diff --git a/fudo-home b/fudo-home index 1ba24b9..7d7f95b 160000 --- a/fudo-home +++ b/fudo-home @@ -1 +1 @@ -Subproject commit 1ba24b9571aaad13bc91e27fce0096a66bdcb677 +Subproject commit 7d7f95b1c229ceed825559f1f94ee6f676b429a6 diff --git a/fudo-nixos b/fudo-nixos index 81aae5c..79b05be 160000 --- a/fudo-nixos +++ b/fudo-nixos @@ -1 +1 @@ -Subproject commit 81aae5cd8d0c859b2d6d16cfc40d1efb8f90f0f6 +Subproject commit 79b05be7d33b2dccb1a6967d86b52d1c2e9e5e3b diff --git a/fudo-pkgs b/fudo-pkgs index 1608072..b1af37f 160000 --- a/fudo-pkgs +++ b/fudo-pkgs @@ -1 +1 @@ -Subproject commit 160807215cf9158605b072c54a9b682522d62989 +Subproject commit b1af37ff1e6366469d0292e59514acf4f76c088d diff --git a/joes-datacenter-0/flake.lock b/joes-datacenter-0/flake.lock index 5ad1881..43b2bbb 100644 --- a/joes-datacenter-0/flake.lock +++ b/joes-datacenter-0/flake.lock @@ -226,11 +226,11 @@ ] }, "locked": { - "lastModified": 1634504012, - "narHash": "sha256-MbU+ZDyp+sxaFMBs0QH04nieh3vvyC9lzSn9fDk1+zM=", + "lastModified": 1635528550, + "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=", "ref": "flake", - "rev": "1ba24b9571aaad13bc91e27fce0096a66bdcb677", - "revCount": 37, + "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6", + "revCount": 38, "type": "git", "url": "https://git.fudo.org/niten/nix-home.git" }, @@ -243,7 +243,7 @@ "fudo-nixos": { "flake": false, "locked": { - "narHash": "sha256-0B2kRXs3D4ZqZwRak8LoIfzKxySEklH9ExC1uBNAAiE=", + "narHash": "sha256-nbjdCHS9siLHN6kcXwFy/hR3zDBXcQ5aPg3vWstzmsQ=", "path": "/state/nixops/fudo-nixos", "type": "path" }, @@ -278,7 +278,7 @@ "ssh-keypairs": "ssh-keypairs" }, "locked": { - "narHash": "sha256-7yAC1dWRpmpdPascKIhb3a6Q85tupqvx6zIZTVAsJ7o=", + "narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=", "path": "/state/secrets", "type": "path" }, @@ -312,7 +312,7 @@ "host-keytabs": { "flake": false, "locked": { - "narHash": "sha256-GyYXhdmRj0eHXpQj85dOU+T+VYJkO6SK6J2XBIrmLTw=", + "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=", "path": "./kerberos/host-keytabs", "type": "path" }, @@ -371,11 +371,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634661806, - "narHash": "sha256-fBuR7EZ67UOdNt3gEwhoyWJ6zJtXh4kuupIALRcx/7I=", + "lastModified": 1635543790, + "narHash": "sha256-I1lo59Y5mPbkqB8qbp92p4e5Htfm6Wbhvt19efg0cBU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8fe3b97ef4527ac88d03ea33e0789f3512e01adc", + "rev": "6c0c30146347188ce908838fd2b50c1b7db47c0c", "type": "github" }, "original": { @@ -524,7 +524,7 @@ "service-keytabs": { "flake": false, "locked": { - "narHash": "sha256-vRo6wMpQunuKlk42J/e4nCGtF0hF0aMnA5HOv5+dPLM=", + "narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=", "path": "./kerberos/service-keytabs", "type": "path" }, @@ -536,7 +536,7 @@ "service-passwords": { "flake": false, "locked": { - "narHash": "sha256-JPMZdokzw+vyWoIKwgDhD60BYi5gch/MfgQyvx5AXZA=", + "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=", "path": "./service-passwords", "type": "path" }, @@ -548,7 +548,7 @@ "ssh-keypairs": { "flake": false, "locked": { - "narHash": "sha256-fD2ZTNMc399XtlVWLCU4crC0RZZ8yTZPFzEm9VWjiL8=", + "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=", "path": "./ssh-keypairs", "type": "path" }, diff --git a/portage/flake.lock b/portage/flake.lock new file mode 100644 index 0000000..06d7514 --- /dev/null +++ b/portage/flake.lock @@ -0,0 +1,559 @@ +{ + "nodes": { + "backplane": { + "flake": false, + "locked": { + "narHash": "sha256-q159nkiuwtQcfecm7SVpy6lG1eWc5ZqeGhnEAIY6J5w=", + "path": "./backplane", + "type": "path" + }, + "original": { + "path": "./backplane", + "type": "path" + } + }, + "build-keypairs": { + "flake": false, + "locked": { + "narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=", + "path": "./build-keypairs", + "type": "path" + }, + "original": { + "path": "./build-keypairs", + "type": "path" + } + }, + "doom-emacs": { + "inputs": { + "doom-emacs": "doom-emacs_2", + "doom-snippets": "doom-snippets", + "emacs-overlay": "emacs-overlay", + "emacs-so-long": "emacs-so-long", + "evil-markdown": "evil-markdown", + "evil-org-mode": "evil-org-mode", + "evil-quick-diff": "evil-quick-diff", + "explain-pause-mode": "explain-pause-mode", + "flake-utils": "flake-utils", + "nix-straight": "nix-straight", + "nixpkgs": "nixpkgs", + "nose": "nose", + "ob-racket": "ob-racket", + "org": "org", + "org-contrib": "org-contrib", + "org-yt": "org-yt", + "php-extras": "php-extras", + "revealjs": "revealjs", + "rotate-text": "rotate-text" + }, + "locked": { + "lastModified": 1627398156, + "narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=", + "owner": "vlaci", + "repo": "nix-doom-emacs", + "rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff", + "type": "github" + }, + "original": { + "owner": "vlaci", + "repo": "nix-doom-emacs", + "type": "github" + } + }, + "doom-emacs_2": { + "flake": false, + "locked": { + "lastModified": 1626604817, + "narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=", + "owner": "hlissner", + "repo": "doom-emacs", + "rev": "46732c0adaef147144418f9f284ca6b1183ab96f", + "type": "github" + }, + "original": { + "owner": "hlissner", + "ref": "develop", + "repo": "doom-emacs", + "type": "github" + } + }, + "doom-snippets": { + "flake": false, + "locked": { + "lastModified": 1625547004, + "narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=", + "owner": "hlissner", + "repo": "doom-snippets", + "rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "doom-snippets", + "type": "github" + } + }, + "emacs-overlay": { + "flake": false, + "locked": { + "lastModified": 1626972035, + "narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "emacs-so-long": { + "flake": false, + "locked": { + "lastModified": 1575031854, + "narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=", + "owner": "hlissner", + "repo": "emacs-so-long", + "rev": "ed666b0716f60e8988c455804de24b55919e71ca", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "emacs-so-long", + "type": "github" + } + }, + "evil-markdown": { + "flake": false, + "locked": { + "lastModified": 1626852210, + "narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=", + "owner": "Somelauw", + "repo": "evil-markdown", + "rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477", + "type": "github" + }, + "original": { + "owner": "Somelauw", + "repo": "evil-markdown", + "type": "github" + } + }, + "evil-org-mode": { + "flake": false, + "locked": { + "lastModified": 1607203864, + "narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=", + "owner": "hlissner", + "repo": "evil-org-mode", + "rev": "a9706da260c45b98601bcd72b1d2c0a24a017700", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "evil-org-mode", + "type": "github" + } + }, + "evil-quick-diff": { + "flake": false, + "locked": { + "lastModified": 1575189609, + "narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=", + "owner": "rgrinberg", + "repo": "evil-quick-diff", + "rev": "69c883720b30a892c63bc89f49d4f0e8b8028908", + "type": "github" + }, + "original": { + "owner": "rgrinberg", + "repo": "evil-quick-diff", + "type": "github" + } + }, + "explain-pause-mode": { + "flake": false, + "locked": { + "lastModified": 1595842060, + "narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=", + "owner": "lastquestion", + "repo": "explain-pause-mode", + "rev": "2356c8c3639cbeeb9751744dbe737267849b4b51", + "type": "github" + }, + "original": { + "owner": "lastquestion", + "repo": "explain-pause-mode", + "type": "github" + } + }, + "filesystem-keys": { + "flake": false, + "locked": { + "narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=", + "path": "./filesystem-keys", + "type": "path" + }, + "original": { + "path": "./filesystem-keys", + "type": "path" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "fudo-home": { + "inputs": { + "doom-emacs": "doom-emacs", + "home-manager": "home-manager", + "niten-doom-config": "niten-doom-config", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1635528550, + "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=", + "ref": "flake", + "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6", + "revCount": 38, + "type": "git", + "url": "https://git.fudo.org/niten/nix-home.git" + }, + "original": { + "ref": "flake", + "type": "git", + "url": "https://git.fudo.org/niten/nix-home.git" + } + }, + "fudo-nixos": { + "flake": false, + "locked": { + "narHash": "sha256-wIk8P88DRH8eQ31LajzGOKAwx7HoB+Qet4ws9bdeG+8=", + "path": "/state/nixops/fudo-nixos", + "type": "path" + }, + "original": { + "path": "/state/nixops/fudo-nixos", + "type": "path" + } + }, + "fudo-pkgs": { + "locked": { + "narHash": "sha256-zkWbqqzNFNMLbIqWGY1xAw/2NdBrNfbUvwIgX+44Zao=", + "path": "/state/nixops/fudo-pkgs", + "type": "path" + }, + "original": { + "path": "/state/nixops/fudo-pkgs", + "type": "path" + } + }, + "fudo-secrets": { + "inputs": { + "backplane": "backplane", + "build-keypairs": "build-keypairs", + "filesystem-keys": "filesystem-keys", + "host-keytabs": "host-keytabs", + "service-keytabs": "service-keytabs", + "service-passwords": "service-passwords", + "ssh-keypairs": "ssh-keypairs" + }, + "locked": { + "narHash": "sha256-MDaYnGcrppeZgOZKX4uHJO4NY7t5m//m7PwTMGE7hv4=", + "path": "/state/secrets", + "type": "path" + }, + "original": { + "path": "/state/secrets", + "type": "path" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "fudo-home", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1633291410, + "narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "382505714d10c6791a96712e0554587c75c5bf8b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-21.05", + "repo": "home-manager", + "type": "github" + } + }, + "host-keytabs": { + "flake": false, + "locked": { + "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=", + "path": "./kerberos/host-keytabs", + "type": "path" + }, + "original": { + "path": "./kerberos/host-keytabs", + "type": "path" + } + }, + "niten-doom-config": { + "flake": false, + "locked": { + "lastModified": 1628274414, + "narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=", + "ref": "master", + "rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2", + "revCount": 34, + "type": "git", + "url": "https://git.fudo.org/niten/doom-emacs.git" + }, + "original": { + "type": "git", + "url": "https://git.fudo.org/niten/doom-emacs.git" + } + }, + "nix-straight": { + "flake": false, + "locked": { + "lastModified": 1621543597, + "narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=", + "owner": "vlaci", + "repo": "nix-straight.el", + "rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca", + "type": "github" + }, + "original": { + "owner": "vlaci", + "ref": "v2.2.0", + "repo": "nix-straight.el", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1626852498, + "narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixpkgs-unstable", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1635719588, + "narHash": "sha256-pWjdy0NheM97NsPE6+jUnr5LYyeA0sBGTdw4mfXMGZQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05", + "type": "indirect" + } + }, + "nose": { + "flake": false, + "locked": { + "lastModified": 1400604510, + "narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=", + "owner": "emacsattic", + "repo": "nose", + "rev": "f8528297519eba911696c4e68fa88892de9a7b72", + "type": "github" + }, + "original": { + "owner": "emacsattic", + "repo": "nose", + "type": "github" + } + }, + "ob-racket": { + "flake": false, + "locked": { + "lastModified": 1584656173, + "narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=", + "owner": "xchrishawk", + "repo": "ob-racket", + "rev": "83457ec9e1e96a29fd2086ed19432b9d75787673", + "type": "github" + }, + "original": { + "owner": "xchrishawk", + "repo": "ob-racket", + "type": "github" + } + }, + "org": { + "flake": false, + "locked": { + "lastModified": 1627155762, + "narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=", + "owner": "emacs-straight", + "repo": "org-mode", + "rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237", + "type": "github" + }, + "original": { + "owner": "emacs-straight", + "repo": "org-mode", + "type": "github" + } + }, + "org-contrib": { + "flake": false, + "locked": { + "lastModified": 1623339452, + "narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=", + "ref": "master", + "rev": "fc81309cf6756607a836f93049a9393c2967c4e0", + "revCount": 2599, + "type": "git", + "url": "https://git.sr.ht/~bzg/org-contrib" + }, + "original": { + "type": "git", + "url": "https://git.sr.ht/~bzg/org-contrib" + } + }, + "org-yt": { + "flake": false, + "locked": { + "lastModified": 1527381913, + "narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=", + "owner": "TobiasZawada", + "repo": "org-yt", + "rev": "40cc1ac76d741055cbefa13860d9f070a7ade001", + "type": "github" + }, + "original": { + "owner": "TobiasZawada", + "repo": "org-yt", + "type": "github" + } + }, + "php-extras": { + "flake": false, + "locked": { + "lastModified": 1573312690, + "narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=", + "owner": "arnested", + "repo": "php-extras", + "rev": "d410c5af663c30c01d461ac476d1cbfbacb49367", + "type": "github" + }, + "original": { + "owner": "arnested", + "repo": "php-extras", + "type": "github" + } + }, + "revealjs": { + "flake": false, + "locked": { + "lastModified": 1625811744, + "narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=", + "owner": "hakimel", + "repo": "reveal.js", + "rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad", + "type": "github" + }, + "original": { + "owner": "hakimel", + "repo": "reveal.js", + "type": "github" + } + }, + "root": { + "inputs": { + "fudo-home": "fudo-home", + "fudo-nixos": "fudo-nixos", + "fudo-pkgs": "fudo-pkgs", + "fudo-secrets": "fudo-secrets", + "nixpkgs": "nixpkgs_2" + } + }, + "rotate-text": { + "flake": false, + "locked": { + "lastModified": 1322962747, + "narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=", + "owner": "debug-ito", + "repo": "rotate-text.el", + "rev": "48f193697db996855aee1ad2bc99b38c6646fe76", + "type": "github" + }, + "original": { + "owner": "debug-ito", + "repo": "rotate-text.el", + "type": "github" + } + }, + "service-keytabs": { + "flake": false, + "locked": { + "narHash": "sha256-n2i88EiGs2DJCU+qGdLICbYMWUqdNpnEx/VUzDq5xZ8=", + "path": "./kerberos/service-keytabs", + "type": "path" + }, + "original": { + "path": "./kerberos/service-keytabs", + "type": "path" + } + }, + "service-passwords": { + "flake": false, + "locked": { + "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=", + "path": "./service-passwords", + "type": "path" + }, + "original": { + "path": "./service-passwords", + "type": "path" + } + }, + "ssh-keypairs": { + "flake": false, + "locked": { + "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=", + "path": "./ssh-keypairs", + "type": "path" + }, + "original": { + "path": "./ssh-keypairs", + "type": "path" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/portage/flake.nix b/portage/flake.nix index bc8f1db..239927a 100644 --- a/portage/flake.nix +++ b/portage/flake.nix @@ -11,9 +11,9 @@ fudo-secrets.url = "path:/state/secrets"; - #fudo-pkgs.url = "path:/state/nixops/fudo-pkgs"; + # fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git"; - fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git"; + fudo-pkgs.url = "path:/state/nixops/fudo-pkgs"; fudo-nixos = { url = "path:/state/nixops/fudo-nixos"; @@ -64,16 +64,28 @@ } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let system = hostOpts.arch; profile = hostOpts.profile; - in { config, pkgs, lib, ... }: { + in { config, ... }: let + pkgs = pkgs-for system; + lib = pkgs.lib; + build-seed = builtins.readFile config.fudo.secrets.files.build-seed; + in { imports = [ fudo-home.nixosModule fudo-secrets.nixosModule (initialize-host { - inherit hostname build-timestamp site domain profile; - }) + inherit + lib + pkgs + hostname + build-timestamp + build-seed + site + domain + profile; }) ]; nixpkgs.pkgs = pkgs-for system; + nixpkgs.lib = (pkgs-for system).lib; deployment = with lib; { targetHost = network-hosts.${hostname}.ipv4-address; diff --git a/seattle/flake.lock b/seattle/flake.lock index 9c57585..d4e840f 100644 --- a/seattle/flake.lock +++ b/seattle/flake.lock @@ -226,11 +226,11 @@ ] }, "locked": { - "lastModified": 1634504012, - "narHash": "sha256-MbU+ZDyp+sxaFMBs0QH04nieh3vvyC9lzSn9fDk1+zM=", + "lastModified": 1635528550, + "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=", "ref": "flake", - "rev": "1ba24b9571aaad13bc91e27fce0096a66bdcb677", - "revCount": 37, + "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6", + "revCount": 38, "type": "git", "url": "https://git.fudo.org/niten/nix-home.git" }, @@ -243,7 +243,7 @@ "fudo-nixos": { "flake": false, "locked": { - "narHash": "sha256-rZspm5MJjkiXONo7L9lsJqB2QZXoo/Wqs9+lODUkia8=", + "narHash": "sha256-QYhuo67dvvLdy8RD3gGWCzBG4azEZTuY8vLICu1N32s=", "path": "/state/nixops/fudo-nixos", "type": "path" }, @@ -273,11 +273,12 @@ "build-keypairs": "build-keypairs", "filesystem-keys": "filesystem-keys", "host-keytabs": "host-keytabs", + "service-keytabs": "service-keytabs", "service-passwords": "service-passwords", "ssh-keypairs": "ssh-keypairs" }, "locked": { - "narHash": "sha256-TOBI3TVEHR97j7/Rf41P4QCpbL9XamHkHQHi3BhBdi4=", + "narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=", "path": "/state/secrets", "type": "path" }, @@ -311,7 +312,7 @@ "host-keytabs": { "flake": false, "locked": { - "narHash": "sha256-QBfphmEdsPyzOSQxi1p+fZkpLXxXrWNQv1v5tnW0F+4=", + "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=", "path": "./kerberos/host-keytabs", "type": "path" }, @@ -370,11 +371,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1634327140, - "narHash": "sha256-d5L7oMjUVC6VU0cQMsF0tceAPkmzuAQ51DWBFNChbEQ=", + "lastModified": 1635456205, + "narHash": "sha256-CLZxFvwec8BhFlB5tkIq08UBDNNrijOY780UF6ubJXc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "83667ff60a88e22b76ef4b0bdf5334670b39c2b6", + "rev": "66d6ec6ed2ddc77d08cf677cc8230db39f051793", "type": "github" }, "original": { @@ -520,10 +521,22 @@ "type": "github" } }, + "service-keytabs": { + "flake": false, + "locked": { + "narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=", + "path": "./kerberos/service-keytabs", + "type": "path" + }, + "original": { + "path": "./kerberos/service-keytabs", + "type": "path" + } + }, "service-passwords": { "flake": false, "locked": { - "narHash": "sha256-JPMZdokzw+vyWoIKwgDhD60BYi5gch/MfgQyvx5AXZA=", + "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=", "path": "./service-passwords", "type": "path" }, @@ -535,7 +548,7 @@ "ssh-keypairs": { "flake": false, "locked": { - "narHash": "sha256-fD2ZTNMc399XtlVWLCU4crC0RZZ8yTZPFzEm9VWjiL8=", + "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=", "path": "./ssh-keypairs", "type": "path" }, diff --git a/seattle/flake.nix b/seattle/flake.nix index 846db5d..2eb6247 100644 --- a/seattle/flake.nix +++ b/seattle/flake.nix @@ -64,16 +64,29 @@ } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let system = hostOpts.arch; profile = hostOpts.profile; - in { config, pkgs, lib, ... }: { + in { config, ... }: let + pkgs = pkgs-for system; + lib = pkgs.lib; + build-seed = builtins.readFile config.fudo.secrets.files.build-seed; + in { imports = [ fudo-home.nixosModule fudo-secrets.nixosModule (initialize-host { - inherit hostname build-timestamp site domain profile; + inherit + lib + pkgs + hostname + build-timestamp + build-seed + site + domain + profile; }) ]; nixpkgs.pkgs = pkgs-for system; + nixpkgs.lib = (pkgs-for system).lib; deployment = with lib; { targetHost = network-hosts.${hostname}.ipv4-address;