diff --git a/common/deployment-config.nix b/common/deployment-config.nix deleted file mode 100644 index 5ecf30d..0000000 --- a/common/deployment-config.nix +++ /dev/null @@ -1,23 +0,0 @@ -build-timestamp: hostname: - -{ config, lib, ... }: - -with lib; -{ - config = { - instance = { - inherit build-timestamp; - }; - - deployment = let - fs-keys = config.fudo.secrets.files.host-filesystem-keys; - in { - keys = if (hasAttr hostname fs-keys) then - mapAttrs (secret: secret-file: { - keyFile = secret-file; - user = "root"; - permissions = "0400"; - }) fs-keys.${hostname} else {}; - }; - }; -} diff --git a/common/deployment.nix b/common/deployment.nix deleted file mode 100644 index 591da6c..0000000 --- a/common/deployment.nix +++ /dev/null @@ -1,37 +0,0 @@ -lib: build-timestamp: hostname: hostOpts: - -with lib; -let - pkgs-for = system: import nixpkgs { - inherit system; - config = { - allowUnfree = true; - permittedInsecurePackages = [ - "openssh-with-gssapi-8.4p1" - ]; - overlays = [ - (import (fudo-pkgs + /overlay.nix)) - (import (fudo-nixos + /lib/overlay.nix)) - ]; - }; - }; - -in fudo-nixos.nixosConfigurations.${hostname} { - -} // mapAttrs (hostname: hostOpts: let - pkgs = pkgs-for hostOpts.arch; - host-ip = networks.${hostOpts.domain}.hosts.${hostname}.ipv4-address; -in fudo-nixos.nixosConfigurations.${hostname} // { - - config = { - nixpkgs.pkgs = pkgs; - - imports = [ - (host-config hostname) - ]; - - instance = { inherit hostname; }; - - deployment.targetHost = host-ip; - }; -}) deployment-hosts diff --git a/common/helpers.nix b/common/helpers.nix deleted file mode 100644 index 4daf4d4..0000000 --- a/common/helpers.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ lib, ... }: - -with lib; -let - regular-files = path: let - is-regular-file = filename: type: type == "regular" || type == "link"; - in attrNames (filterAttrs is-regular-file (builtins.readDir path)); - - nix-files = path: let - is-nix-file = filename: (builtins.match "^(.+)\.nix$" filename) != null; - in - map - (file: path + "/${file}") - (filter is-nix-file (regular-files path)); - - strip-ext = filename: head (builtins.match "^(.+)[.]nix$" filename); - - basename-to-map = path: - listToAttrs - (map - (file: - nameValuePair (strip-ext file) - (import (path + "${file}"))) - (nix-files path)); -in { - inherit regular-files nix-files strip-ext basename-to-map; -} diff --git a/deployments/joes-datacenter-0/flake.lock b/deployments/joes-datacenter-0/flake.lock deleted file mode 100644 index 43b2bbb..0000000 --- a/deployments/joes-datacenter-0/flake.lock +++ /dev/null @@ -1,563 +0,0 @@ -{ - "nodes": { - "backplane-passwords": { - "flake": false, - "locked": { - "narHash": "sha256-Bf5sVg4oSg6uCKMJl21btfBH4NQI/Wz4SU9j130Shyg=", - "path": "./backplane-passwords", - "type": "path" - }, - "original": { - "path": "./backplane-passwords", - "type": "path" - } - }, - "build-keypairs": { - "flake": false, - "locked": { - "narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=", - "path": "./build-keypairs", - "type": "path" - }, - "original": { - "path": "./build-keypairs", - "type": "path" - } - }, - "doom-emacs": { - "inputs": { - "doom-emacs": "doom-emacs_2", - "doom-snippets": "doom-snippets", - "emacs-overlay": "emacs-overlay", - "emacs-so-long": "emacs-so-long", - "evil-markdown": "evil-markdown", - "evil-org-mode": "evil-org-mode", - "evil-quick-diff": "evil-quick-diff", - "explain-pause-mode": "explain-pause-mode", - "flake-utils": "flake-utils", - "nix-straight": "nix-straight", - "nixpkgs": "nixpkgs", - "nose": "nose", - "ob-racket": "ob-racket", - "org": "org", - "org-contrib": "org-contrib", - "org-yt": "org-yt", - "php-extras": "php-extras", - "revealjs": "revealjs", - "rotate-text": "rotate-text" - }, - "locked": { - "lastModified": 1627398156, - "narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=", - "owner": "vlaci", - "repo": "nix-doom-emacs", - "rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff", - "type": "github" - }, - "original": { - "owner": "vlaci", - "repo": "nix-doom-emacs", - "type": "github" - } - }, - "doom-emacs_2": { - "flake": false, - "locked": { - "lastModified": 1626604817, - "narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=", - "owner": "hlissner", - "repo": "doom-emacs", - "rev": "46732c0adaef147144418f9f284ca6b1183ab96f", - "type": "github" - }, - "original": { - "owner": "hlissner", - "ref": "develop", - "repo": "doom-emacs", - "type": "github" - } - }, - "doom-snippets": { - "flake": false, - "locked": { - "lastModified": 1625547004, - "narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=", - "owner": "hlissner", - "repo": "doom-snippets", - "rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "doom-snippets", - "type": "github" - } - }, - "emacs-overlay": { - "flake": false, - "locked": { - "lastModified": 1626972035, - "narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=", - "owner": "nix-community", - "repo": "emacs-overlay", - "rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "emacs-overlay", - "type": "github" - } - }, - "emacs-so-long": { - "flake": false, - "locked": { - "lastModified": 1575031854, - "narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=", - "owner": "hlissner", - "repo": "emacs-so-long", - "rev": "ed666b0716f60e8988c455804de24b55919e71ca", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "emacs-so-long", - "type": "github" - } - }, - "evil-markdown": { - "flake": false, - "locked": { - "lastModified": 1626852210, - "narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=", - "owner": "Somelauw", - "repo": "evil-markdown", - "rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477", - "type": "github" - }, - "original": { - "owner": "Somelauw", - "repo": "evil-markdown", - "type": "github" - } - }, - "evil-org-mode": { - "flake": false, - "locked": { - "lastModified": 1607203864, - "narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=", - "owner": "hlissner", - "repo": "evil-org-mode", - "rev": "a9706da260c45b98601bcd72b1d2c0a24a017700", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "evil-org-mode", - "type": "github" - } - }, - "evil-quick-diff": { - "flake": false, - "locked": { - "lastModified": 1575189609, - "narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=", - "owner": "rgrinberg", - "repo": "evil-quick-diff", - "rev": "69c883720b30a892c63bc89f49d4f0e8b8028908", - "type": "github" - }, - "original": { - "owner": "rgrinberg", - "repo": "evil-quick-diff", - "type": "github" - } - }, - "explain-pause-mode": { - "flake": false, - "locked": { - "lastModified": 1595842060, - "narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=", - "owner": "lastquestion", - "repo": "explain-pause-mode", - "rev": "2356c8c3639cbeeb9751744dbe737267849b4b51", - "type": "github" - }, - "original": { - "owner": "lastquestion", - "repo": "explain-pause-mode", - "type": "github" - } - }, - "filesystem-keys": { - "flake": false, - "locked": { - "narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=", - "path": "./filesystem-keys", - "type": "path" - }, - "original": { - "path": "./filesystem-keys", - "type": "path" - } - }, - "flake-utils": { - "locked": { - "lastModified": 1623875721, - "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "fudo-home": { - "inputs": { - "doom-emacs": "doom-emacs", - "home-manager": "home-manager", - "niten-doom-config": "niten-doom-config", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1635528550, - "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=", - "ref": "flake", - "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6", - "revCount": 38, - "type": "git", - "url": "https://git.fudo.org/niten/nix-home.git" - }, - "original": { - "ref": "flake", - "type": "git", - "url": "https://git.fudo.org/niten/nix-home.git" - } - }, - "fudo-nixos": { - "flake": false, - "locked": { - "narHash": "sha256-nbjdCHS9siLHN6kcXwFy/hR3zDBXcQ5aPg3vWstzmsQ=", - "path": "/state/nixops/fudo-nixos", - "type": "path" - }, - "original": { - "path": "/state/nixops/fudo-nixos", - "type": "path" - } - }, - "fudo-pkgs": { - "locked": { - "lastModified": 1633732024, - "narHash": "sha256-H1xthHmjvczP+qYQnoLmZjqagHEk5LVsv/0zDlmZoAc=", - "ref": "master", - "rev": "160807215cf9158605b072c54a9b682522d62989", - "revCount": 10, - "type": "git", - "url": "https://git.fudo.org/fudo-public/fudo-pkgs.git" - }, - "original": { - "type": "git", - "url": "https://git.fudo.org/fudo-public/fudo-pkgs.git" - } - }, - "fudo-secrets": { - "inputs": { - "backplane-passwords": "backplane-passwords", - "build-keypairs": "build-keypairs", - "filesystem-keys": "filesystem-keys", - "host-keytabs": "host-keytabs", - "service-keytabs": "service-keytabs", - "service-passwords": "service-passwords", - "ssh-keypairs": "ssh-keypairs" - }, - "locked": { - "narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=", - "path": "/state/secrets", - "type": "path" - }, - "original": { - "path": "/state/secrets", - "type": "path" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "fudo-home", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1633291410, - "narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "382505714d10c6791a96712e0554587c75c5bf8b", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-21.05", - "repo": "home-manager", - "type": "github" - } - }, - "host-keytabs": { - "flake": false, - "locked": { - "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=", - "path": "./kerberos/host-keytabs", - "type": "path" - }, - "original": { - "path": "./kerberos/host-keytabs", - "type": "path" - } - }, - "niten-doom-config": { - "flake": false, - "locked": { - "lastModified": 1628274414, - "narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=", - "ref": "master", - "rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2", - "revCount": 34, - "type": "git", - "url": "https://git.fudo.org/niten/doom-emacs.git" - }, - "original": { - "type": "git", - "url": "https://git.fudo.org/niten/doom-emacs.git" - } - }, - "nix-straight": { - "flake": false, - "locked": { - "lastModified": 1621543597, - "narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=", - "owner": "vlaci", - "repo": "nix-straight.el", - "rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca", - "type": "github" - }, - "original": { - "owner": "vlaci", - "ref": "v2.2.0", - "repo": "nix-straight.el", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1626852498, - "narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixpkgs-unstable", - "type": "indirect" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1635543790, - "narHash": "sha256-I1lo59Y5mPbkqB8qbp92p4e5Htfm6Wbhvt19efg0cBU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "6c0c30146347188ce908838fd2b50c1b7db47c0c", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05", - "type": "indirect" - } - }, - "nose": { - "flake": false, - "locked": { - "lastModified": 1400604510, - "narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=", - "owner": "emacsattic", - "repo": "nose", - "rev": "f8528297519eba911696c4e68fa88892de9a7b72", - "type": "github" - }, - "original": { - "owner": "emacsattic", - "repo": "nose", - "type": "github" - } - }, - "ob-racket": { - "flake": false, - "locked": { - "lastModified": 1584656173, - "narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=", - "owner": "xchrishawk", - "repo": "ob-racket", - "rev": "83457ec9e1e96a29fd2086ed19432b9d75787673", - "type": "github" - }, - "original": { - "owner": "xchrishawk", - "repo": "ob-racket", - "type": "github" - } - }, - "org": { - "flake": false, - "locked": { - "lastModified": 1627155762, - "narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=", - "owner": "emacs-straight", - "repo": "org-mode", - "rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237", - "type": "github" - }, - "original": { - "owner": "emacs-straight", - "repo": "org-mode", - "type": "github" - } - }, - "org-contrib": { - "flake": false, - "locked": { - "lastModified": 1623339452, - "narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=", - "ref": "master", - "rev": "fc81309cf6756607a836f93049a9393c2967c4e0", - "revCount": 2599, - "type": "git", - "url": "https://git.sr.ht/~bzg/org-contrib" - }, - "original": { - "type": "git", - "url": "https://git.sr.ht/~bzg/org-contrib" - } - }, - "org-yt": { - "flake": false, - "locked": { - "lastModified": 1527381913, - "narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=", - "owner": "TobiasZawada", - "repo": "org-yt", - "rev": "40cc1ac76d741055cbefa13860d9f070a7ade001", - "type": "github" - }, - "original": { - "owner": "TobiasZawada", - "repo": "org-yt", - "type": "github" - } - }, - "php-extras": { - "flake": false, - "locked": { - "lastModified": 1573312690, - "narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=", - "owner": "arnested", - "repo": "php-extras", - "rev": "d410c5af663c30c01d461ac476d1cbfbacb49367", - "type": "github" - }, - "original": { - "owner": "arnested", - "repo": "php-extras", - "type": "github" - } - }, - "revealjs": { - "flake": false, - "locked": { - "lastModified": 1625811744, - "narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=", - "owner": "hakimel", - "repo": "reveal.js", - "rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad", - "type": "github" - }, - "original": { - "owner": "hakimel", - "repo": "reveal.js", - "type": "github" - } - }, - "root": { - "inputs": { - "fudo-home": "fudo-home", - "fudo-nixos": "fudo-nixos", - "fudo-pkgs": "fudo-pkgs", - "fudo-secrets": "fudo-secrets", - "nixpkgs": "nixpkgs_2" - } - }, - "rotate-text": { - "flake": false, - "locked": { - "lastModified": 1322962747, - "narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=", - "owner": "debug-ito", - "repo": "rotate-text.el", - "rev": "48f193697db996855aee1ad2bc99b38c6646fe76", - "type": "github" - }, - "original": { - "owner": "debug-ito", - "repo": "rotate-text.el", - "type": "github" - } - }, - "service-keytabs": { - "flake": false, - "locked": { - "narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=", - "path": "./kerberos/service-keytabs", - "type": "path" - }, - "original": { - "path": "./kerberos/service-keytabs", - "type": "path" - } - }, - "service-passwords": { - "flake": false, - "locked": { - "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=", - "path": "./service-passwords", - "type": "path" - }, - "original": { - "path": "./service-passwords", - "type": "path" - } - }, - "ssh-keypairs": { - "flake": false, - "locked": { - "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=", - "path": "./ssh-keypairs", - "type": "path" - }, - "original": { - "path": "./ssh-keypairs", - "type": "path" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/deployments/joes-datacenter-0/flake.nix b/deployments/joes-datacenter-0/flake.nix deleted file mode 100644 index 1b00c80..0000000 --- a/deployments/joes-datacenter-0/flake.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ - description = "Definition of the Informis NixOps network."; - - inputs = { - nixpkgs.url = "nixpkgs/nixos-21.05"; - - fudo-home = { - url = "git+https://git.fudo.org/niten/nix-home.git?ref=flake"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - fudo-secrets.url = "path:/state/secrets"; - - fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git"; - - fudo-nixos = { - # url = "git+ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git?ref=nixops-flake"; - url = "path:/state/nixops/fudo-nixos"; - # Don't import it as a flake - flake = false; - }; - }; - - outputs = { self, nixpkgs, fudo-home, fudo-nixos, fudo-pkgs, fudo-secrets, ... }: let - description = "Informis NixOps network."; - domain = "informis.land"; - site = "joes-datacenter-0"; - - build-timestamp = self.sourceInfo.lastModified; - - hostlib = import (fudo-nixos + /lib/hosts.nix) { lib = nixpkgs.lib; }; - - hosts = nixpkgs.lib.filterAttrs (hostname: hostOpts: - hostOpts.nixos-system && hostOpts.site == site) - (hostlib.base-host-config (fudo-nixos + /config/hosts)); - - network-hosts = - (import (fudo-nixos + /config/networks/${domain}.nix)).hosts; - - pkgs-for = system: import nixpkgs { - inherit system; - config = { - allowUnfree = true; - permittedInsecurePackages = [ - "openssh-with-gssapi-8.4p1" - ]; - }; - overlays = [ - (import (fudo-pkgs + "/overlay.nix")) - (import (fudo-nixos + "/lib/overlay.nix")) - ]; - }; - - initialize-host = import (fudo-nixos + /initialize.nix); - - in { - nixopsConfigurations.default = { - inherit nixpkgs; - - network = { - description = description; - enableRollback = true; - }; - } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let - system = hostOpts.arch; - profile = hostOpts.profile; - in { config, pkgs, lib, ... }: { - imports = [ - fudo-home.nixosModule - fudo-secrets.nixosModule - (initialize-host { - inherit hostname build-timestamp site domain profile; - }) - ]; - - nixpkgs.pkgs = pkgs-for system; - - deployment = with lib; { - targetHost = network-hosts.${hostname}.ipv4-address; - - keys = if (hasAttr hostname config.fudo.secrets.files.host-filesystem-keys) - then - mapAttrs (secret: secret-file: { - keyFile = secret-file; - user = "root"; - permissions = "0400"; - }) config.fudo.secrets.files.host-filesystem-keys.${hostname} - else {}; - }; - }) hosts); - }; -} diff --git a/deployments/portage/flake.lock b/deployments/portage/flake.lock deleted file mode 100644 index 06d7514..0000000 --- a/deployments/portage/flake.lock +++ /dev/null @@ -1,559 +0,0 @@ -{ - "nodes": { - "backplane": { - "flake": false, - "locked": { - "narHash": "sha256-q159nkiuwtQcfecm7SVpy6lG1eWc5ZqeGhnEAIY6J5w=", - "path": "./backplane", - "type": "path" - }, - "original": { - "path": "./backplane", - "type": "path" - } - }, - "build-keypairs": { - "flake": false, - "locked": { - "narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=", - "path": "./build-keypairs", - "type": "path" - }, - "original": { - "path": "./build-keypairs", - "type": "path" - } - }, - "doom-emacs": { - "inputs": { - "doom-emacs": "doom-emacs_2", - "doom-snippets": "doom-snippets", - "emacs-overlay": "emacs-overlay", - "emacs-so-long": "emacs-so-long", - "evil-markdown": "evil-markdown", - "evil-org-mode": "evil-org-mode", - "evil-quick-diff": "evil-quick-diff", - "explain-pause-mode": "explain-pause-mode", - "flake-utils": "flake-utils", - "nix-straight": "nix-straight", - "nixpkgs": "nixpkgs", - "nose": "nose", - "ob-racket": "ob-racket", - "org": "org", - "org-contrib": "org-contrib", - "org-yt": "org-yt", - "php-extras": "php-extras", - "revealjs": "revealjs", - "rotate-text": "rotate-text" - }, - "locked": { - "lastModified": 1627398156, - "narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=", - "owner": "vlaci", - "repo": "nix-doom-emacs", - "rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff", - "type": "github" - }, - "original": { - "owner": "vlaci", - "repo": "nix-doom-emacs", - "type": "github" - } - }, - "doom-emacs_2": { - "flake": false, - "locked": { - "lastModified": 1626604817, - "narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=", - "owner": "hlissner", - "repo": "doom-emacs", - "rev": "46732c0adaef147144418f9f284ca6b1183ab96f", - "type": "github" - }, - "original": { - "owner": "hlissner", - "ref": "develop", - "repo": "doom-emacs", - "type": "github" - } - }, - "doom-snippets": { - "flake": false, - "locked": { - "lastModified": 1625547004, - "narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=", - "owner": "hlissner", - "repo": "doom-snippets", - "rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "doom-snippets", - "type": "github" - } - }, - "emacs-overlay": { - "flake": false, - "locked": { - "lastModified": 1626972035, - "narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=", - "owner": "nix-community", - "repo": "emacs-overlay", - "rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "emacs-overlay", - "type": "github" - } - }, - "emacs-so-long": { - "flake": false, - "locked": { - "lastModified": 1575031854, - "narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=", - "owner": "hlissner", - "repo": "emacs-so-long", - "rev": "ed666b0716f60e8988c455804de24b55919e71ca", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "emacs-so-long", - "type": "github" - } - }, - "evil-markdown": { - "flake": false, - "locked": { - "lastModified": 1626852210, - "narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=", - "owner": "Somelauw", - "repo": "evil-markdown", - "rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477", - "type": "github" - }, - "original": { - "owner": "Somelauw", - "repo": "evil-markdown", - "type": "github" - } - }, - "evil-org-mode": { - "flake": false, - "locked": { - "lastModified": 1607203864, - "narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=", - "owner": "hlissner", - "repo": "evil-org-mode", - "rev": "a9706da260c45b98601bcd72b1d2c0a24a017700", - "type": "github" - }, - "original": { - "owner": "hlissner", - "repo": "evil-org-mode", - "type": "github" - } - }, - "evil-quick-diff": { - "flake": false, - "locked": { - "lastModified": 1575189609, - "narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=", - "owner": "rgrinberg", - "repo": "evil-quick-diff", - "rev": "69c883720b30a892c63bc89f49d4f0e8b8028908", - "type": "github" - }, - "original": { - "owner": "rgrinberg", - "repo": "evil-quick-diff", - "type": "github" - } - }, - "explain-pause-mode": { - "flake": false, - "locked": { - "lastModified": 1595842060, - "narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=", - "owner": "lastquestion", - "repo": "explain-pause-mode", - "rev": "2356c8c3639cbeeb9751744dbe737267849b4b51", - "type": "github" - }, - "original": { - "owner": "lastquestion", - "repo": "explain-pause-mode", - "type": "github" - } - }, - "filesystem-keys": { - "flake": false, - "locked": { - "narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=", - "path": "./filesystem-keys", - "type": "path" - }, - "original": { - "path": "./filesystem-keys", - "type": "path" - } - }, - "flake-utils": { - "locked": { - "lastModified": 1623875721, - "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "fudo-home": { - "inputs": { - "doom-emacs": "doom-emacs", - "home-manager": "home-manager", - "niten-doom-config": "niten-doom-config", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1635528550, - "narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=", - "ref": "flake", - "rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6", - "revCount": 38, - "type": "git", - "url": "https://git.fudo.org/niten/nix-home.git" - }, - "original": { - "ref": "flake", - "type": "git", - "url": "https://git.fudo.org/niten/nix-home.git" - } - }, - "fudo-nixos": { - "flake": false, - "locked": { - "narHash": "sha256-wIk8P88DRH8eQ31LajzGOKAwx7HoB+Qet4ws9bdeG+8=", - "path": "/state/nixops/fudo-nixos", - "type": "path" - }, - "original": { - "path": "/state/nixops/fudo-nixos", - "type": "path" - } - }, - "fudo-pkgs": { - "locked": { - "narHash": "sha256-zkWbqqzNFNMLbIqWGY1xAw/2NdBrNfbUvwIgX+44Zao=", - "path": "/state/nixops/fudo-pkgs", - "type": "path" - }, - "original": { - "path": "/state/nixops/fudo-pkgs", - "type": "path" - } - }, - "fudo-secrets": { - "inputs": { - "backplane": "backplane", - "build-keypairs": "build-keypairs", - "filesystem-keys": "filesystem-keys", - "host-keytabs": "host-keytabs", - "service-keytabs": "service-keytabs", - "service-passwords": "service-passwords", - "ssh-keypairs": "ssh-keypairs" - }, - "locked": { - "narHash": "sha256-MDaYnGcrppeZgOZKX4uHJO4NY7t5m//m7PwTMGE7hv4=", - "path": "/state/secrets", - "type": "path" - }, - "original": { - "path": "/state/secrets", - "type": "path" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "fudo-home", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1633291410, - "narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "382505714d10c6791a96712e0554587c75c5bf8b", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-21.05", - "repo": "home-manager", - "type": "github" - } - }, - "host-keytabs": { - "flake": false, - "locked": { - "narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=", - "path": "./kerberos/host-keytabs", - "type": "path" - }, - "original": { - "path": "./kerberos/host-keytabs", - "type": "path" - } - }, - "niten-doom-config": { - "flake": false, - "locked": { - "lastModified": 1628274414, - "narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=", - "ref": "master", - "rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2", - "revCount": 34, - "type": "git", - "url": "https://git.fudo.org/niten/doom-emacs.git" - }, - "original": { - "type": "git", - "url": "https://git.fudo.org/niten/doom-emacs.git" - } - }, - "nix-straight": { - "flake": false, - "locked": { - "lastModified": 1621543597, - "narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=", - "owner": "vlaci", - "repo": "nix-straight.el", - "rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca", - "type": "github" - }, - "original": { - "owner": "vlaci", - "ref": "v2.2.0", - "repo": "nix-straight.el", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1626852498, - "narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixpkgs-unstable", - "type": "indirect" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1635719588, - "narHash": "sha256-pWjdy0NheM97NsPE6+jUnr5LYyeA0sBGTdw4mfXMGZQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05", - "type": "indirect" - } - }, - "nose": { - "flake": false, - "locked": { - "lastModified": 1400604510, - "narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=", - "owner": "emacsattic", - "repo": "nose", - "rev": "f8528297519eba911696c4e68fa88892de9a7b72", - "type": "github" - }, - "original": { - "owner": "emacsattic", - "repo": "nose", - "type": "github" - } - }, - "ob-racket": { - "flake": false, - "locked": { - "lastModified": 1584656173, - "narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=", - "owner": "xchrishawk", - "repo": "ob-racket", - "rev": "83457ec9e1e96a29fd2086ed19432b9d75787673", - "type": "github" - }, - "original": { - "owner": "xchrishawk", - "repo": "ob-racket", - "type": "github" - } - }, - "org": { - "flake": false, - "locked": { - "lastModified": 1627155762, - "narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=", - "owner": "emacs-straight", - "repo": "org-mode", - "rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237", - "type": "github" - }, - "original": { - "owner": "emacs-straight", - "repo": "org-mode", - "type": "github" - } - }, - "org-contrib": { - "flake": false, - "locked": { - "lastModified": 1623339452, - "narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=", - "ref": "master", - "rev": "fc81309cf6756607a836f93049a9393c2967c4e0", - "revCount": 2599, - "type": "git", - "url": "https://git.sr.ht/~bzg/org-contrib" - }, - "original": { - "type": "git", - "url": "https://git.sr.ht/~bzg/org-contrib" - } - }, - "org-yt": { - "flake": false, - "locked": { - "lastModified": 1527381913, - "narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=", - "owner": "TobiasZawada", - "repo": "org-yt", - "rev": "40cc1ac76d741055cbefa13860d9f070a7ade001", - "type": "github" - }, - "original": { - "owner": "TobiasZawada", - "repo": "org-yt", - "type": "github" - } - }, - "php-extras": { - "flake": false, - "locked": { - "lastModified": 1573312690, - "narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=", - "owner": "arnested", - "repo": "php-extras", - "rev": "d410c5af663c30c01d461ac476d1cbfbacb49367", - "type": "github" - }, - "original": { - "owner": "arnested", - "repo": "php-extras", - "type": "github" - } - }, - "revealjs": { - "flake": false, - "locked": { - "lastModified": 1625811744, - "narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=", - "owner": "hakimel", - "repo": "reveal.js", - "rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad", - "type": "github" - }, - "original": { - "owner": "hakimel", - "repo": "reveal.js", - "type": "github" - } - }, - "root": { - "inputs": { - "fudo-home": "fudo-home", - "fudo-nixos": "fudo-nixos", - "fudo-pkgs": "fudo-pkgs", - "fudo-secrets": "fudo-secrets", - "nixpkgs": "nixpkgs_2" - } - }, - "rotate-text": { - "flake": false, - "locked": { - "lastModified": 1322962747, - "narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=", - "owner": "debug-ito", - "repo": "rotate-text.el", - "rev": "48f193697db996855aee1ad2bc99b38c6646fe76", - "type": "github" - }, - "original": { - "owner": "debug-ito", - "repo": "rotate-text.el", - "type": "github" - } - }, - "service-keytabs": { - "flake": false, - "locked": { - "narHash": "sha256-n2i88EiGs2DJCU+qGdLICbYMWUqdNpnEx/VUzDq5xZ8=", - "path": "./kerberos/service-keytabs", - "type": "path" - }, - "original": { - "path": "./kerberos/service-keytabs", - "type": "path" - } - }, - "service-passwords": { - "flake": false, - "locked": { - "narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=", - "path": "./service-passwords", - "type": "path" - }, - "original": { - "path": "./service-passwords", - "type": "path" - } - }, - "ssh-keypairs": { - "flake": false, - "locked": { - "narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=", - "path": "./ssh-keypairs", - "type": "path" - }, - "original": { - "path": "./ssh-keypairs", - "type": "path" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/deployments/portage/flake.nix b/deployments/portage/flake.nix deleted file mode 100644 index 7356949..0000000 --- a/deployments/portage/flake.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - description = "Definition of the Portage NixOps network."; - - inputs = import ../../common/inputs.nix { nixos-version = "21.05"; }; - - outputs = { self, nixpkgs, fudo-home, fudo-nixos, fudo-pkgs, fudo-secrets, ... }: let - domain = "fudo.org"; - site = "portage"; - - build-timestamp = self.sourceInfo.lastModified; - - hostlib = import (fudo-nixos + /lib/hosts.nix) { lib = nixpkgs.lib; }; - - hosts = nixpkgs.lib.filterAttrs (hostname: hostOpts: - hostOpts.nixos-system && hostOpts.site == site) - (hostlib.base-host-config (fudo-nixos + /config/hosts)); - - network-hosts = (import (fudo-nixos + /config/networks/${domain}.nix)).hosts; - - pkgs-for = system: import nixpkgs { - inherit system; - config = { - allowUnfree = true; - permittedInsecurePackages = [ - "openssh-with-gssapi-8.4p1" - ]; - }; - overlays = [ - (import (fudo-pkgs + "/overlay.nix")) - (import (fudo-nixos + "/lib/overlay.nix")) - ]; - }; - - initialize-host = import (fudo-nixos + /initialize.nix); - - in { - nixopsConfigurations.default = { - inherit nixpkgs; - - network = { - description = "Portage NixOps network."; - enableRollback = true; - }; - } // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let - system = hostOpts.arch; - profile = hostOpts.profile; - in { config, ... }: let - pkgs = pkgs-for system; - lib = pkgs.lib; - build-seed = builtins.readFile config.fudo.secrets.files.build-seed; - in { - imports = [ - fudo-home.nixosModule - fudo-secrets.nixosModule - (initialize-host { - inherit - lib - pkgs - hostname - build-timestamp - build-seed - site - domain - profile; }) - ]; - - nixpkgs.pkgs = pkgs-for system; - nixpkgs.lib = (pkgs-for system).lib; - - deployment = with lib; { - targetHost = network-hosts.${hostname}.ipv4-address; - - keys = if (hasAttr hostname config.fudo.secrets.files.host-filesystem-keys) - then - mapAttrs (secret: secret-file: { - keyFile = secret-file; - user = "root"; - permissions = "0400"; - }) config.fudo.secrets.files.host-filesystem-keys.${hostname} - else {}; - }; - }) hosts); - }; -} diff --git a/deployments/seattle/host-config.nix b/deployments/seattle/host-config.nix deleted file mode 100644 index 4348368..0000000 --- a/deployments/seattle/host-config.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ inputs, build-timestamp, ... }: - -hostname: hostOpts: - -let - pkgs-for = system: import inputs.nixpkgs { - inherit system; - config = { - allowUnfree = true; - permittedInsecurePackages = [ - "openssh-with-gssapi-8.4p1" - ]; - overlays = [ - (import (inputs.fudo-pkgs + /overlay.nix)) - (import (inputs.fudo-nixos + /lib/overlay.nix)) - ]; - }; - }; - - host-ip = - inputs.fudo-entities.entities.zones.${hostOpts.domain}.hosts.${hostname}.ipv4-address; - -in { config, ... }: { - modules = [ - inputs.fudo-nixos.nixosConfigurations.${hostname} - ]; - - imports = [ - inputs.fudo-secrets.nixosModule - inputs.fudo-lib.nixosModule - ]; - - nixpkgs.pkgs = pkgs-for hostOpts.arch; - - instance = { - inherit hostname build-timestamp; - }; - - deployment = { - targetHost = host-ip; - }; -} diff --git a/informis/flake.nix b/informis/flake.nix new file mode 100644 index 0000000..1dc2b22 --- /dev/null +++ b/informis/flake.nix @@ -0,0 +1,55 @@ +{ + description = "Definition of the Informis NixOps network."; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-21.05"; + + fudo-secrets.url = "path:/state/secrets"; + + fudo-nixos = { + url = "git+ssh://fudo_git@git.fudo.org:2222/fudo-nix/nixos-config.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + fudo-entities = { + url = "git+ssh://fudo_git@git.fudo.org:2222/fudo-nix/entities.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = { self, nixpkgs, fudo-nixos, fudo-entities, fudo-secrets, ... }: + with nixpkgs.lib; { + nixopsConfigurations.default = let + domain = "informis.land"; + + deployment-hosts = filterAttrs + (hostname: hostOpts: + hostOpts.domain == domain && + hostOpts.nixos-system) + fudo-entities.entities.hosts; + + network-config = { + inherit nixpkgs; + network = { + description = "Seattle NixOps network"; + enableRollback = true; + }; + }; + + uber-secrets = config.fudo.secrets.files.host-filesystem-keys; + + host-configs = (mapAttrs (hostname: hostOpts: + fudo-nixos.nixopsHostConfigurations.${hostname}) + deployment-hosts); + + host-uber-secrets = (mapAttrs (hostname: hostOpts: + if (hasAttr hostname uber-secrets) then + mapAttrs (secret: secret-file: { + keyFile = secret-file; + user = "root"; + permissions = "0400"; + }) uber-secrets.${hostname} + else {})); + in network-config // host-configs // host-uber-secrets; + }; +} diff --git a/deployments/seattle/flake.lock b/seattle/flake.lock similarity index 96% rename from deployments/seattle/flake.lock rename to seattle/flake.lock index 667fab2..0927ee5 100644 --- a/deployments/seattle/flake.lock +++ b/seattle/flake.lock @@ -315,7 +315,7 @@ ] }, "locked": { - "narHash": "sha256-DnIQNMu2E6gQh0SJk4h6iz2cL/vK6VIobp35hS7qQmo=", + "narHash": "sha256-dONN8g58YVJAONpxHMgXl31Jvl3iHlZrYRsomxtwOWA=", "path": "/state/fudo-entities", "type": "path" }, @@ -334,13 +334,17 @@ ] }, "locked": { - "narHash": "sha256-DnIQNMu2E6gQh0SJk4h6iz2cL/vK6VIobp35hS7qQmo=", - "path": "/state/fudo-entities", - "type": "path" + "lastModified": 1638137290, + "narHash": "sha256-8Kjzn0jr4arVDDaOQUtT7VFd1ir1SB1X1xp1OoLZduo=", + "ref": "master", + "rev": "45cb2ae34407530496a30c6121cad976bd186fc5", + "revCount": 8, + "type": "git", + "url": "https://git.fudo.org/nix/fudo-entities.git" }, "original": { - "path": "/state/fudo-entities", - "type": "path" + "type": "git", + "url": "https://git.fudo.org/nix/fudo-entities.git" } }, "fudo-home": { @@ -354,7 +358,7 @@ ] }, "locked": { - "narHash": "sha256-TpFI+nD+c9JXhKKDBgIHJhIfveTScBD6gotTPt8tvg4=", + "narHash": "sha256-NCvYqgBq3HCqBx+EO1grdiflR9tthm9bUIasB4XtI4U=", "path": "/state/nixops/fudo-home", "type": "path" }, @@ -376,7 +380,7 @@ }, "fudo-lib_2": { "locked": { - "narHash": "sha256-gZAKO49RbpNWdmZaqrXnzCrLoSXsGV6H67f+mECJtCk=", + "narHash": "sha256-1unDTB52rrC4MhomFowHi4kzTea0/dk15A9D59Cpu0Q=", "path": "/state/fudo-lib", "type": "path" }, @@ -398,7 +402,7 @@ }, "fudo-lib_4": { "locked": { - "narHash": "sha256-gZAKO49RbpNWdmZaqrXnzCrLoSXsGV6H67f+mECJtCk=", + "narHash": "sha256-1unDTB52rrC4MhomFowHi4kzTea0/dk15A9D59Cpu0Q=", "path": "/state/fudo-lib", "type": "path" }, @@ -419,7 +423,7 @@ ] }, "locked": { - "narHash": "sha256-mGmqObOimHmAWntx7GOHjLABKw+9ZMwVn19R7f6f93s=", + "narHash": "sha256-tWOjzj9Lq0ugOQXvzIAYTl4V2oIaowJeb/HLlIAi0Sc=", "path": "/state/nixops/fudo-nixos", "type": "path" }, @@ -580,11 +584,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1637875414, - "narHash": "sha256-Ica++SXFuLyxX9Q7YxhfZulUif6/gwM8AEQYlUxqSgE=", + "lastModified": 1638196344, + "narHash": "sha256-fkOqSkfOkl8tqxDd+zJU4kAgyLXp/ouaP+U9gpjEZZs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3bea86e918d8b54aa49780505d2d4cd9261413be", + "rev": "2553aee74fed8c2205a4aeb3ffd206ca14ede60f", "type": "github" }, "original": { diff --git a/deployments/seattle/flake.nix b/seattle/flake.nix similarity index 80% rename from deployments/seattle/flake.nix rename to seattle/flake.nix index 8a8df13..206d655 100644 --- a/deployments/seattle/flake.nix +++ b/seattle/flake.nix @@ -31,14 +31,6 @@ hostOpts.domain == "sea.fudo.org" && hostOpts.nixos-system) fudo-entities.entities.hosts; - - build-timestamp = self.sourceInfo.lastModified; - - host-gen-config = import ./host-config.nix { - inherit inputs build-timestamp; - }; - - common-configs = mapAttrs host-gen-config deployment-hosts; in { inherit nixpkgs; @@ -46,6 +38,8 @@ description = "Seattle NixOps network"; enableRollback = true; }; - } // common-configs; + } // (mapAttrs (hostname: hostOpts: + fudo-nixos.nixopsHostConfigurations.${hostname}) + deployment-hosts); }; }