nixos-config/flake.nix

{
  description = "Configuration for NixOS";
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:nixos/nixos-hardware";
    home-manager.url = "github:nix-community/home-manager";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
    lanzaboote.url = "github:nix-community/lanzaboote/v0.4.2";
    lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
    sops-nix.url = "github:Mic92/sops-nix";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
    disko.url = "github:nix-community/disko";
    disko.inputs.nixpkgs.follows = "nixpkgs";
    microvm.url = "github:astro/microvm.nix";
    microvm.inputs.nixpkgs.follows = "nixpkgs";
    nixos-secrets.url = "git+ssh://forgejo@git.garage.systems/jml/nixos-secrets.git?shallow=1";
    #nixos-secrets.flake = false;  # TODO: Why does flake need to be false?
    #nixos-secrets.inputs.nixpkgs.follows = "nixpkgs";
  };
  # https://nix.dev/tutorials/nix-language.html#named-attribute-set-argument
  outputs = inputs@{self, nixpkgs, nixos-hardware, home-manager, sops-nix, lanzaboote, disko, microvm, nixos-secrets, ...}:
  let
    mkSystem = (import ./lib {
      inherit nixpkgs home-manager inputs;
    }).mkSystem;
  in
  {
    # NOTE: Run `nix flake show` to see what this flake has to offer.
    # TODO: Enable automated formatting with something like numtide/treefmt-nix
    nixosConfigurations = {
      neon = mkSystem {
        hostname = "neon";
        users = [ "jml" ];
      };
      lithium = mkSystem {
        hostname = "lithium";
        #specialArgs = {inherit inputs;};
        extraModules = [
          inputs.sops-nix.nixosModules.sops
          inputs.nixos-secrets.nixosModules.private-config
        ];
        #extraModules = [ microvm.nixosModules.host ];
        users = [
          "jml"
          "breakglass"
        ];
      };
      titanium = mkSystem {
        hostname = "titanium";
        users = [
          "jml"
        ];
        extraModules = [];
      };
      # `nix build .#nixosConfigurations.installIso.config.system.build.isoImage`
      # https://github.com/nix-community/nixos-generators
      installIso = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
        ];
        specialArgs = {inherit inputs;};
      };
    }; 
    homeConfigurations = {
      "jml" = home-manager.lib.homeManagerConfiguration {
        modules = [
          ./users/jml/home.nix
        ];
      };
    };
  };
}