{ description = "Gortium infra flake"; inputs = { nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; agenix = { url = "github:ryantm/agenix"; inputs.darwin.follows = ""; inputs.nixpkgs.follows = "nixpkgs"; }; lix = { url = "git+https://git.lix.systems/lix-project/lix?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; }; nixpkgs-uconsole.url = "github:NixOS/nixpkgs/nixos-25.11"; nixos-uconsole = { url = "github:gortium/nixos-uconsole/cm5_fix"; inputs.nixpkgs.follows = "nixpkgs-uconsole"; inputs.nixos-raspberrypi.follows = "nixos-raspberrypi"; }; nixos-raspberrypi = { url = "github:gortium/nixos-raspberrypi/cm5-cross-v1"; inputs.nixpkgs.follows = "nixpkgs-uconsole"; }; }; outputs = { self, nixpkgs, agenix, lix , nixpkgs-uconsole, nixos-uconsole, nixos-raspberrypi , ... }@inputs: let system = "x86_64-linux"; keys = import ./lib/keys.nix; paths = { flake = "/home/gortium/infra"; identities = [ "/home/gortium/.ssh/gortium_ssh_key" "/etc/ssh/ssh_host_ed25519_key" "/root/.age/bootstrap.key" ]; }; overlays = [ agenix.overlays.default ]; pkgs = import nixpkgs { inherit system overlays; config.allowUnfree = true; config.permittedInsecurePackages = [ "openclaw-2026.3.12" ]; }; devShell = import ./shells/nix_dev.nix { inherit pkgs system agenix; }; in { nixosConfigurations = { lazyworkhorse = nixpkgs.lib.nixosSystem { specialArgs = { inherit system self keys paths inputs; }; modules = [ { nixpkgs.overlays = overlays; nixpkgs.config.allowUnfree = true; nixpkgs.config.rocmSupport = true; nixpkgs.config.permittedInsecurePackages = [ "openclaw-2026.3.12" ]; nix.package = lix.packages.${system}.default; } agenix.nixosModules.default ./hosts/lazyworkhorse/configuration.nix ./hosts/lazyworkhorse/hardware-configuration.nix ./modules/nixos/filesystem/hoardingcow-mount.nix ./modules/nixos/services/docker_manager.nix ./modules/nixos/services/open_code_server.nix ./modules/nixos/services/ollama_init_custom_models.nix ./modules/nixos/services/openclaw_node.nix ./modules/nixos/security/ai-worker-restricted.nix ./users/gortium.nix ./users/ai-worker.nix ]; }; cyt-pi = nixpkgs.lib.nixosSystem { specialArgs = { inherit self keys paths inputs; }; modules = [ { nixpkgs.overlays = overlays; nixpkgs.config.allowUnfree = true; nixpkgs.hostPlatform = "aarch64-linux"; nix.package = lix.packages."aarch64-linux".default; } ./hosts/cyt-pi/configuration.nix ./hosts/cyt-pi/hardware-configuration.nix ]; }; uconsole-cm5 = nixpkgs-uconsole.lib.nixosSystem { system = "aarch64-linux"; specialArgs = { inherit self keys paths inputs; nixos-raspberrypi = nixos-raspberrypi; isCM4 = false; }; modules = [ { nixpkgs.buildPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.config.allowUnfree = true; boot.loader.raspberry-pi.bootloader = "kernel"; # Kill camera packages — not needed on uConsole, break cross-compile nixpkgs.overlays = [ # Make camera packages "unavailable" so no pkgs depend on them (final: prev: { libcamera = prev.libcamera.overrideAttrs (_: { meta.platforms = []; }); libcamera-rpi = prev.libcamera-rpi.overrideAttrs (_: { meta.platforms = []; }); libpisp = prev.libpisp.overrideAttrs (_: { meta.platforms = []; }); # Pipewire in nixos-25.11 has libcamera unconditionally in buildInputs; # meta.platforms trick doesn't help — must actually remove it pipewire = prev.pipewire.overrideAttrs (old: { buildInputs = builtins.filter (x: !(x?pname && x.pname == "libcamera")) (old.buildInputs or []); mesonFlags = builtins.filter (flag: !(builtins.isString flag && builtins.match ".*libcamera.*" flag != null)) (old.mesonFlags or []) ++ [ "-Dlibcamera=disabled" ]; }); }) ]; } nixos-raspberrypi.nixosModules.nixpkgs-rpi # Disable libcamera in rpi pipewire too (separate nixpkgs instance) ({ config, lib, pkgs, ... }: { nixpkgs.overlays = [ (final: prev: { pipewire = prev.pipewire.overrideAttrs (old: { buildInputs = builtins.filter (x: !(x?pname && x.pname == "libcamera")) (old.buildInputs or []); mesonFlags = builtins.filter (flag: !(builtins.isString flag && builtins.match ".*libcamera.*" flag != null)) (old.mesonFlags or []) ++ [ "-Dlibcamera=disabled" ]; }); }) ]; }) # Patches are now in gortium/nixos-uconsole fork (cm5_fix branch) nixos-raspberrypi.nixosModules.raspberry-pi-5.base nixos-raspberrypi.lib.inject-overlays nixos-raspberrypi.lib.inject-overlays-global nixos-uconsole.nixosModules.uconsole-cm5 ({ config, lib, pkgs, inputs, ... }: let lix-cross = import inputs.nixpkgs-uconsole { localSystem = { system = "x86_64-linux"; }; crossSystem = { system = "aarch64-linux"; }; overlays = [ inputs.lix.overlays.default ]; }; in { nix.package = lix-cross.lix; }) agenix.nixosModules.default ./hosts/uconsole-cm5/configuration.nix ./hosts/uconsole-cm5/hardware-configuration.nix ]; }; }; devShells.${system}.default = devShell; packages.${system} = { uconsole-cm5-image = (nixos-raspberrypi.lib.nixosSystem { system = "aarch64-linux"; specialArgs = { inherit self keys inputs; nixos-raspberrypi = nixos-raspberrypi; isCM4 = false; }; modules = [ { nixpkgs.buildPlatform = system; nixpkgs.hostPlatform = "aarch64-linux"; } nixos-raspberrypi.nixosModules.nixpkgs-rpi nixos-raspberrypi.nixosModules.raspberry-pi-5.base nixos-raspberrypi.lib.inject-overlays-global nixos-raspberrypi.nixosModules.sd-image nixos-uconsole.nixosModules.uconsole-cm5 agenix.nixosModules.default ./hosts/uconsole-cm5/configuration.nix ]; }).config.system.build.sdImage; }; }; }