...
    }@inputs:
    let
      inherit (self) outputs;

      # I only care about linux builds
      systems = [
        "aarch64-linux"
        "x86_64-linux"
      ];

      forAllSystems = nixpkgs.lib.genAttrs systems;
    in
    rec {
      # custom pkgs
      packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});

      formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);

      overlays = import ./overlays { inherit inputs; };

      nixosModules = import ./modules/nixos;
      homeManagerModules = import ./modules/home-manager;

      devShells = forAllSystems (
        system:
        let
          pkgs = nixpkgs.legacyPackages.${system};
        in
        {
          default = pkgs.mkShell {
            buildInputs = [
              colmena.packages.${system}.colmena
            ];
          };
        }
      );

      nixosConfigurations =
        let
          hetzner = import ./lib/hetzner.nix { inherit inputs nixpkgs; };
        in
        {
          # Workstations
          wodan = nixpkgs.lib.nixosSystem {
            specialArgs = { inherit inputs outputs; };
            modules = [
              { nixpkgs.overlays = [ overlays.additions ]; }
              {
                nixpkgs.overlays = [
                  tidalcycles.overlays.default
                  (_: prev: {
                    tailscale = prev.tailscale.overrideAttrs (old: {
                      checkFlags = builtins.map (
                        flag:
                        if prev.lib.hasPrefix "-skip=" flag then
                          flag + "|^TestGetList$|^TestIgnoreLocallyBoundPorts$|^TestPoller$"
                        else
                          flag
                      ) old.checkFlags;
                    });
                  })
                ];
              }
              { nixpkgs.overlays = [ tidalcycles.overlays.default ]; }
              ./hosts/wodan
            ];
          };
          widar = nixpkgs.lib.nixosSystem {
            specialArgs = { inherit inputs outputs; };
            modules = [
              ./hosts/widar
            ];
          };
          heimdall = nixpkgs.lib.nixosSystem {
            system = "x86_64-linux";
            specialArgs = { inherit inputs outputs; };
            modules = [
              { nixpkgs.overlays = [ overlays.additions ]; }
              ./hosts/heimdall
            ];
          };

          # servers
          db-01 = hetzner.mkMachine "db-01" {
            ipv6Address = "2a01:4f8:c012:15d4::/64";
          };
          hosting-01 = nixpkgs.lib.nixosSystem {
            system = "aarch64-linux";
            specialArgs = { inherit inputs outputs; };
            modules = [
              ./hosts/hosting-01
            ];
          };
          hosting-02 = hetzner.mkMachine "hosting-02" {
            ipv6Address = "2a01:4f8:c013:7fc0::/64";
          };
          mail-01 = nixpkgs.lib.nixosSystem {
            system = "aarch64-linux";
            specialArgs = { inherit inputs outputs; };
            modules = [
              ./hosts/mail-01
            ];
          };
        };

      colmenaHive =
        let
          servers = builtins.map (file: nixpkgs.lib.removeSuffix ".nix" file) (
            builtins.filter (file: file != "common.nix" && nixpkgs.lib.hasSuffix ".nix" file) (
              builtins.attrNames (builtins.readDir ./hosts/servers)
            )
          );

          colmenaConfig = nixpkgs.lib.genAttrs servers (
            name:
            { ... }:
            let
              diskConfig = import ./lib/disk-config.nix { inherit nixpkgs; };
              machineConfig = import ./hosts/servers/${name}.nix;
            in
            {
              imports = [
                inputs.disko.nixosModules.disko
                inputs.sops-nix.nixosModules.sops
                nixosModules.bandcamp-collection-downloader
                nixosModules.namespaced-vpn
                nixosModules.storagebox
                nixosModules.wrtagweb

                ./hosts/servers/common.nix

                diskConfig
                machineConfig
              ];

              deployment = {
                targetHost = "${name}.escapeangle.com";
                targetPort = 22;
                targetUser = "root";
                buildOnTarget = true;
              };
            }
          );
        in
        colmena.lib.makeHive (
          {
            meta = {
              nixpkgs = import nixpkgs {
                system = "aarch64-linux";
                overlays = [ overlays.unstable-packages ];
              };
            };
          }
          // colmenaConfig
        );
    };
}