{ description = "ops-jrz1 NixOS server configuration with Matrix platform"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; sops-nix = { url = "github:Mic92/sops-nix/c2ea1186c0cbfa4d06d406ae50f3e4b085ddc9b3"; # Pin to June 2024 version compatible with nixpkgs 24.05 inputs.nixpkgs.follows = "nixpkgs"; }; opencode = { url = "github:sst/opencode/f6fe709f6ee75427ba64829af25b64d9a3111569"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; }; outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, ... }@inputs: let system = "x86_64-linux"; in { # Pre-deploy checks: nix flake check checks.${system} = { # Verify production config evaluates and builds ops-jrz1-config = self.nixosConfigurations.ops-jrz1.config.system.build.toplevel; # Verify VM config evaluates (lighter weight) ops-jrz1-vm-config = self.nixosConfigurations.ops-jrz1-vm.config.system.build.toplevel; }; nixosConfigurations = { # Production configuration (for actual VPS deployment) ops-jrz1 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { pkgs-unstable = import nixpkgs-unstable { system = "x86_64-linux"; config = { allowUnfree = true; permittedInsecurePackages = [ "olm-3.2.16" # Required by mautrix bridges ]; }; }; opencode = inputs.opencode.packages.x86_64-linux.default; }; modules = [ ./configuration.nix ./hosts/ops-jrz1.nix sops-nix.nixosModules.sops ]; }; # VM testing configuration (for local validation before deployment) ops-jrz1-vm = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { pkgs-unstable = import nixpkgs-unstable { system = "x86_64-linux"; config = { allowUnfree = true; permittedInsecurePackages = [ "olm-3.2.16" # Required by mautrix bridges (VM testing only) ]; }; }; opencode = inputs.opencode.packages.x86_64-linux.default; }; modules = [ ./configuration.nix ./hosts/ops-jrz1-vm.nix # Note: No sops-nix for VM testing ]; }; }; }; }