From 6780fa76cd50365d8544d6fdd1de2c362c9c9a7a Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Mon, 29 Nov 2021 17:15:48 -0800
Subject: [PATCH] Transitioning back to a deployment/ dir

---
 common/deployment.nix | 31 +++++++++++++++++++++++++++++++
 informis/flake.nix    | 43 +++++++++++++------------------------------
 2 files changed, 44 insertions(+), 30 deletions(-)
 create mode 100644 common/deployment.nix

diff --git a/common/deployment.nix b/common/deployment.nix
new file mode 100644
index 0000000..a0c6ef8
--- /dev/null
+++ b/common/deployment.nix
@@ -0,0 +1,31 @@
+{ inputs, deployment-hosts, description, enable-rollback ? true, ... }:
+with inputs.nixpkgs.lib; let
+  network-config = {
+    nixpkgs = inputs.nixpkgs;
+    network = {
+      inherit description;
+      enableRollback = enable-rollback;
+    };
+  };
+
+  host-configs = genAttrs deployment-hosts
+    (hostname: fudo-nixos.nixopsHostConfigurations.${hostname});
+
+  host-uber-secrets = genAttrs deployment-hosts
+    (hostname: { config, ... }: let
+      uber-secrets = config.fudo.secrets.files.host-filesystem-keys;
+    in {
+      imports = [
+        inputs.fudo-secrets.nixosModule
+        ({ config, ... }: {
+          deployment.keys = mkIf (hasAttr hostname uber-secrets) {
+            deployment.keys = mapAttrs (secret: secret-file: {
+              keyFile = secret-file;
+              user = "root";
+              permissions = "0400";
+            }) uber-secrets.${hostname};
+          };
+        })
+      ];
+    });
+in network-config // host-configs // host-uber-secrets
diff --git a/informis/flake.nix b/informis/flake.nix
index 1dc2b22..6ee3dfd 100644
--- a/informis/flake.nix
+++ b/informis/flake.nix
@@ -1,5 +1,5 @@
 {
-  description = "Definition of the Informis NixOps network.";
+  description = "Informis NixOps network.";
 
   inputs = {
     nixpkgs.url = "nixpkgs/nixos-21.05";
@@ -17,39 +17,22 @@
     };
   };
 
-  outputs = { self, nixpkgs, fudo-nixos, fudo-entities, fudo-secrets, ... }:
+  outputs = { self, nixpkgs, fudo-nixos, fudo-entities, fudo-secrets } @ inputs:
     with nixpkgs.lib; {
       nixopsConfigurations.default = let
         domain = "informis.land";
+        description = "Informis NixOps Network";
 
-        deployment-hosts = filterAttrs
-          (hostname: hostOpts:
-            hostOpts.domain == domain &&
-            hostOpts.nixos-system)
-          fudo-entities.entities.hosts;
+        deployment-hosts = attrNames
+          (filterAttrs
+            (hostname: hostOpts:
+              hostOpts.domain == domain &&
+              hostOpts.nixos-system)
+            fudo-entities.entities.hosts);
 
-        network-config = {
-          inherit nixpkgs;
-          network = {
-            description = "Seattle NixOps network";
-            enableRollback = true;
-          };
-        };
-
-        uber-secrets = config.fudo.secrets.files.host-filesystem-keys;
-
-        host-configs = (mapAttrs (hostname: hostOpts:
-          fudo-nixos.nixopsHostConfigurations.${hostname})
-          deployment-hosts);
-
-        host-uber-secrets = (mapAttrs (hostname: hostOpts:
-          if (hasAttr hostname uber-secrets) then
-            mapAttrs (secret: secret-file: {
-              keyFile = secret-file;
-              user = "root";
-              permissions = "0400";
-            }) uber-secrets.${hostname}
-          else {}));
-      in network-config // host-configs // host-uber-secrets;
+        deployment-config-generator = import ../common/deployment.nix;
+      in deployment-config-generator {
+        inherit inputs deployment-hosts description;
+      };
     };
 }