{ description = "nix infra for tangled"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; tangled.url = "git+https://tangled.org/tangled.org/core?ref=master"; tangled-mirror.url = "git+https://tangled.org/tangled.org/core?ref=master"; colmena.url = "github:zhaofengli/colmena/release-0.4.x"; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; nixery-flake = { type = "github"; owner = "tazjin"; repo = "nixery"; flake = false; }; atlogin.url = "git+https://tangled.org/anirudh.fi/atlogin"; }; outputs = { nixpkgs, disko, colmena, nixery-flake, tangled, tangled-mirror, atlogin, ... }: let lib = nixpkgs.lib; system = "x86_64-linux"; commonArgs = import ./common/ssh.nix; baseModules = [ disko.nixosModules.disko ./common/base.nix ./common/tailscale.nix ]; mkHost = hostname: extraModules: lib.nixosSystem { inherit system; specialArgs = { inherit commonArgs; }; modules = baseModules ++ [ ./hosts/${hostname}/configuration.nix ] ++ extraModules; }; mkColmenaHost = hostname: targetHost: targetPort: extraModules: { deployment = { inherit targetHost targetPort; targetUser = "tangler"; buildOnTarget = true; }; nixpkgs.system = system; time.timeZone = "Europe/Helsinki"; imports = baseModules ++ [ ./hosts/${hostname}/configuration.nix ] ++ extraModules; }; hosts = { appview = { modules = [ tangled.nixosModules.appview ./hosts/appview/services/appview.nix ./hosts/appview/services/nginx.nix ./hosts/appview/services/litestream.nix ]; target = "appview-arn"; port = 2222; }; pds = { modules = [ ./hosts/pds/services/nginx.nix ./hosts/pds/services/pds.nix ]; target = "tngl.sh"; }; nixery = { modules = [ tangled.nixosModules.spindle ./hosts/nixery/services/nginx.nix ./hosts/nixery/services/openbao/openbao.nix ./hosts/nixery/services/openbao/proxy.nix ./hosts/nixery/services/nixery.nix ]; target = "nixery.tangled.sh"; }; spindle = { modules = [ tangled.nixosModules.spindle ./hosts/spindle/services/openbao/openbao.nix ./hosts/spindle/services/openbao/proxy.nix ./hosts/spindle/services/spindle.nix ./hosts/spindle/services/nginx.nix ]; target = "spindle.alpha.tangled.sh"; }; spindle-hel = { modules = [ tangled.nixosModules.spindle ./hosts/spindle-hel/services/openbao/openbao.nix ./hosts/spindle-hel/services/openbao/proxy.nix ./hosts/spindle-hel/services/spindle.nix ./hosts/spindle-hel/services/nginx.nix ]; target = "135.181.240.228"; }; knot1 = { modules = [ tangled.nixosModules.knot ./hosts/knot1/services/knot.nix ./hosts/knot1/services/nginx.nix ]; target = "85.9.211.103"; }; mirror = { modules = [ tangled-mirror.nixosModules.knotmirror atlogin.nixosModules.default ./hosts/mirror/services/knotmirror.nix ./hosts/mirror/services/nginx.nix ./hosts/mirror/services/atlogin.nix ./hosts/mirror/services/prometheus.nix ]; target = "81.27.110.122"; }; }; in { nixosConfigurations = lib.mapAttrs (name: host: mkHost name host.modules) hosts; colmenaHive = colmena.lib.makeHive ( { meta = { nixpkgs = nixpkgs.legacyPackages.${system}; specialArgs = { inherit commonArgs; nixery-pkgs = import nixery-flake.outPath { pkgs = import nixpkgs { inherit system; }; }; tangled-pkgs = tangled.packages.x86_64-linux; }; }; } // lib.mapAttrs (name: host: mkColmenaHost name host.target (host.port or 22) host.modules) hosts ); }; }