clerie/nixfiles
1
0
Fork 0
Code

Update from updated-inputs-2024-05-14-01-03

Browse Source
This commit is contained in:
clerie 2024-05-14 03:04:12 +02:00
commit 643d9ff028
10 changed files with 106 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
configuration/common/default.nix
View File

@ -2,8 +2,6 @@
{ {
imports = [ imports = [
../../modules
./backup.nix ./backup.nix
./locale.nix ./locale.nix
./networking.nix ./networking.nix

1
configuration/common/programs.nix
View File

@ -13,7 +13,6 @@
# Deployment # Deployment
bij bij
colmena
clerie-sops clerie-sops
clerie-sops-edit clerie-sops-edit
sops sops

23
flake.lock
View File

@ -190,22 +190,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-krypton": {
"locked": {
"lastModified": 1713297878,
"narHash": "sha256-hOkzkhLT59wR8VaMbh1ESjtZLbGi+XNaBN6h49SPqEc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "66adc1e47f8784803f2deb6cacd5e07264ec2d5c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1713434076, "lastModified": 1713434076,
@ -240,11 +224,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1715447595, "lastModified": 1715534503,
"narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=", "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "062ca2a9370a27a35c524dc82d540e6e9824b652", "rev": "2057814051972fa1453ddfb0d98badbea9b83c06",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -263,7 +247,6 @@
"nixos-exporter": "nixos-exporter", "nixos-exporter": "nixos-exporter",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-krypton": "nixpkgs-krypton",
"solid-xmpp-alarm": "solid-xmpp-alarm", "solid-xmpp-alarm": "solid-xmpp-alarm",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"ssh-to-age": "ssh-to-age" "ssh-to-age": "ssh-to-age"

37
flake.nix
View File

@ -1,7 +1,6 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-krypton.url = "github:NixOS/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
bij = { bij = {
url = "git+https://git.clerie.de/clerie/bij.git"; url = "git+https://git.clerie.de/clerie/bij.git";
@ -36,6 +35,7 @@
outputs = { self, nixpkgs, nixos-hardware, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ssh-to-age, ... }@inputs: let outputs = { self, nixpkgs, nixos-hardware, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ssh-to-age, ... }@inputs: let
lib = import ./lib inputs; lib = import ./lib inputs;
helper = lib.flake-helper; helper = lib.flake-helper;
localNixpkgs = import ./flake/nixpkgs.nix inputs;
in { in {
clerie.hosts = { clerie.hosts = {
aluminium = { aluminium = {
@ -90,34 +90,22 @@
_iso = { name = "_iso"; }; _iso = { name = "_iso"; };
}; };
nixosConfigurations = helper.mapToNixosConfigurations self.clerie.hosts; nixosConfigurations = import ./flake/nixosConfigurations.nix inputs;
colmena = { nixosModules = {
meta = { nixfilesInputs = import ./flake/modules.nix inputs;
nixpkgs = import nixpkgs { clerie = import ./modules;
system = "x86_64-linux"; default = self.nixosModules.clerie;
}; };
};
} // helper.mapToColmenaHosts self.nixosConfigurations;
overlays = { overlays = {
nixfilesInputs = import ./flake/overlay.nix inputs;
clerie = import ./pkgs/overlay.nix; clerie = import ./pkgs/overlay.nix;
default = self.overlays.clerie; default = self.overlays.clerie;
}; };
packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let
pkgs = import nixpkgs { pkgs = localNixpkgs.${system};
inherit system;
overlays = [
self.overlays.clerie
(_: _: {
inherit (chaosevents.packages.${system})
chaosevents;
inherit (ssh-to-age.packages.${system})
ssh-to-age;
})
];
};
in { in {
inherit (pkgs) inherit (pkgs)
clerie-keys clerie-keys
@ -142,12 +130,7 @@
inherit lib self; inherit lib self;
hydraJobs = { hydraJobs = import ./flake/hydraJobs.nix inputs;
inherit (self)
packages;
nixosConfigurations = helper.buildHosts self.nixosConfigurations;
iso = self.nixosConfigurations._iso.config.system.build.isoImage;
};
nixConfig = { nixConfig = {
extra-substituters = [ extra-substituters = [

15
flake/hydraJobs.nix Normal file
View File

@ -0,0 +1,15 @@
{ self
, nixpkgs
, ...
}@inputs:
let
buildHosts = hosts: builtins.mapAttrs (name: host: host.config.system.build.toplevel) (nixpkgs.lib.filterAttrs (name: host: (builtins.substring 0 1 name) != "_") hosts);
in {
inherit (self)
packages;
nixosConfigurations = buildHosts self.nixosConfigurations;
iso = self.nixosConfigurations._iso.config.system.build.isoImage;
}

19
flake/modules.nix Normal file
View File

@ -0,0 +1,19 @@
{ self
, fernglas
, fieldpoc
, nixos-exporter
, solid-xmpp-alarm
, sops-nix
, ...
}@inputs:
{ ... }:
{
imports = [
fernglas.nixosModules.default
fieldpoc.nixosModules.default
nixos-exporter.nixosModules.default
solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
sops-nix.nixosModules.sops
];
}

70
lib/flake-helper.nix → flake/nixosConfigurations.nix
View File

@ -1,6 +1,9 @@
{ self, nixpkgs, bij, chaosevents, fernglas, fieldpoc, nixos-exporter, solid-xmpp-alarm, sops-nix, ... }@inputs: { self
, nixpkgs
, ...
}@inputs:
rec { let
generateNixosSystem = { generateNixosSystem = {
name, name,
system ? "x86_64-linux", system ? "x86_64-linux",
@ -11,7 +14,16 @@ rec {
in localNixpkgs.lib.nixosSystem { in localNixpkgs.lib.nixosSystem {
system = system; system = system;
modules = modules ++ [ modules = modules ++ [
({ ... }: { self.nixosModules.nixfilesInputs
self.nixosModules.clerie
({ config, lib, ... }: {
# Apply overlays
nixpkgs.overlays = [
self.overlays.nixfilesInputs
self.overlays.clerie
];
/* /*
Make the contents of the flake availiable to modules. Make the contents of the flake availiable to modules.
Useful for having the monitoring server scraping the Useful for having the monitoring server scraping the
@ -21,29 +33,11 @@ rec {
inputs = inputs; inputs = inputs;
_nixfiles = self; _nixfiles = self;
}; };
})
../configuration/common # Expose host group to monitoring
../users/clerie
({ ... }: {
nixpkgs.overlays = [
self.overlays.clerie
(_: _: {
inherit (bij.packages."${system}")
bij;
inherit (chaosevents.packages."x86_64-linux")
chaosevents;
})
];
clerie.monitoring = nixpkgs.lib.attrsets.optionalAttrs (group != null) { serviceLevel = group; }; clerie.monitoring = nixpkgs.lib.attrsets.optionalAttrs (group != null) { serviceLevel = group; };
})
fernglas.nixosModules.default # Automatically load secrets from sops file for host
fieldpoc.nixosModules.default
nixos-exporter.nixosModules.default
solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
sops-nix.nixosModules.sops
(../hosts + "/${name}/configuration.nix")
# Automatically load secrets from sops file for host
({ config, lib, ... }: {
sops.defaultSopsFile = ../hosts + "/${name}/secrets.json"; sops.defaultSopsFile = ../hosts + "/${name}/secrets.json";
sops.secrets = let sops.secrets = let
secretFile = config.sops.defaultSopsFile; secretFile = config.sops.defaultSopsFile;
@ -55,25 +49,17 @@ rec {
in in
secrets; secrets;
}) })
# Config to be applied to every host
../configuration/common
../users/clerie
# Host specific config
(../hosts + "/${name}/configuration.nix")
]; ];
}; };
mapToNixosConfigurations = hosts: builtins.mapAttrs (name: host: generateNixosSystem host) hosts; mapToNixosConfigurations = hosts: builtins.mapAttrs (name: host: generateNixosSystem host) hosts;
generateColmenaHost = name: hostSystem: { in
deployment = { mapToNixosConfigurations self.clerie.hosts
targetHost = hostSystem.config.networking.fqdn;
targetUser = null;
tags = let
group = nixpkgs.lib.attrByPath [ "clerie" "monitoring" "serviceLevel" ] null hostSystem.config;
in nixpkgs.lib.lists.optional (group != null) group;
};
nixpkgs.system = hostSystem.config.nixpkgs.system;
imports = hostSystem._module.args.modules;
deployment.allowLocalDeployment = builtins.any (n: n == name) [ "osmium" ];
};
mapToColmenaHosts = hosts: builtins.mapAttrs (generateColmenaHost) hosts;
buildHosts = hosts: builtins.mapAttrs (name: host: host.config.system.build.toplevel) (nixpkgs.lib.filterAttrs (name: host: (builtins.substring 0 1 name) != "_") hosts);
}

17
flake/nixpkgs.nix Normal file
View File

@ -0,0 +1,17 @@
{ self
, nixpkgs
, ...
}@inputs:
let
mkNixpkgs = { system, ... }@args:
import nixpkgs {
inherit system;
overlays = [
self.overlays.nixfilesInputs
self.overlays.clerie
];
};
in
nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: mkNixpkgs { inherit system; })

14
flake/overlay.nix Normal file
View File

@ -0,0 +1,14 @@
{ self
, bij
, chaosevents
, ssh-to-age
, ...
}@inputs:
final: prev: {
inherit (bij.packages.${final.system})
bij;
inherit (chaosevents.packages.${final.system})
chaosevents;
inherit (ssh-to-age.packages.${final.system})
ssh-to-age;
}

7
lib/default.nix
View File

@ -7,13 +7,6 @@ let
} // inputs); } // inputs);
lib = { lib = {
flake-helper = callLibs ./flake-helper.nix;
inherit ("flake-helper")
generateNixosSystem
mapToNixosConfigurations
generateColmenaHost
mapToColmenaHosts
buildHosts;
clerie-monitoring-ids = callLibs ./clerie-monitoring-ids.nix; clerie-monitoring-ids = callLibs ./clerie-monitoring-ids.nix;
}; };