Fixed sea-store:/export/projects, removed unnecesary submodules

.gitmodules

@@ -1,6 +0,0 @@
-[submodule "fudo-pkgs"]
-	path = fudo-pkgs
-	url = https://git.fudo.org/fudo-public/fudo-pkgs.git
-[submodule "nix-home"]
-	path = nix-home
-	url = https://git.fudo.org/niten/nix-home.git

config/host-config/nostromo.nix

@@ -31,7 +31,7 @@ in {
         exportList = [
           "/export/documents 10.0.0.0/24(rw,sync,no_root_squash,no_subtree_check,fsid=10,sec=krb5p)"
           "/export/downloads 10.0.0.0/24(rw,sync,no_root_squash,no_subtree_check,fsid=11,sec=krb5i)"
-          "/export/projects  10.0.0.0/24(rw,sync,no_root_squash,no_subtree_check,fsid=11,sec=krb5p)"
+          "/export/projects  10.0.0.0/24(rw,sync,no_root_squash,no_subtree_check,fsid=12,sec=krb5p)"
         ];
       in ''
         ${concatStringsSep "\n" exportList}

fudo-pkgs

@@ -1 +0,0 @@
-Subproject commit 3304caa8ee5891d05320375b5dc825871e53172d

lib/fudo/acme-certs.nix

@@ -1,11 +1,52 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, ... } @ toplevel:
 
 with lib;
 let  
-  localCopyOpts = { copy, ... }: let
-  in {
+  # localCopyOpts = { copy, ... }: let
+  # in {
+  #   options = with types; {
+  #     user = mkOption {
+  #       type = str;
+  #       description = "User to which this copy belongs.";
+  #     };
+
+  #     group = mkOption {
+  #       type = nullOr str;
+  #       description = "Group to which this copy belongs.";
+  #       default = null;
+  #     };
+
+  #     path = mkOption {
+  #       type = str;
+  #       description = "Path at which to store the local copy.";
+  #       #default = "/var/run/${toplevel.config.domain}/${copy}";
+  #     };
+
+  #     service = mkOption {
+  #       type = str;
+  #       description = "systemd job to copy certs.";
+  #       default = "fudo-${toplevel.config.domain}-${copy}-certs.service";
+  #     };
+  #   };
+  # };
+  
+  domainOpts = { domain, ... }: {
+    options = with types; {
+      email = mkOption {
+        type = str;
+        description = "Domain administrator email.";
+        default = "admin@${domain}";
+      };
+
+      extra-domains = mkOption {
+        type = listOf str;
+        description = "List of domains to add to this certificate.";
+        default = [];
+      };
+
+      local-copies = let
+        localCopyOpts = { copy, ... }: {
           options = with types; {
-      inherit domain;
             user = mkOption {
               type = str;
               description = "User to which this copy belongs.";
@@ -20,29 +61,20 @@ let
             path = mkOption {
               type = str;
               description = "Path at which to store the local copy.";
-        #default = "/var/run/${toplevel.config.domain}/${copy}";
+              default = "/var/run/${domain}/${copy}";
             };
 
             service = mkOption {
               type = str;
               description = "systemd job to copy certs.";
-        default = "fudo-${toplevel.config.domain}-${copy}-certs.service";
+              default = "fudo-${domain}-${copy}-certs.service";
             };
           };
         };
-  
-  domainOpts = { domain, ... }: {
-    options = with types; {
-      email = mkOption {
-        type = str;
-        description = "Domain administrator email.";
-        default = "admin@${domain}";
-      };
-
-      extra-domains = mkOption {
-        type = listOf str;
-        description = "List of domains to add to this certificate.";
-        default = [];
+      in mkOption {
+        type = attrsOf (submodule localCopyOpts);
+        description = "Map of copies to make for use by services.";
+        default = {};
       };
     };
   };

lib/fudo/jabber.nix

@@ -19,8 +19,6 @@ let
     };
   };
 
-  site-copy = site: "ejabberd-${site}";
-
   concatMapAttrs = f: attrs:
     foldr (a: b: a // b) {} (mapAttrs f attrs);
 
@@ -30,7 +28,7 @@ let
   host-domains = config.fudo.acme.host-domains.${hostname};
 
   siteCerts = site: let
-    certPath = config.fudo.acme.local-copies.${site-copy site}.path;
+    certPath = host-domains.${site}.local-copies.ejabberd.path;
   in [
     "${certPath}/fullchain.pem"
     "${certPath}/privkey.pem"
@@ -38,7 +36,7 @@ let
   ];
 
   siteCertService = site:
-    config.fudo.acme.local-copies.${site-copy site}.service;
+    host-domains.${site}.local-copies.ejabberd.service;
 
   config-file-template = let
     jabber-config = {
@@ -158,12 +156,12 @@ in {
       };
     };
 
-    fudo.acme.local-copies = mapAttrs' (site: siteCfg:
-      nameValuePair (site-copy site)
-        mkif siteCfg.enableACME {
-          domain = site;
+    fudo.acme.host-domains.${hostname} = mapAttrs (site: siteCfg:
+      mkIf siteCfg.enableACME {
+        local-copies.ejabberd = {
           user = cfg.user;
           group = cfg.group;
+        };
       }) cfg.sites;
 
     systemd = {

nix-home

@@ -1 +0,0 @@
-Subproject commit d40a3ae2c6790afbea81a921b15f465ee63b66d7

nixops/informis.nix

@@ -1,30 +0,0 @@
-let
-
-  pkgs = import <nixpkgs> {
-    config = {
-      allowUnfree = true;
-      permittedInsecurePackages = [
-        "openssh-with-gssapi-8.4p1"
-      ];
-    };
-    overlays = [
-      (import ../fudo-pkgs/overlay.nix)
-    ];
-  };
-  
-  home-manager-module = import <home-manager/nixos>;
-
-  hostlib = import ./lib/hosts.nix {
-    inherit pkgs home-manager-module;
-  };
-
-  define-host = hostlib.host-config;
-
-in {
-  network = {
-    description = "Informis network";
-    enableRollback = true;
-  };
-
-  procul = define-host "172.86.179.18" "procul";
-}

nixops/lib/hosts.nix

@@ -1,17 +0,0 @@
-{ pkgs, home-manager-module, ... }:
-
-let
-  initialize = import ../../initialize.nix;
-
-  host-config = ip: hostname:
-    { ... }: {
-      imports = [
-        (initialize {
-          inherit hostname home-manager-module pkgs;
-        })
-      ];
-
-      deployment.targetHost = ip;
-    };
-
-in { host-config = host-config; }

nixops/networks/sea.fudo.org.nix

@@ -1,18 +0,0 @@
-{
-  description = "sea.fudo.org nixops flake";
-
-  inputs = { nixpgks = "nixpkgs:nixos-21.05"; };
-
-  outputs = { nixpkgs, ... }:
-    let
-      domain = "sea.fudo.org";
-      system-pkgs = system: import nixpkgs { inherit system; };
-    in {
-      nixopsConfigurations.${domain} = {
-        inherit nixpkgs;
-        network.description = "${domain} network";
-        defaults.nixpkgs.pkgs = system-pkgs "x86_64-linux";
-        defaults._module.args = { inherit domain; };
-      };
-    };
-}

nixops/russell.nix

@@ -1,16 +0,0 @@
-let
-  nixos-version = "20.09";
-
-  hosts = import ./lib/hosts.nix { inherit nixos-version; };
-  russell-host = ip: hostname: profile:
-    let
-      site = "russell";
-      domain = "rus.selby.ca";
-    in hosts.host-config ip { inherit hostname profile domain site; };
-
-in {
-  network.description = "Russell home network.";
-
-  clunk = russell-host "10.0.0.1" "clunk" "server";
-  plato = russell-host "10.0.0.102" "plato" "server";
-}

nixops/seattle.nix

@@ -1,40 +0,0 @@
-let
-  # fudo-pkgs = builtins.fetchGit {
-  #   url = "https://git.fudo.org/fudo-public/fudo-pkgs.git";
-  # };
-  
-  pkgs = import <nixpkgs> {
-    config = {
-      allowUnfree = true;
-      permittedInsecurePackages = [
-        "openssh-with-gssapi-8.4p1"
-      ];
-    };
-    overlays = [
-      (import ../fudo-pkgs/overlay.nix)
-    ];
-  };
-
-  home-manager-module = import <home-manager/nixos>;
-  
-  hostlib = import ./lib/hosts.nix {
-    inherit pkgs home-manager-module;
-  };
-
-  define-host = hostlib.host-config;
-
-in {
-  network = {
-    description = "Seattle home network.";
-    enableRollback = true;
-  };
-
-  lambda = define-host "10.0.0.11" "lambda";
-  limina = define-host "10.0.0.1" "limina";
-  nostromo = define-host "10.0.0.10" "nostromo";
-  plato = define-host "10.0.0.21" "plato";
-  socrates = define-host "10.0.0.20" "socrates";
-  spark = define-host "10.0.0.108" "spark";
-  system3 = define-host "10.0.0.111" "system3";
-  zbox = define-host "10.0.0.110" "zbox";
-}