50 lines
1.5 KiB
Nix
50 lines
1.5 KiB
Nix
{
|
|
withSystem,
|
|
lib,
|
|
inputs,
|
|
...
|
|
}: {
|
|
flake = {
|
|
nixosConfigurations = withSystem "x86_64-linux" ({
|
|
system,
|
|
self',
|
|
pkgs,
|
|
...
|
|
}: let
|
|
machines = builtins.attrNames (builtins.readDir ./machines);
|
|
makeSystem = name:
|
|
pkgs.nixos {
|
|
imports = [
|
|
(import (./. + "/machines/${name}/configuration.nix") inputs)
|
|
inputs.secrets.nixosModules.default
|
|
inputs.impermanence.nixosModules.impermanence
|
|
inputs.self.nixosModules.unstableNFTables
|
|
];
|
|
};
|
|
in
|
|
lib.genAttrs machines makeSystem);
|
|
nixosModules.unstableNFTables = _: {
|
|
disabledModules = [
|
|
"services/networking/firewall.nix"
|
|
"services/networking/nftables.nix"
|
|
"services/networking/nat.nix"
|
|
"services/networking/redsocks.nix"
|
|
"services/networking/miniupnpd.nix"
|
|
"services/audio/roon-server.nix"
|
|
"services/audio/roon-bridge.nix"
|
|
];
|
|
imports = let
|
|
networkingModule = name: "${inputs.nixos-unstable}/nixos/modules/services/networking/${name}.nix";
|
|
in [
|
|
# nftables using module not available in 22.11.
|
|
(networkingModule "firewall-iptables")
|
|
(networkingModule "firewall-nftables")
|
|
(networkingModule "firewall")
|
|
(networkingModule "nat-iptables")
|
|
(networkingModule "nat-nftables")
|
|
(networkingModule "nat")
|
|
(networkingModule "nftables")
|
|
];
|
|
};
|
|
};
|
|
}
|