Shuffling lots of stuff around
This commit is contained in:
parent
a71867ce94
commit
c345daa524
|
|
@ -1,23 +0,0 @@
|
|||
build-timestamp: hostname:
|
||||
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
config = {
|
||||
instance = {
|
||||
inherit build-timestamp;
|
||||
};
|
||||
|
||||
deployment = let
|
||||
fs-keys = config.fudo.secrets.files.host-filesystem-keys;
|
||||
in {
|
||||
keys = if (hasAttr hostname fs-keys) then
|
||||
mapAttrs (secret: secret-file: {
|
||||
keyFile = secret-file;
|
||||
user = "root";
|
||||
permissions = "0400";
|
||||
}) fs-keys.${hostname} else {};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
lib: build-timestamp: hostname: hostOpts:
|
||||
|
||||
with lib;
|
||||
let
|
||||
pkgs-for = system: import nixpkgs {
|
||||
inherit system;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
permittedInsecurePackages = [
|
||||
"openssh-with-gssapi-8.4p1"
|
||||
];
|
||||
overlays = [
|
||||
(import (fudo-pkgs + /overlay.nix))
|
||||
(import (fudo-nixos + /lib/overlay.nix))
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
in fudo-nixos.nixosConfigurations.${hostname} {
|
||||
|
||||
} // mapAttrs (hostname: hostOpts: let
|
||||
pkgs = pkgs-for hostOpts.arch;
|
||||
host-ip = networks.${hostOpts.domain}.hosts.${hostname}.ipv4-address;
|
||||
in fudo-nixos.nixosConfigurations.${hostname} // {
|
||||
|
||||
config = {
|
||||
nixpkgs.pkgs = pkgs;
|
||||
|
||||
imports = [
|
||||
(host-config hostname)
|
||||
];
|
||||
|
||||
instance = { inherit hostname; };
|
||||
|
||||
deployment.targetHost = host-ip;
|
||||
};
|
||||
}) deployment-hosts
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
{ lib, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
regular-files = path: let
|
||||
is-regular-file = filename: type: type == "regular" || type == "link";
|
||||
in attrNames (filterAttrs is-regular-file (builtins.readDir path));
|
||||
|
||||
nix-files = path: let
|
||||
is-nix-file = filename: (builtins.match "^(.+)\.nix$" filename) != null;
|
||||
in
|
||||
map
|
||||
(file: path + "/${file}")
|
||||
(filter is-nix-file (regular-files path));
|
||||
|
||||
strip-ext = filename: head (builtins.match "^(.+)[.]nix$" filename);
|
||||
|
||||
basename-to-map = path:
|
||||
listToAttrs
|
||||
(map
|
||||
(file:
|
||||
nameValuePair (strip-ext file)
|
||||
(import (path + "${file}")))
|
||||
(nix-files path));
|
||||
in {
|
||||
inherit regular-files nix-files strip-ext basename-to-map;
|
||||
}
|
||||
|
|
@ -1,563 +0,0 @@
|
|||
{
|
||||
"nodes": {
|
||||
"backplane-passwords": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-Bf5sVg4oSg6uCKMJl21btfBH4NQI/Wz4SU9j130Shyg=",
|
||||
"path": "./backplane-passwords",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./backplane-passwords",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"build-keypairs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=",
|
||||
"path": "./build-keypairs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./build-keypairs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"doom-emacs": {
|
||||
"inputs": {
|
||||
"doom-emacs": "doom-emacs_2",
|
||||
"doom-snippets": "doom-snippets",
|
||||
"emacs-overlay": "emacs-overlay",
|
||||
"emacs-so-long": "emacs-so-long",
|
||||
"evil-markdown": "evil-markdown",
|
||||
"evil-org-mode": "evil-org-mode",
|
||||
"evil-quick-diff": "evil-quick-diff",
|
||||
"explain-pause-mode": "explain-pause-mode",
|
||||
"flake-utils": "flake-utils",
|
||||
"nix-straight": "nix-straight",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nose": "nose",
|
||||
"ob-racket": "ob-racket",
|
||||
"org": "org",
|
||||
"org-contrib": "org-contrib",
|
||||
"org-yt": "org-yt",
|
||||
"php-extras": "php-extras",
|
||||
"revealjs": "revealjs",
|
||||
"rotate-text": "rotate-text"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1627398156,
|
||||
"narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=",
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-doom-emacs",
|
||||
"rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-doom-emacs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"doom-emacs_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626604817,
|
||||
"narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=",
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-emacs",
|
||||
"rev": "46732c0adaef147144418f9f284ca6b1183ab96f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"ref": "develop",
|
||||
"repo": "doom-emacs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"doom-snippets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1625547004,
|
||||
"narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=",
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-snippets",
|
||||
"rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-snippets",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"emacs-overlay": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626972035,
|
||||
"narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=",
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"emacs-so-long": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1575031854,
|
||||
"narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
|
||||
"owner": "hlissner",
|
||||
"repo": "emacs-so-long",
|
||||
"rev": "ed666b0716f60e8988c455804de24b55919e71ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "emacs-so-long",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-markdown": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626852210,
|
||||
"narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
|
||||
"owner": "Somelauw",
|
||||
"repo": "evil-markdown",
|
||||
"rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Somelauw",
|
||||
"repo": "evil-markdown",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-org-mode": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1607203864,
|
||||
"narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
|
||||
"owner": "hlissner",
|
||||
"repo": "evil-org-mode",
|
||||
"rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "evil-org-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-quick-diff": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1575189609,
|
||||
"narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
|
||||
"owner": "rgrinberg",
|
||||
"repo": "evil-quick-diff",
|
||||
"rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "rgrinberg",
|
||||
"repo": "evil-quick-diff",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"explain-pause-mode": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1595842060,
|
||||
"narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
|
||||
"owner": "lastquestion",
|
||||
"repo": "explain-pause-mode",
|
||||
"rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lastquestion",
|
||||
"repo": "explain-pause-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"filesystem-keys": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=",
|
||||
"path": "./filesystem-keys",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./filesystem-keys",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1623875721,
|
||||
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"fudo-home": {
|
||||
"inputs": {
|
||||
"doom-emacs": "doom-emacs",
|
||||
"home-manager": "home-manager",
|
||||
"niten-doom-config": "niten-doom-config",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1635528550,
|
||||
"narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=",
|
||||
"ref": "flake",
|
||||
"rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6",
|
||||
"revCount": 38,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/nix-home.git"
|
||||
},
|
||||
"original": {
|
||||
"ref": "flake",
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/nix-home.git"
|
||||
}
|
||||
},
|
||||
"fudo-nixos": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-nbjdCHS9siLHN6kcXwFy/hR3zDBXcQ5aPg3vWstzmsQ=",
|
||||
"path": "/state/nixops/fudo-nixos",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/nixops/fudo-nixos",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"fudo-pkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1633732024,
|
||||
"narHash": "sha256-H1xthHmjvczP+qYQnoLmZjqagHEk5LVsv/0zDlmZoAc=",
|
||||
"ref": "master",
|
||||
"rev": "160807215cf9158605b072c54a9b682522d62989",
|
||||
"revCount": 10,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/fudo-public/fudo-pkgs.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/fudo-public/fudo-pkgs.git"
|
||||
}
|
||||
},
|
||||
"fudo-secrets": {
|
||||
"inputs": {
|
||||
"backplane-passwords": "backplane-passwords",
|
||||
"build-keypairs": "build-keypairs",
|
||||
"filesystem-keys": "filesystem-keys",
|
||||
"host-keytabs": "host-keytabs",
|
||||
"service-keytabs": "service-keytabs",
|
||||
"service-passwords": "service-passwords",
|
||||
"ssh-keypairs": "ssh-keypairs"
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-0L3GFcBuGWbPyz5GUj9jX+ENtPx/U2rcMzO3yCDSq1M=",
|
||||
"path": "/state/secrets",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/secrets",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"fudo-home",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1633291410,
|
||||
"narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "382505714d10c6791a96712e0554587c75c5bf8b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-21.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"host-keytabs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=",
|
||||
"path": "./kerberos/host-keytabs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./kerberos/host-keytabs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"niten-doom-config": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1628274414,
|
||||
"narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=",
|
||||
"ref": "master",
|
||||
"rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2",
|
||||
"revCount": 34,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/doom-emacs.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/doom-emacs.git"
|
||||
}
|
||||
},
|
||||
"nix-straight": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1621543597,
|
||||
"narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=",
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-straight.el",
|
||||
"rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "vlaci",
|
||||
"ref": "v2.2.0",
|
||||
"repo": "nix-straight.el",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1626852498,
|
||||
"narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1635543790,
|
||||
"narHash": "sha256-I1lo59Y5mPbkqB8qbp92p4e5Htfm6Wbhvt19efg0cBU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6c0c30146347188ce908838fd2b50c1b7db47c0c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-21.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nose": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1400604510,
|
||||
"narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
|
||||
"owner": "emacsattic",
|
||||
"repo": "nose",
|
||||
"rev": "f8528297519eba911696c4e68fa88892de9a7b72",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "emacsattic",
|
||||
"repo": "nose",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"ob-racket": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1584656173,
|
||||
"narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
|
||||
"owner": "xchrishawk",
|
||||
"repo": "ob-racket",
|
||||
"rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "xchrishawk",
|
||||
"repo": "ob-racket",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"org": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1627155762,
|
||||
"narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=",
|
||||
"owner": "emacs-straight",
|
||||
"repo": "org-mode",
|
||||
"rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "emacs-straight",
|
||||
"repo": "org-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"org-contrib": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1623339452,
|
||||
"narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=",
|
||||
"ref": "master",
|
||||
"rev": "fc81309cf6756607a836f93049a9393c2967c4e0",
|
||||
"revCount": 2599,
|
||||
"type": "git",
|
||||
"url": "https://git.sr.ht/~bzg/org-contrib"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.sr.ht/~bzg/org-contrib"
|
||||
}
|
||||
},
|
||||
"org-yt": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1527381913,
|
||||
"narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
|
||||
"owner": "TobiasZawada",
|
||||
"repo": "org-yt",
|
||||
"rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "TobiasZawada",
|
||||
"repo": "org-yt",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"php-extras": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1573312690,
|
||||
"narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
|
||||
"owner": "arnested",
|
||||
"repo": "php-extras",
|
||||
"rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "arnested",
|
||||
"repo": "php-extras",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"revealjs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1625811744,
|
||||
"narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=",
|
||||
"owner": "hakimel",
|
||||
"repo": "reveal.js",
|
||||
"rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hakimel",
|
||||
"repo": "reveal.js",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"fudo-home": "fudo-home",
|
||||
"fudo-nixos": "fudo-nixos",
|
||||
"fudo-pkgs": "fudo-pkgs",
|
||||
"fudo-secrets": "fudo-secrets",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
},
|
||||
"rotate-text": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1322962747,
|
||||
"narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
|
||||
"owner": "debug-ito",
|
||||
"repo": "rotate-text.el",
|
||||
"rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "debug-ito",
|
||||
"repo": "rotate-text.el",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"service-keytabs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-F2npNGjUglGumazLFj9qQABGradbwCnKYZn8BEGweJc=",
|
||||
"path": "./kerberos/service-keytabs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./kerberos/service-keytabs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"service-passwords": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=",
|
||||
"path": "./service-passwords",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./service-passwords",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"ssh-keypairs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=",
|
||||
"path": "./ssh-keypairs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./ssh-keypairs",
|
||||
"type": "path"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
||||
|
|
@ -1,92 +0,0 @@
|
|||
{
|
||||
description = "Definition of the Informis NixOps network.";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-21.05";
|
||||
|
||||
fudo-home = {
|
||||
url = "git+https://git.fudo.org/niten/nix-home.git?ref=flake";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
fudo-secrets.url = "path:/state/secrets";
|
||||
|
||||
fudo-pkgs.url = "git+https://git.fudo.org/fudo-public/fudo-pkgs.git";
|
||||
|
||||
fudo-nixos = {
|
||||
# url = "git+ssh://fudo_git@git.fudo.org:2222/fudosys/NixOS.git?ref=nixops-flake";
|
||||
url = "path:/state/nixops/fudo-nixos";
|
||||
# Don't import it as a flake
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, fudo-home, fudo-nixos, fudo-pkgs, fudo-secrets, ... }: let
|
||||
description = "Informis NixOps network.";
|
||||
domain = "informis.land";
|
||||
site = "joes-datacenter-0";
|
||||
|
||||
build-timestamp = self.sourceInfo.lastModified;
|
||||
|
||||
hostlib = import (fudo-nixos + /lib/hosts.nix) { lib = nixpkgs.lib; };
|
||||
|
||||
hosts = nixpkgs.lib.filterAttrs (hostname: hostOpts:
|
||||
hostOpts.nixos-system && hostOpts.site == site)
|
||||
(hostlib.base-host-config (fudo-nixos + /config/hosts));
|
||||
|
||||
network-hosts =
|
||||
(import (fudo-nixos + /config/networks/${domain}.nix)).hosts;
|
||||
|
||||
pkgs-for = system: import nixpkgs {
|
||||
inherit system;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
permittedInsecurePackages = [
|
||||
"openssh-with-gssapi-8.4p1"
|
||||
];
|
||||
};
|
||||
overlays = [
|
||||
(import (fudo-pkgs + "/overlay.nix"))
|
||||
(import (fudo-nixos + "/lib/overlay.nix"))
|
||||
];
|
||||
};
|
||||
|
||||
initialize-host = import (fudo-nixos + /initialize.nix);
|
||||
|
||||
in {
|
||||
nixopsConfigurations.default = {
|
||||
inherit nixpkgs;
|
||||
|
||||
network = {
|
||||
description = description;
|
||||
enableRollback = true;
|
||||
};
|
||||
} // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let
|
||||
system = hostOpts.arch;
|
||||
profile = hostOpts.profile;
|
||||
in { config, pkgs, lib, ... }: {
|
||||
imports = [
|
||||
fudo-home.nixosModule
|
||||
fudo-secrets.nixosModule
|
||||
(initialize-host {
|
||||
inherit hostname build-timestamp site domain profile;
|
||||
})
|
||||
];
|
||||
|
||||
nixpkgs.pkgs = pkgs-for system;
|
||||
|
||||
deployment = with lib; {
|
||||
targetHost = network-hosts.${hostname}.ipv4-address;
|
||||
|
||||
keys = if (hasAttr hostname config.fudo.secrets.files.host-filesystem-keys)
|
||||
then
|
||||
mapAttrs (secret: secret-file: {
|
||||
keyFile = secret-file;
|
||||
user = "root";
|
||||
permissions = "0400";
|
||||
}) config.fudo.secrets.files.host-filesystem-keys.${hostname}
|
||||
else {};
|
||||
};
|
||||
}) hosts);
|
||||
};
|
||||
}
|
||||
|
|
@ -1,559 +0,0 @@
|
|||
{
|
||||
"nodes": {
|
||||
"backplane": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-q159nkiuwtQcfecm7SVpy6lG1eWc5ZqeGhnEAIY6J5w=",
|
||||
"path": "./backplane",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./backplane",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"build-keypairs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-4eRLRLCzZ6kQIRZqy51bj60jhFSQ/wlKLeNgABPhTyw=",
|
||||
"path": "./build-keypairs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./build-keypairs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"doom-emacs": {
|
||||
"inputs": {
|
||||
"doom-emacs": "doom-emacs_2",
|
||||
"doom-snippets": "doom-snippets",
|
||||
"emacs-overlay": "emacs-overlay",
|
||||
"emacs-so-long": "emacs-so-long",
|
||||
"evil-markdown": "evil-markdown",
|
||||
"evil-org-mode": "evil-org-mode",
|
||||
"evil-quick-diff": "evil-quick-diff",
|
||||
"explain-pause-mode": "explain-pause-mode",
|
||||
"flake-utils": "flake-utils",
|
||||
"nix-straight": "nix-straight",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nose": "nose",
|
||||
"ob-racket": "ob-racket",
|
||||
"org": "org",
|
||||
"org-contrib": "org-contrib",
|
||||
"org-yt": "org-yt",
|
||||
"php-extras": "php-extras",
|
||||
"revealjs": "revealjs",
|
||||
"rotate-text": "rotate-text"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1627398156,
|
||||
"narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=",
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-doom-emacs",
|
||||
"rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-doom-emacs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"doom-emacs_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626604817,
|
||||
"narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=",
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-emacs",
|
||||
"rev": "46732c0adaef147144418f9f284ca6b1183ab96f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"ref": "develop",
|
||||
"repo": "doom-emacs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"doom-snippets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1625547004,
|
||||
"narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=",
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-snippets",
|
||||
"rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "doom-snippets",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"emacs-overlay": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626972035,
|
||||
"narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=",
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"emacs-so-long": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1575031854,
|
||||
"narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
|
||||
"owner": "hlissner",
|
||||
"repo": "emacs-so-long",
|
||||
"rev": "ed666b0716f60e8988c455804de24b55919e71ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "emacs-so-long",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-markdown": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1626852210,
|
||||
"narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
|
||||
"owner": "Somelauw",
|
||||
"repo": "evil-markdown",
|
||||
"rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Somelauw",
|
||||
"repo": "evil-markdown",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-org-mode": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1607203864,
|
||||
"narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
|
||||
"owner": "hlissner",
|
||||
"repo": "evil-org-mode",
|
||||
"rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hlissner",
|
||||
"repo": "evil-org-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"evil-quick-diff": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1575189609,
|
||||
"narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
|
||||
"owner": "rgrinberg",
|
||||
"repo": "evil-quick-diff",
|
||||
"rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "rgrinberg",
|
||||
"repo": "evil-quick-diff",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"explain-pause-mode": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1595842060,
|
||||
"narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
|
||||
"owner": "lastquestion",
|
||||
"repo": "explain-pause-mode",
|
||||
"rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lastquestion",
|
||||
"repo": "explain-pause-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"filesystem-keys": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-K2wdsA4vcNTaLR9A9qxB+aMaeANL0LXOwBWvUm63lX0=",
|
||||
"path": "./filesystem-keys",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./filesystem-keys",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1623875721,
|
||||
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"fudo-home": {
|
||||
"inputs": {
|
||||
"doom-emacs": "doom-emacs",
|
||||
"home-manager": "home-manager",
|
||||
"niten-doom-config": "niten-doom-config",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1635528550,
|
||||
"narHash": "sha256-q+ZMD+VmZHz9TazccHQvEdttdxWgKtm5ldDt+w4jpFU=",
|
||||
"ref": "flake",
|
||||
"rev": "7d7f95b1c229ceed825559f1f94ee6f676b429a6",
|
||||
"revCount": 38,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/nix-home.git"
|
||||
},
|
||||
"original": {
|
||||
"ref": "flake",
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/nix-home.git"
|
||||
}
|
||||
},
|
||||
"fudo-nixos": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-wIk8P88DRH8eQ31LajzGOKAwx7HoB+Qet4ws9bdeG+8=",
|
||||
"path": "/state/nixops/fudo-nixos",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/nixops/fudo-nixos",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"fudo-pkgs": {
|
||||
"locked": {
|
||||
"narHash": "sha256-zkWbqqzNFNMLbIqWGY1xAw/2NdBrNfbUvwIgX+44Zao=",
|
||||
"path": "/state/nixops/fudo-pkgs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/nixops/fudo-pkgs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"fudo-secrets": {
|
||||
"inputs": {
|
||||
"backplane": "backplane",
|
||||
"build-keypairs": "build-keypairs",
|
||||
"filesystem-keys": "filesystem-keys",
|
||||
"host-keytabs": "host-keytabs",
|
||||
"service-keytabs": "service-keytabs",
|
||||
"service-passwords": "service-passwords",
|
||||
"ssh-keypairs": "ssh-keypairs"
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-MDaYnGcrppeZgOZKX4uHJO4NY7t5m//m7PwTMGE7hv4=",
|
||||
"path": "/state/secrets",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/secrets",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"fudo-home",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1633291410,
|
||||
"narHash": "sha256-IxUzCGwj+s2Rn/+u0NtY36ix5I8MopMOO8Ip59PnBlw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "382505714d10c6791a96712e0554587c75c5bf8b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-21.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"host-keytabs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-+4bPq8vQIaBsMXXcuw41yLTxe6e/Yy80NlCdrabEPCM=",
|
||||
"path": "./kerberos/host-keytabs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./kerberos/host-keytabs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"niten-doom-config": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1628274414,
|
||||
"narHash": "sha256-EIGqjTHcYnjVXceY1tpjaYxNmORh8NNiL2FVWCI5sBo=",
|
||||
"ref": "master",
|
||||
"rev": "0ab1532c856ccdb6ce46c5948054279f439eb1f2",
|
||||
"revCount": 34,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/doom-emacs.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/niten/doom-emacs.git"
|
||||
}
|
||||
},
|
||||
"nix-straight": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1621543597,
|
||||
"narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=",
|
||||
"owner": "vlaci",
|
||||
"repo": "nix-straight.el",
|
||||
"rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "vlaci",
|
||||
"ref": "v2.2.0",
|
||||
"repo": "nix-straight.el",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1626852498,
|
||||
"narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1635719588,
|
||||
"narHash": "sha256-pWjdy0NheM97NsPE6+jUnr5LYyeA0sBGTdw4mfXMGZQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-21.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nose": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1400604510,
|
||||
"narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
|
||||
"owner": "emacsattic",
|
||||
"repo": "nose",
|
||||
"rev": "f8528297519eba911696c4e68fa88892de9a7b72",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "emacsattic",
|
||||
"repo": "nose",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"ob-racket": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1584656173,
|
||||
"narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
|
||||
"owner": "xchrishawk",
|
||||
"repo": "ob-racket",
|
||||
"rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "xchrishawk",
|
||||
"repo": "ob-racket",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"org": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1627155762,
|
||||
"narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=",
|
||||
"owner": "emacs-straight",
|
||||
"repo": "org-mode",
|
||||
"rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "emacs-straight",
|
||||
"repo": "org-mode",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"org-contrib": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1623339452,
|
||||
"narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=",
|
||||
"ref": "master",
|
||||
"rev": "fc81309cf6756607a836f93049a9393c2967c4e0",
|
||||
"revCount": 2599,
|
||||
"type": "git",
|
||||
"url": "https://git.sr.ht/~bzg/org-contrib"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.sr.ht/~bzg/org-contrib"
|
||||
}
|
||||
},
|
||||
"org-yt": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1527381913,
|
||||
"narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
|
||||
"owner": "TobiasZawada",
|
||||
"repo": "org-yt",
|
||||
"rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "TobiasZawada",
|
||||
"repo": "org-yt",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"php-extras": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1573312690,
|
||||
"narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
|
||||
"owner": "arnested",
|
||||
"repo": "php-extras",
|
||||
"rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "arnested",
|
||||
"repo": "php-extras",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"revealjs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1625811744,
|
||||
"narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=",
|
||||
"owner": "hakimel",
|
||||
"repo": "reveal.js",
|
||||
"rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hakimel",
|
||||
"repo": "reveal.js",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"fudo-home": "fudo-home",
|
||||
"fudo-nixos": "fudo-nixos",
|
||||
"fudo-pkgs": "fudo-pkgs",
|
||||
"fudo-secrets": "fudo-secrets",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
},
|
||||
"rotate-text": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1322962747,
|
||||
"narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
|
||||
"owner": "debug-ito",
|
||||
"repo": "rotate-text.el",
|
||||
"rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "debug-ito",
|
||||
"repo": "rotate-text.el",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"service-keytabs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-n2i88EiGs2DJCU+qGdLICbYMWUqdNpnEx/VUzDq5xZ8=",
|
||||
"path": "./kerberos/service-keytabs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./kerberos/service-keytabs",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"service-passwords": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-QF809kxBsyAfshBlm3GLUFaxk5KbU8cIn8v/gY9C9c8=",
|
||||
"path": "./service-passwords",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./service-passwords",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"ssh-keypairs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"narHash": "sha256-HE2nCM6p8hhoLu7JFOaVimzC3XIZfgCT4WHgnp+wqm0=",
|
||||
"path": "./ssh-keypairs",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "./ssh-keypairs",
|
||||
"type": "path"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
||||
|
|
@ -1,84 +0,0 @@
|
|||
{
|
||||
description = "Definition of the Portage NixOps network.";
|
||||
|
||||
inputs = import ../../common/inputs.nix { nixos-version = "21.05"; };
|
||||
|
||||
outputs = { self, nixpkgs, fudo-home, fudo-nixos, fudo-pkgs, fudo-secrets, ... }: let
|
||||
domain = "fudo.org";
|
||||
site = "portage";
|
||||
|
||||
build-timestamp = self.sourceInfo.lastModified;
|
||||
|
||||
hostlib = import (fudo-nixos + /lib/hosts.nix) { lib = nixpkgs.lib; };
|
||||
|
||||
hosts = nixpkgs.lib.filterAttrs (hostname: hostOpts:
|
||||
hostOpts.nixos-system && hostOpts.site == site)
|
||||
(hostlib.base-host-config (fudo-nixos + /config/hosts));
|
||||
|
||||
network-hosts = (import (fudo-nixos + /config/networks/${domain}.nix)).hosts;
|
||||
|
||||
pkgs-for = system: import nixpkgs {
|
||||
inherit system;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
permittedInsecurePackages = [
|
||||
"openssh-with-gssapi-8.4p1"
|
||||
];
|
||||
};
|
||||
overlays = [
|
||||
(import (fudo-pkgs + "/overlay.nix"))
|
||||
(import (fudo-nixos + "/lib/overlay.nix"))
|
||||
];
|
||||
};
|
||||
|
||||
initialize-host = import (fudo-nixos + /initialize.nix);
|
||||
|
||||
in {
|
||||
nixopsConfigurations.default = {
|
||||
inherit nixpkgs;
|
||||
|
||||
network = {
|
||||
description = "Portage NixOps network.";
|
||||
enableRollback = true;
|
||||
};
|
||||
} // (nixpkgs.lib.mapAttrs (hostname: hostOpts: let
|
||||
system = hostOpts.arch;
|
||||
profile = hostOpts.profile;
|
||||
in { config, ... }: let
|
||||
pkgs = pkgs-for system;
|
||||
lib = pkgs.lib;
|
||||
build-seed = builtins.readFile config.fudo.secrets.files.build-seed;
|
||||
in {
|
||||
imports = [
|
||||
fudo-home.nixosModule
|
||||
fudo-secrets.nixosModule
|
||||
(initialize-host {
|
||||
inherit
|
||||
lib
|
||||
pkgs
|
||||
hostname
|
||||
build-timestamp
|
||||
build-seed
|
||||
site
|
||||
domain
|
||||
profile; })
|
||||
];
|
||||
|
||||
nixpkgs.pkgs = pkgs-for system;
|
||||
nixpkgs.lib = (pkgs-for system).lib;
|
||||
|
||||
deployment = with lib; {
|
||||
targetHost = network-hosts.${hostname}.ipv4-address;
|
||||
|
||||
keys = if (hasAttr hostname config.fudo.secrets.files.host-filesystem-keys)
|
||||
then
|
||||
mapAttrs (secret: secret-file: {
|
||||
keyFile = secret-file;
|
||||
user = "root";
|
||||
permissions = "0400";
|
||||
}) config.fudo.secrets.files.host-filesystem-keys.${hostname}
|
||||
else {};
|
||||
};
|
||||
}) hosts);
|
||||
};
|
||||
}
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
{ inputs, build-timestamp, ... }:
|
||||
|
||||
hostname: hostOpts:
|
||||
|
||||
let
|
||||
pkgs-for = system: import inputs.nixpkgs {
|
||||
inherit system;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
permittedInsecurePackages = [
|
||||
"openssh-with-gssapi-8.4p1"
|
||||
];
|
||||
overlays = [
|
||||
(import (inputs.fudo-pkgs + /overlay.nix))
|
||||
(import (inputs.fudo-nixos + /lib/overlay.nix))
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
host-ip =
|
||||
inputs.fudo-entities.entities.zones.${hostOpts.domain}.hosts.${hostname}.ipv4-address;
|
||||
|
||||
in { config, ... }: {
|
||||
modules = [
|
||||
inputs.fudo-nixos.nixosConfigurations.${hostname}
|
||||
];
|
||||
|
||||
imports = [
|
||||
inputs.fudo-secrets.nixosModule
|
||||
inputs.fudo-lib.nixosModule
|
||||
];
|
||||
|
||||
nixpkgs.pkgs = pkgs-for hostOpts.arch;
|
||||
|
||||
instance = {
|
||||
inherit hostname build-timestamp;
|
||||
};
|
||||
|
||||
deployment = {
|
||||
targetHost = host-ip;
|
||||
};
|
||||
}
|
||||
|
|
@ -0,0 +1,55 @@
|
|||
{
|
||||
description = "Definition of the Informis NixOps network.";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-21.05";
|
||||
|
||||
fudo-secrets.url = "path:/state/secrets";
|
||||
|
||||
fudo-nixos = {
|
||||
url = "git+ssh://fudo_git@git.fudo.org:2222/fudo-nix/nixos-config.git";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
fudo-entities = {
|
||||
url = "git+ssh://fudo_git@git.fudo.org:2222/fudo-nix/entities.git";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, fudo-nixos, fudo-entities, fudo-secrets, ... }:
|
||||
with nixpkgs.lib; {
|
||||
nixopsConfigurations.default = let
|
||||
domain = "informis.land";
|
||||
|
||||
deployment-hosts = filterAttrs
|
||||
(hostname: hostOpts:
|
||||
hostOpts.domain == domain &&
|
||||
hostOpts.nixos-system)
|
||||
fudo-entities.entities.hosts;
|
||||
|
||||
network-config = {
|
||||
inherit nixpkgs;
|
||||
network = {
|
||||
description = "Seattle NixOps network";
|
||||
enableRollback = true;
|
||||
};
|
||||
};
|
||||
|
||||
uber-secrets = config.fudo.secrets.files.host-filesystem-keys;
|
||||
|
||||
host-configs = (mapAttrs (hostname: hostOpts:
|
||||
fudo-nixos.nixopsHostConfigurations.${hostname})
|
||||
deployment-hosts);
|
||||
|
||||
host-uber-secrets = (mapAttrs (hostname: hostOpts:
|
||||
if (hasAttr hostname uber-secrets) then
|
||||
mapAttrs (secret: secret-file: {
|
||||
keyFile = secret-file;
|
||||
user = "root";
|
||||
permissions = "0400";
|
||||
}) uber-secrets.${hostname}
|
||||
else {}));
|
||||
in network-config // host-configs // host-uber-secrets;
|
||||
};
|
||||
}
|
||||
|
|
@ -315,7 +315,7 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-DnIQNMu2E6gQh0SJk4h6iz2cL/vK6VIobp35hS7qQmo=",
|
||||
"narHash": "sha256-dONN8g58YVJAONpxHMgXl31Jvl3iHlZrYRsomxtwOWA=",
|
||||
"path": "/state/fudo-entities",
|
||||
"type": "path"
|
||||
},
|
||||
|
|
@ -334,13 +334,17 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-DnIQNMu2E6gQh0SJk4h6iz2cL/vK6VIobp35hS7qQmo=",
|
||||
"path": "/state/fudo-entities",
|
||||
"type": "path"
|
||||
"lastModified": 1638137290,
|
||||
"narHash": "sha256-8Kjzn0jr4arVDDaOQUtT7VFd1ir1SB1X1xp1OoLZduo=",
|
||||
"ref": "master",
|
||||
"rev": "45cb2ae34407530496a30c6121cad976bd186fc5",
|
||||
"revCount": 8,
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/nix/fudo-entities.git"
|
||||
},
|
||||
"original": {
|
||||
"path": "/state/fudo-entities",
|
||||
"type": "path"
|
||||
"type": "git",
|
||||
"url": "https://git.fudo.org/nix/fudo-entities.git"
|
||||
}
|
||||
},
|
||||
"fudo-home": {
|
||||
|
|
@ -354,7 +358,7 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-TpFI+nD+c9JXhKKDBgIHJhIfveTScBD6gotTPt8tvg4=",
|
||||
"narHash": "sha256-NCvYqgBq3HCqBx+EO1grdiflR9tthm9bUIasB4XtI4U=",
|
||||
"path": "/state/nixops/fudo-home",
|
||||
"type": "path"
|
||||
},
|
||||
|
|
@ -376,7 +380,7 @@
|
|||
},
|
||||
"fudo-lib_2": {
|
||||
"locked": {
|
||||
"narHash": "sha256-gZAKO49RbpNWdmZaqrXnzCrLoSXsGV6H67f+mECJtCk=",
|
||||
"narHash": "sha256-1unDTB52rrC4MhomFowHi4kzTea0/dk15A9D59Cpu0Q=",
|
||||
"path": "/state/fudo-lib",
|
||||
"type": "path"
|
||||
},
|
||||
|
|
@ -398,7 +402,7 @@
|
|||
},
|
||||
"fudo-lib_4": {
|
||||
"locked": {
|
||||
"narHash": "sha256-gZAKO49RbpNWdmZaqrXnzCrLoSXsGV6H67f+mECJtCk=",
|
||||
"narHash": "sha256-1unDTB52rrC4MhomFowHi4kzTea0/dk15A9D59Cpu0Q=",
|
||||
"path": "/state/fudo-lib",
|
||||
"type": "path"
|
||||
},
|
||||
|
|
@ -419,7 +423,7 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"narHash": "sha256-mGmqObOimHmAWntx7GOHjLABKw+9ZMwVn19R7f6f93s=",
|
||||
"narHash": "sha256-tWOjzj9Lq0ugOQXvzIAYTl4V2oIaowJeb/HLlIAi0Sc=",
|
||||
"path": "/state/nixops/fudo-nixos",
|
||||
"type": "path"
|
||||
},
|
||||
|
|
@ -580,11 +584,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1637875414,
|
||||
"narHash": "sha256-Ica++SXFuLyxX9Q7YxhfZulUif6/gwM8AEQYlUxqSgE=",
|
||||
"lastModified": 1638196344,
|
||||
"narHash": "sha256-fkOqSkfOkl8tqxDd+zJU4kAgyLXp/ouaP+U9gpjEZZs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3bea86e918d8b54aa49780505d2d4cd9261413be",
|
||||
"rev": "2553aee74fed8c2205a4aeb3ffd206ca14ede60f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -31,14 +31,6 @@
|
|||
hostOpts.domain == "sea.fudo.org" &&
|
||||
hostOpts.nixos-system)
|
||||
fudo-entities.entities.hosts;
|
||||
|
||||
build-timestamp = self.sourceInfo.lastModified;
|
||||
|
||||
host-gen-config = import ./host-config.nix {
|
||||
inherit inputs build-timestamp;
|
||||
};
|
||||
|
||||
common-configs = mapAttrs host-gen-config deployment-hosts;
|
||||
in {
|
||||
inherit nixpkgs;
|
||||
|
||||
|
|
@ -46,6 +38,8 @@
|
|||
description = "Seattle NixOps network";
|
||||
enableRollback = true;
|
||||
};
|
||||
} // common-configs;
|
||||
} // (mapAttrs (hostname: hostOpts:
|
||||
fudo-nixos.nixopsHostConfigurations.${hostname})
|
||||
deployment-hosts);
|
||||
};
|
||||
}
|
||||
Loading…
Reference in New Issue