{ self , nixpkgs-unstable , nixpkgs , sops-nix , inputs , microvm , nixos-hardware , home-manager , ... }: let nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem; nixosSystemUnstable = nixpkgs-unstable.lib.makeOverridable nixpkgs-unstable.lib.nixosSystem; baseModules = [ # make flake inputs accessiable in NixOS { _module.args.inputs = inputs; } { imports = [ ({ pkgs, ... }: { nix = { extraOptions = '' experimental-features = nix-command flakes ''; settings = { substituters = [ "https://cache.dynamicdiscord.de" "https://cache.nixos.org/" ]; trusted-public-keys = [ "cache.dynamicdiscord.de:DKueZicqi2NhJJXz9MYgUbiyobMs10fTyHCgAUibRP4=" ]; trusted-users = [ "root" "@wheel" ]; }; }; }) sops-nix.nixosModules.sops microvm.nixosModules.microvm ]; } ]; defaultModules = baseModules; makeMicroVM = hostName: ipv4Addr: macAddr: modules: [ { microvm = { hypervisor = "cloud-hypervisor"; mem = 2560; shares = [ { source = "/nix/store"; mountPoint = "/nix/.ro-store"; tag = "store"; proto = "virtiofs"; socket = "store.socket"; } { source = "/var/lib/microvms/${hostName}/etc"; mountPoint = "/etc"; tag = "etc"; proto = "virtiofs"; socket = "etc.socket"; } { source = "/var/lib/microvms/${hostName}/var"; mountPoint = "/var"; tag = "var"; proto = "virtiofs"; socket = "var.socket"; } ]; interfaces = [ { type = "tap"; id = "vm-${hostName}"; mac = "${macAddr}"; } ]; }; systemd.network.enable = true; systemd.network.networks."20-lan" = { matchConfig.Type = "ether"; networkConfig = { Address = [ "${ipv4Addr}/24" ]; Gateway = "10.0.0.1"; DNS = ["1.1.1.1"]; DHCP = "no"; }; }; } ] ++ defaultModules ++ modules; inputsMod = inputs // { malobeo = self; }; in { louise = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; modules = defaultModules ++ [ ./louise/configuration.nix ]; }; bakunin = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; modules = defaultModules ++ [ ./bakunin/configuration.nix inputs.disko.nixosModules.disko ]; }; lucia = nixosSystem { system = "aarch64-linux"; specialArgs.inputs = inputs; modules = defaultModules ++ [ ./lucia/configuration.nix ./lucia/hardware_configuration.nix ]; }; fanny = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputsMod; modules = defaultModules ++ [ self.nixosModules.malobeo.vpn ./fanny/configuration.nix ]; }; durruti = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; specialArgs.self = self; modules = makeMicroVM "durruti" "10.0.0.5" "52:DA:0D:F9:EF:F9" [ ./durruti/configuration.nix ]; }; vpn = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; specialArgs.self = self; modules = makeMicroVM "vpn" "10.0.0.10" "D0:E5:CA:F0:D7:E6" [ self.nixosModules.malobeo.vpn ./vpn/configuration.nix ]; }; infradocs = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; specialArgs.self = self; modules = makeMicroVM "infradocs" "10.0.0.11" "D0:E5:CA:F0:D7:E7" [ self.nixosModules.malobeo.vpn ./infradocs/configuration.nix ]; }; uptimekuma = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; specialArgs.self = self; modules = makeMicroVM "uptimekuma" "10.0.0.12" "D0:E5:CA:F0:D7:E8" [ ./uptimekuma/configuration.nix ]; }; testvm = nixosSystem { system = "x86_64-linux"; specialArgs.inputs = inputs; specialArgs.self = self; modules = defaultModules ++ [ ./testvm ]; }; }