chiasson-nix/modules/deploy/navi.nix

{
  inputs,
  self,
  lib,
  ...
}:
let
  ssh = self.lib.sshInventory;

  # Remote deploy identity (see `nixosModules.systemDeployBuilder`).
  defaultTargetUser = _: "builder";

  hostSpecs = {
    "14900k" = {
      configuration = self.nixosModules."14900kConfiguration";
      system = "x86_64-linux";
      specialArgs = {
        inherit self inputs;
        host = "14900k";
        system = "x86_64-linux";
      };
    };
    ideapad = {
      configuration = self.nixosModules.ideapadConfiguration;
      system = "aarch64-linux";
      specialArgs = {
        inherit self inputs;
        host = "ideapad";
        system = "aarch64-linux";
      };
    };
    t2mbp = {
      configuration = self.nixosModules.t2mbpConfiguration;
      system = "x86_64-linux";
      specialArgs = {
        inherit self inputs;
        host = "t2mbp";
        system = "x86_64-linux";
      };
    };
    uConsole = {
      modules = [
        inputs.nixos-raspberrypi.nixosModules.raspberry-pi-5.base
        inputs.oom-hardware.nixosModules.uc.kernel
        inputs.oom-hardware.nixosModules.uc.configtxt
        inputs.oom-hardware.nixosModules.uc.base-cm5
        self.nixosModules.uConsoleConfiguration
      ];
      system = "aarch64-linux";
      specialArgs = inputs // {
        inherit self;
        inputs = inputs;
        host = "uConsole";
        system = "aarch64-linux";
      };
    };
    nix-server = {
      configuration = self.nixosModules.nix-serverConfiguration;
      system = "x86_64-linux";
      specialArgs = {
        inherit self inputs;
        host = "nix-server";
        system = "x86_64-linux";
      };
    };
    r5500 = {
      configuration = self.nixosModules.r5500Configuration;
      system = "x86_64-linux";
      specialArgs = {
        inherit self inputs;
        host = "r5500";
        system = "x86_64-linux";
      };
    };
  };

  deployments = lib.mapAttrs (
    name: entry:
    {
      targetHost = entry.hostName;
      targetUser = defaultTargetUser name;
      tags =
        [ name ]
        ++ lib.optionals (name == "nix-server") [ "server" ]
        ++ lib.optionals (lib.elem name [
          "ideapad"
          "uConsole"
        ]) [ "aarch64" ];
    }
    // lib.optionalAttrs (name == "14900k") {
      allowLocalDeployment = true;
    }
    // lib.optionalAttrs (name == "nix-server") {
      targetPort = 22;
    }
  ) ssh.activeHosts;

  metaNixpkgs = import inputs.nixpkgs {
    system = "x86_64-linux";
  };
in
{
  flake.navi = self.lib.mkNaviHiveConfig {
    inherit metaNixpkgs hostSpecs deployments;
  };

  flake.naviHive = inputs.navi.lib.makeHive self.outputs.navi;

  perSystem =
    {
      pkgs,
      system,
      ...
    }:
    lib.optionalAttrs (lib.elem system [
      "x86_64-linux"
      "aarch64-linux"
    ]) {
      devShells.default = pkgs.mkShell {
        packages = [ inputs.navi.packages.${system}.default ];
        shellHook = ''
          echo "Navi fleet deploy (from repo root):"
          echo "  navi apply --on <host>     # build + switch one host"
          echo "  navi apply-local --node 14900k --sudo   # switch this machine locally (needs root), --node if hostname differs"
          echo "  navi tui                   # interactive fleet dashboard"
        '';
      };

      apps = {
        navi = {
          type = "app";
          program = lib.getExe inputs.navi.packages.${system}.default;
        };
        navi-tui = {
          type = "app";
          program =
            toString (
              pkgs.writeShellApplication {
                name = "navi-tui";
                runtimeInputs = [ inputs.navi.packages.${system}.default ];
                text = ''
                  exec navi tui "$@"
                '';
              }
            );
        };
      };
    };
}