feat: moar nix

flake.nix

@@ -4,38 +4,110 @@
   inputs = {
     flake-parts.url = "github:hercules-ci/flake-parts";
 
+    authentik-nix.url = "github:nix-community/authentik-nix";
+    terranix.url = "github:terranix/terranix";
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    
+    # Later version of nixpkgs for forgejo
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
+    
     deploy-rs.url = "github:serokell/deploy-rs";
     agenix.url = "github:ryantm/agenix";
   };
 
   outputs = inputs@{ flake-parts, self, ... }:
+    let
+      sshUser = "root";
+      activateConfig = inputs.deploy-rs.lib.x86_64-linux.activate.nixos;
+      
+      baseModules = [
+        ./secrets
+        inputs.agenix.nixosModules.default
+        {
+          _module.args.unstable = import inputs.nixpkgs-unstable {
+            system = "x86_64-linux";
+            config.allowUnfree = true;
+          };
+        }
+      ];
+      
+      hosts = {
+        nix01 = {
+          location = "nix01.cluster";
+        };
+
+        nix02 = {
+          location = "nix02.cluster";
+        };
+      };
+    in
     flake-parts.lib.mkFlake { inherit inputs; } {
-      systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ];
+      systems = [ "x86_64-linux" ];
       perSystem = { config, self', inputs', pkgs, system, ... }: {
+        _module.args.pkgs = import inputs.nixpkgs {
+          inherit system;
+          config.allowUnfree = true;
+        };
+
         devShells.default = pkgs.mkShell {
           packages = with pkgs; [
+            terraform
             deploy-rs
+            just
             inputs'.agenix.packages.default
           ];
         };
+        
+        packages.default = inputs.terranix.lib.terranixConfiguration {
+          inherit system;
+          modules = [ ./config/tf.nix ];
+        };
       };
 
       flake = {
         nixosConfigurations.nixos = inputs.nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
-          modules = [ 
+          modules = baseModules ++ [ 
             ./config/nixos.nix 
-            ./secrets
-            inputs.agenix.nixosModules.default
           ];
         };
 
-        deploy.nodes.nixos = {
-          hostname = "nixos.cluster";
+        # deploy.nodes.nixos = {
+        #   hostname = "nixos.cluster";
+        #   profiles.system = {
+        #     sshUser = "root";
+        #     path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.nixos;
+        #   };
+        # };
+
+        nixosConfigurations.nix01 = inputs.nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = baseModules ++ [
+            ./config/nix01.nix
+          ];
+        };
+
+        deploy.nodes.nix01 = {
+          hostname = hosts.nix01.location;
           profiles.system = {
-            sshUser = "root";
-            path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.nixos;
+            inherit sshUser;
+            path = activateConfig self.nixosConfigurations.nix01;
+          };
+        };
+        
+        nixosConfigurations.nix02 = inputs.nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = baseModules ++ [
+            ./config/nix02.nix
+            inputs.authentik-nix.nixosModules.default
+          ];
+        };
+
+        deploy.nodes.nix02 = {
+          hostname = hosts.nix02.location;
+          profiles.system = {
+            inherit sshUser;
+            path = activateConfig self.nixosConfigurations.nix02;
           };
         };