nix-mdatp/flake.nix at main · NitorCreations/nix-mdatp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
{
  description = "Unofficial Microsoft Defender Advanced Threat Protection Nix flake";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";

    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs =
    {
      self,
      nixpkgs,
      flake-utils,
      ...
    }:
    flake-utils.lib.eachSystemPassThrough [ "x86_64-linux" ] (system: {
      nixosModules = rec {
        default = mdatp;
        mdatp = import ./nixos;
      };

      nixosConfigurations.testing = nixpkgs.lib.nixosSystem {
        inherit system;
        modules = [
          self.nixosModules.mdatp
          (
            { pkgs, lib, ... }:
            {
              boot.isContainer = true; # stop nix flake check complaining about missing root fs
              documentation.nixos.enable = false; # skip generating nixos docs
              virtualisation.vmVariant = {
                boot.isContainer = lib.mkForce false; # let vm variant create a virtual disk
                virtualisation.graphics = false; # connect serial console to terminal
              };
              users.users.root.initialPassword = "test";
              services.mdatp = {
                enable = true;
              };
            }
          )
        ];
      };

      overlays = {
        default = import ./overlay.nix;
      };
    })
    // flake-utils.lib.eachSystem [ "x86_64-linux" ] (
      system:
      let
        pkgs = import nixpkgs {
          inherit system;
          overlays = [ self.overlays.default ];
        };
      in
      {
        packages = rec {
          mdatp = pkgs.callPackage ./package.nix { };
          default = mdatp;
        };
        checks = {
          mdatpNixosTest = pkgs.callPackage ./nixos/tests.nix { inherit self; };
        };
      }
    );
}