Added build-seed

This commit is contained in:
niten 2021-11-01 14:05:30 -07:00
parent caedc06ff7
commit 381d2710e3
8 changed files with 632 additions and 35 deletions

@ -1 +1 @@
Subproject commit 1ba24b9571aaad13bc91e27fce0096a66bdcb677 Subproject commit 7d7f95b1c229ceed825559f1f94ee6f676b429a6

@ -1 +1 @@
Subproject commit 81aae5cd8d0c859b2d6d16cfc40d1efb8f90f0f6 Subproject commit 79b05be7d33b2dccb1a6967d86b52d1c2e9e5e3b

@ -1 +1 @@
Subproject commit 160807215cf9158605b072c54a9b682522d62989 Subproject commit b1af37ff1e6366469d0292e59514acf4f76c088d

View File

@ -226,11 +226,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1634504012, "lastModified": 1635528550,
"narHash": "sha256-MbU+ZDyp+sxaFMBs0QH04nieh3vvyC9lzSn9fDk1+zM=", "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=",
"ref": "flake", "ref": "flake",
"rev": "1ba24b9571aaad13bc91e27fce0096a66bdcb677", "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6",
"revCount": 37, "revCount": 38,
"type": "git", "type": "git",
"url": "https://git.fudo.org/niten/nix-home.git" "url": "https://git.fudo.org/niten/nix-home.git"
}, },
@ -243,7 +243,7 @@
"fudo-nixos": { "fudo-nixos": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-0B2kRXs3D4ZqZwRak8LoIfzKxySEklH9ExC1uBNAAiE=", "narHash": "sha256-nbjdCHS9siLHN6kcXwFy/hR3zDBXcQ5aPg3vWstzmsQ=",
"path": "/state/nixops/fudo-nixos", "path": "/state/nixops/fudo-nixos",
"type": "path" "type": "path"
}, },
@ -278,7 +278,7 @@
"ssh-keypairs": "ssh-keypairs" "ssh-keypairs": "ssh-keypairs"
}, },
"locked": { "locked": {
"narHash": "sha256-7yAC1dWRpmpdPascKIhb3a6Q85tupqvx6zIZTVAsJ7o=", "narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=",
"path": "/state/secrets", "path": "/state/secrets",
"type": "path" "type": "path"
}, },
@ -312,7 +312,7 @@
"host-keytabs": { "host-keytabs": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-GyYXhdmRj0eHXpQj85dOU+T+VYJkO6SK6J2XBIrmLTw=", "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=",
"path": "./kerberos/host-keytabs", "path": "./kerberos/host-keytabs",
"type": "path" "type": "path"
}, },
@ -371,11 +371,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1634661806, "lastModified": 1635543790,
"narHash": "sha256-fBuR7EZ67UOdNt3gEwhoyWJ6zJtXh4kuupIALRcx/7I=", "narHash": "sha256-I1lo59Y5mPbkqB8qbp92p4e5Htfm6Wbhvt19efg0cBU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8fe3b97ef4527ac88d03ea33e0789f3512e01adc", "rev": "6c0c30146347188ce908838fd2b50c1b7db47c0c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -524,7 +524,7 @@
"service-keytabs": { "service-keytabs": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-vRo6wMpQunuKlk42J/e4nCGtF0hF0aMnA5HOv5+dPLM=", "narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=",
"path": "./kerberos/service-keytabs", "path": "./kerberos/service-keytabs",
"type": "path" "type": "path"
}, },
@ -536,7 +536,7 @@
"service-passwords": { "service-passwords": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-JPMZdokzw+vyWoIKwgDhD60BYi5gch/MfgQyvx5AXZA=", "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=",
"path": "./service-passwords", "path": "./service-passwords",
"type": "path" "type": "path"
}, },
@ -548,7 +548,7 @@
"ssh-keypairs": { "ssh-keypairs": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-fD2ZTNMc399XtlVWLCU4crC0RZZ8yTZPFzEm9VWjiL8=", "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=",
"path": "./ssh-keypairs", "path": "./ssh-keypairs",
"type": "path" "type": "path"
}, },

559
portage/flake.lock Normal file
View File

@ -0,0 +1,559 @@
{
"nodes": {
"backplane": {
"flake": false,
"locked": {
"narHash": "sha256-q159nkiuwtQcfecm7SVpy6lG1eWc5ZqeGhnEAIY6J5w=",
"path": "./backplane",
"type": "path"
},
"original": {
"path": "./backplane",
"type": "path"
}
},
"build-keypairs": {
"flake": false,
"locked": {
"narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=",
"path": "./build-keypairs",
"type": "path"
},
"original": {
"path": "./build-keypairs",
"type": "path"
}
},
"doom-emacs": {
"inputs": {
"doom-emacs": "doom-emacs_2",
"doom-snippets": "doom-snippets",
"emacs-overlay": "emacs-overlay",
"emacs-so-long": "emacs-so-long",
"evil-markdown": "evil-markdown",
"evil-org-mode": "evil-org-mode",
"evil-quick-diff": "evil-quick-diff",
"explain-pause-mode": "explain-pause-mode",
"flake-utils": "flake-utils",
"nix-straight": "nix-straight",
"nixpkgs": "nixpkgs",
"nose": "nose",
"ob-racket": "ob-racket",
"org": "org",
"org-contrib": "org-contrib",
"org-yt": "org-yt",
"php-extras": "php-extras",
"revealjs": "revealjs",
"rotate-text": "rotate-text"
},
"locked": {
"lastModified": 1627398156,
"narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=",
"owner": "vlaci",
"repo": "nix-doom-emacs",
"rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff",
"type": "github"
},
"original": {
"owner": "vlaci",
"repo": "nix-doom-emacs",
"type": "github"
}
},
"doom-emacs_2": {
"flake": false,
"locked": {
"lastModified": 1626604817,
"narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=",
"owner": "hlissner",
"repo": "doom-emacs",
"rev": "46732c0adaef147144418f9f284ca6b1183ab96f",
"type": "github"
},
"original": {
"owner": "hlissner",
"ref": "develop",
"repo": "doom-emacs",
"type": "github"
}
},
"doom-snippets": {
"flake": false,
"locked": {
"lastModified": 1625547004,
"narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=",
"owner": "hlissner",
"repo": "doom-snippets",
"rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "doom-snippets",
"type": "github"
}
},
"emacs-overlay": {
"flake": false,
"locked": {
"lastModified": 1626972035,
"narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"emacs-so-long": {
"flake": false,
"locked": {
"lastModified": 1575031854,
"narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
"owner": "hlissner",
"repo": "emacs-so-long",
"rev": "ed666b0716f60e8988c455804de24b55919e71ca",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "emacs-so-long",
"type": "github"
}
},
"evil-markdown": {
"flake": false,
"locked": {
"lastModified": 1626852210,
"narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
"owner": "Somelauw",
"repo": "evil-markdown",
"rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
"type": "github"
},
"original": {
"owner": "Somelauw",
"repo": "evil-markdown",
"type": "github"
}
},
"evil-org-mode": {
"flake": false,
"locked": {
"lastModified": 1607203864,
"narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
"owner": "hlissner",
"repo": "evil-org-mode",
"rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "evil-org-mode",
"type": "github"
}
},
"evil-quick-diff": {
"flake": false,
"locked": {
"lastModified": 1575189609,
"narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
"type": "github"
},
"original": {
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"type": "github"
}
},
"explain-pause-mode": {
"flake": false,
"locked": {
"lastModified": 1595842060,
"narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
"owner": "lastquestion",
"repo": "explain-pause-mode",
"rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
"type": "github"
},
"original": {
"owner": "lastquestion",
"repo": "explain-pause-mode",
"type": "github"
}
},
"filesystem-keys": {
"flake": false,
"locked": {
"narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=",
"path": "./filesystem-keys",
"type": "path"
},
"original": {
"path": "./filesystem-keys",
"type": "path"
}
},
"flake-utils": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"fudo-home": {
"inputs": {
"doom-emacs": "doom-emacs",
"home-manager": "home-manager",
"niten-doom-config": "niten-doom-config",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1635528550,
"narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=",
"ref": "flake",
"rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6",
"revCount": 38,
"type": "git",
"url": "https://git.fudo.org/niten/nix-home.git"
},
"original": {
"ref": "flake",
"type": "git",
"url": "https://git.fudo.org/niten/nix-home.git"
}
},
"fudo-nixos": {
"flake": false,
"locked": {
"narHash": "sha256-wIk8P88DRH8eQ31LajzGOKAwx7HoB+Qet4ws9bdeG+8=",
"path": "/state/nixops/fudo-nixos",
"type": "path"
},
"original": {
"path": "/state/nixops/fudo-nixos",
"type": "path"
}
},
"fudo-pkgs": {
"locked": {
"narHash": "sha256-zkWbqqzNFNMLbIqWGY1xAw/2NdBrNfbUvwIgX+44Zao=",
"path": "/state/nixops/fudo-pkgs",
"type": "path"
},
"original": {
"path": "/state/nixops/fudo-pkgs",
"type": "path"
}
},
"fudo-secrets": {
"inputs": {
"backplane": "backplane",
"build-keypairs": "build-keypairs",
"filesystem-keys": "filesystem-keys",
"host-keytabs": "host-keytabs",
"service-keytabs": "service-keytabs",
"service-passwords": "service-passwords",
"ssh-keypairs": "ssh-keypairs"
},
"locked": {
"narHash": "sha256-MDaYnGcrppeZgOZKX4uHJO4NY7t5m//m7PwTMGE7hv4=",
"path": "/state/secrets",
"type": "path"
},
"original": {
"path": "/state/secrets",
"type": "path"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"fudo-home",
"nixpkgs"
]
},
"locked": {
"lastModified": 1633291410,
"narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "382505714d10c6791a96712e0554587c75c5bf8b",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-21.05",
"repo": "home-manager",
"type": "github"
}
},
"host-keytabs": {
"flake": false,
"locked": {
"narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=",
"path": "./kerberos/host-keytabs",
"type": "path"
},
"original": {
"path": "./kerberos/host-keytabs",
"type": "path"
}
},
"niten-doom-config": {
"flake": false,
"locked": {
"lastModified": 1628274414,
"narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=",
"ref": "master",
"rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2",
"revCount": 34,
"type": "git",
"url": "https://git.fudo.org/niten/doom-emacs.git"
},
"original": {
"type": "git",
"url": "https://git.fudo.org/niten/doom-emacs.git"
}
},
"nix-straight": {
"flake": false,
"locked": {
"lastModified": 1621543597,
"narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=",
"owner": "vlaci",
"repo": "nix-straight.el",
"rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca",
"type": "github"
},
"original": {
"owner": "vlaci",
"ref": "v2.2.0",
"repo": "nix-straight.el",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1626852498,
"narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixpkgs-unstable",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1635719588,
"narHash": "sha256-pWjdy0NheM97NsPE6+jUnr5LYyeA0sBGTdw4mfXMGZQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-21.05",
"type": "indirect"
}
},
"nose": {
"flake": false,
"locked": {
"lastModified": 1400604510,
"narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
"owner": "emacsattic",
"repo": "nose",
"rev": "f8528297519eba911696c4e68fa88892de9a7b72",
"type": "github"
},
"original": {
"owner": "emacsattic",
"repo": "nose",
"type": "github"
}
},
"ob-racket": {
"flake": false,
"locked": {
"lastModified": 1584656173,
"narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
"owner": "xchrishawk",
"repo": "ob-racket",
"rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
"type": "github"
},
"original": {
"owner": "xchrishawk",
"repo": "ob-racket",
"type": "github"
}
},
"org": {
"flake": false,
"locked": {
"lastModified": 1627155762,
"narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=",
"owner": "emacs-straight",
"repo": "org-mode",
"rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237",
"type": "github"
},
"original": {
"owner": "emacs-straight",
"repo": "org-mode",
"type": "github"
}
},
"org-contrib": {
"flake": false,
"locked": {
"lastModified": 1623339452,
"narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=",
"ref": "master",
"rev": "fc81309cf6756607a836f93049a9393c2967c4e0",
"revCount": 2599,
"type": "git",
"url": "https://git.sr.ht/~bzg/org-contrib"
},
"original": {
"type": "git",
"url": "https://git.sr.ht/~bzg/org-contrib"
}
},
"org-yt": {
"flake": false,
"locked": {
"lastModified": 1527381913,
"narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
"owner": "TobiasZawada",
"repo": "org-yt",
"rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
"type": "github"
},
"original": {
"owner": "TobiasZawada",
"repo": "org-yt",
"type": "github"
}
},
"php-extras": {
"flake": false,
"locked": {
"lastModified": 1573312690,
"narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
"owner": "arnested",
"repo": "php-extras",
"rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
"type": "github"
},
"original": {
"owner": "arnested",
"repo": "php-extras",
"type": "github"
}
},
"revealjs": {
"flake": false,
"locked": {
"lastModified": 1625811744,
"narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=",
"owner": "hakimel",
"repo": "reveal.js",
"rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad",
"type": "github"
},
"original": {
"owner": "hakimel",
"repo": "reveal.js",
"type": "github"
}
},
"root": {
"inputs": {
"fudo-home": "fudo-home",
"fudo-nixos": "fudo-nixos",
"fudo-pkgs": "fudo-pkgs",
"fudo-secrets": "fudo-secrets",
"nixpkgs": "nixpkgs_2"
}
},
"rotate-text": {
"flake": false,
"locked": {
"lastModified": 1322962747,
"narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
"owner": "debug-ito",
"repo": "rotate-text.el",
"rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
"type": "github"
},
"original": {
"owner": "debug-ito",
"repo": "rotate-text.el",
"type": "github"
}
},
"service-keytabs": {
"flake": false,
"locked": {
"narHash": "sha256-n2i88EiGs2DJCU+qGdLICbYMWUqdNpnEx/VUzDq5xZ8=",
"path": "./kerberos/service-keytabs",
"type": "path"
},
"original": {
"path": "./kerberos/service-keytabs",
"type": "path"
}
},
"service-passwords": {
"flake": false,
"locked": {
"narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=",
"path": "./service-passwords",
"type": "path"
},
"original": {
"path": "./service-passwords",
"type": "path"
}
},
"ssh-keypairs": {
"flake": false,
"locked": {
"narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=",
"path": "./ssh-keypairs",
"type": "path"
},
"original": {
"path": "./ssh-keypairs",
"type": "path"
}
}
},
"root": "root",
"version": 7
}

View File

@ -11,9 +11,9 @@
fudo-secrets.url = "path:/state/secrets"; fudo-secrets.url = "path:/state/secrets";
#fudo-pkgs.url = "path:/state/nixops/fudo-pkgs"; # fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git";
fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git"; fudo-pkgs.url = "path:/state/nixops/fudo-pkgs";
fudo-nixos = { fudo-nixos = {
url = "path:/state/nixops/fudo-nixos"; url = "path:/state/nixops/fudo-nixos";
@ -64,16 +64,28 @@
} // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let
system = hostOpts.arch; system = hostOpts.arch;
profile = hostOpts.profile; profile = hostOpts.profile;
in { config, pkgs, lib, ... }: { in { config, ... }: let
pkgs = pkgs-for system;
lib = pkgs.lib;
build-seed = builtins.readFile config.fudo.secrets.files.build-seed;
in {
imports = [ imports = [
fudo-home.nixosModule fudo-home.nixosModule
fudo-secrets.nixosModule fudo-secrets.nixosModule
(initialize-host { (initialize-host {
inherit hostname build-timestamp site domain profile; inherit
}) lib
pkgs
hostname
build-timestamp
build-seed
site
domain
profile; })
]; ];
nixpkgs.pkgs = pkgs-for system; nixpkgs.pkgs = pkgs-for system;
nixpkgs.lib = (pkgs-for system).lib;
deployment = with lib; { deployment = with lib; {
targetHost = network-hosts.${hostname}.ipv4-address; targetHost = network-hosts.${hostname}.ipv4-address;

View File

@ -226,11 +226,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1634504012, "lastModified": 1635528550,
"narHash": "sha256-MbU+ZDyp+sxaFMBs0QH04nieh3vvyC9lzSn9fDk1+zM=", "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=",
"ref": "flake", "ref": "flake",
"rev": "1ba24b9571aaad13bc91e27fce0096a66bdcb677", "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6",
"revCount": 37, "revCount": 38,
"type": "git", "type": "git",
"url": "https://git.fudo.org/niten/nix-home.git" "url": "https://git.fudo.org/niten/nix-home.git"
}, },
@ -243,7 +243,7 @@
"fudo-nixos": { "fudo-nixos": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-rZspm5MJjkiXONo7L9lsJqB2QZXoo/Wqs9+lODUkia8=", "narHash": "sha256-QYhuo67dvvLdy8RD3gGWCzBG4azEZTuY8vLICu1N32s=",
"path": "/state/nixops/fudo-nixos", "path": "/state/nixops/fudo-nixos",
"type": "path" "type": "path"
}, },
@ -273,11 +273,12 @@
"build-keypairs": "build-keypairs", "build-keypairs": "build-keypairs",
"filesystem-keys": "filesystem-keys", "filesystem-keys": "filesystem-keys",
"host-keytabs": "host-keytabs", "host-keytabs": "host-keytabs",
"service-keytabs": "service-keytabs",
"service-passwords": "service-passwords", "service-passwords": "service-passwords",
"ssh-keypairs": "ssh-keypairs" "ssh-keypairs": "ssh-keypairs"
}, },
"locked": { "locked": {
"narHash": "sha256-TOBI3TVEHR97j7/Rf41P4QCpbL9XamHkHQHi3BhBdi4=", "narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=",
"path": "/state/secrets", "path": "/state/secrets",
"type": "path" "type": "path"
}, },
@ -311,7 +312,7 @@
"host-keytabs": { "host-keytabs": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-QBfphmEdsPyzOSQxi1p+fZkpLXxXrWNQv1v5tnW0F+4=", "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=",
"path": "./kerberos/host-keytabs", "path": "./kerberos/host-keytabs",
"type": "path" "type": "path"
}, },
@ -370,11 +371,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1634327140, "lastModified": 1635456205,
"narHash": "sha256-d5L7oMjUVC6VU0cQMsF0tceAPkmzuAQ51DWBFNChbEQ=", "narHash": "sha256-CLZxFvwec8BhFlB5tkIq08UBDNNrijOY780UF6ubJXc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "83667ff60a88e22b76ef4b0bdf5334670b39c2b6", "rev": "66d6ec6ed2ddc77d08cf677cc8230db39f051793",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -520,10 +521,22 @@
"type": "github" "type": "github"
} }
}, },
"service-keytabs": {
"flake": false,
"locked": {
"narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=",
"path": "./kerberos/service-keytabs",
"type": "path"
},
"original": {
"path": "./kerberos/service-keytabs",
"type": "path"
}
},
"service-passwords": { "service-passwords": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-JPMZdokzw+vyWoIKwgDhD60BYi5gch/MfgQyvx5AXZA=", "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=",
"path": "./service-passwords", "path": "./service-passwords",
"type": "path" "type": "path"
}, },
@ -535,7 +548,7 @@
"ssh-keypairs": { "ssh-keypairs": {
"flake": false, "flake": false,
"locked": { "locked": {
"narHash": "sha256-fD2ZTNMc399XtlVWLCU4crC0RZZ8yTZPFzEm9VWjiL8=", "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=",
"path": "./ssh-keypairs", "path": "./ssh-keypairs",
"type": "path" "type": "path"
}, },

View File

@ -64,16 +64,29 @@
} // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let
system = hostOpts.arch; system = hostOpts.arch;
profile = hostOpts.profile; profile = hostOpts.profile;
in { config, pkgs, lib, ... }: { in { config, ... }: let
pkgs = pkgs-for system;
lib = pkgs.lib;
build-seed = builtins.readFile config.fudo.secrets.files.build-seed;
in {
imports = [ imports = [
fudo-home.nixosModule fudo-home.nixosModule
fudo-secrets.nixosModule fudo-secrets.nixosModule
(initialize-host { (initialize-host {
inherit hostname build-timestamp site domain profile; inherit
lib
pkgs
hostname
build-timestamp
build-seed
site
domain
profile;
}) })
]; ];
nixpkgs.pkgs = pkgs-for system; nixpkgs.pkgs = pkgs-for system;
nixpkgs.lib = (pkgs-for system).lib;
deployment = with lib; { deployment = with lib; {
targetHost = network-hosts.${hostname}.ipv4-address; targetHost = network-hosts.${hostname}.ipv4-address;