synix/templates/microvm/flake.nix

{
  description = "MicroVM NixOS configurations";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";

    microvm.url = "github:microvm-nix/microvm.nix";
    microvm.inputs.nixpkgs.follows = "nixpkgs";

    synix.url = "git+https://git.sid.ovh/sid/synix.git?ref=release-25.11";
    synix.inputs.nixpkgs.follows = "nixpkgs";
  };

  outputs =
    {
      self,
      nixpkgs,
      ...
    }@inputs:
    let
      inherit (self) outputs;

      systems = [
        "x86_64-linux"
      ];

      lib = nixpkgs.lib.extend (_final: _prev: inputs.synix.lib or { });

      inherit (lib.helpers) mkPkgs;

      forAllSystems =
        function:
        lib.genAttrs systems (
          system:
          function (mkPkgs {
            inherit system;
          })
        );

      mkNixosConfiguration =
        system: modules:
        nixpkgs.lib.nixosSystem {
          inherit system modules;
          specialArgs = {
            inherit inputs outputs lib;
          };
        };

      mkApp = program: description: {
        type = "app";
        inherit program;
        meta.description = description;
      };
    in
    {
      apps = forAllSystems (
        pkgs:
        let
          inherit (pkgs.stdenv.hostPlatform) system;
          inherit (self.nixosConfigurations."microvm-${system}".config) microvm;
          inherit (pkgs.lib) getExe;
        in
        {
          rebuild = mkApp (getExe microvm.deploy.rebuild) "Rebuild the VM.";
          microvm = mkApp (getExe microvm.declaredRunner) "Run the VM.";
        }
      );

      packages = forAllSystems (pkgs: import ./pkgs { inherit pkgs; });

      overlays = import ./overlays { inherit (self) inputs; };

      devShells = forAllSystems (pkgs: {
        default = pkgs.mkShell {
          buildInputs = with pkgs; [
            tmux
          ];
        };
        # FIXME: `microvm.deploy.rebuild` does not seem to care about askpass
        # shellHook = ''
        #   export SSH_ASKPASS="pass <SUDO_BUILD_HOST_PASSWORD>"
        #   export SSH_ASKPASS_REQUIRE="force"
        # '';
      });

      nixosModules = import ./modules;

      nixosConfigurations = {
        microvm-x86_64-linux = mkNixosConfiguration "x86_64-linux" [ ./config ];
        microvm-aarch64-linux = mkNixosConfiguration "aarch64-linux" [ ./config ];
      };

      checks = forAllSystems (
        pkgs:
        let
          inherit (pkgs.stdenv.hostPlatform) system;
        in
        {
          inherit (inputs.synix.checks.${system}) pre-commit-check build-additions build-modifications;
        }
      );

      inherit (inputs.synix) formatter;
    };
}