10 changed files with 99 additions and 106 deletions
--- a/configuration/common/default.nix
+++ b/configuration/common/default.nix
@ -2,6 +2,8 @@
 {
  imports = [
    ../../modules
    ./backup.nix
    ./locale.nix
    ./networking.nix
--- a/configuration/common/programs.nix
+++ b/configuration/common/programs.nix
@ -13,6 +13,7 @@
    # Deployment
    bij
    colmena
    clerie-sops
    clerie-sops-edit
    sops
--- a/flake.lock
+++ b/flake.lock
@ -190,6 +190,22 @@
        "type": "github"
      }
    },
    "nixpkgs-krypton": {
      "locked": {
        "lastModified": 1713297878,
        "narHash": "sha256-hOkzkhLT59wR8VaMbh1ESjtZLbGi+XNaBN6h49SPqEc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "66adc1e47f8784803f2deb6cacd5e07264ec2d5c",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1713434076,
@ -224,11 +240,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1715534503,
+        "lastModified": 1715447595,
-        "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=",
+        "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "2057814051972fa1453ddfb0d98badbea9b83c06",
+        "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652",
        "type": "github"
      },
      "original": {
@ -247,6 +263,7 @@
        "nixos-exporter": "nixos-exporter",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_3",
        "nixpkgs-krypton": "nixpkgs-krypton",
        "solid-xmpp-alarm": "solid-xmpp-alarm",
        "sops-nix": "sops-nix",
        "ssh-to-age": "ssh-to-age"
--- a/flake.nix
+++ b/flake.nix
@ -1,6 +1,7 @@
 {
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixpkgs-krypton.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    bij = {
      url = "git+https://git.clerie.de/clerie/bij.git";
@ -35,7 +36,6 @@
  outputs = { self, nixpkgs, nixos-hardware, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ssh-to-age, ... }@inputs: let
    lib = import ./lib inputs;
    helper = lib.flake-helper;
    localNixpkgs = import ./flake/nixpkgs.nix inputs;
  in {
    clerie.hosts = {
      aluminium = {
@ -90,22 +90,34 @@
      _iso = { name = "_iso"; };
    };
-    nixosConfigurations = import ./flake/nixosConfigurations.nix inputs;
+    nixosConfigurations = helper.mapToNixosConfigurations self.clerie.hosts;
-    nixosModules = {
+    colmena = {
-      nixfilesInputs = import ./flake/modules.nix inputs;
+      meta = {
-      clerie = import ./modules;
+        nixpkgs = import nixpkgs {
-      default = self.nixosModules.clerie;
+          system = "x86_64-linux";
        };
      };
    } // helper.mapToColmenaHosts self.nixosConfigurations;
    overlays = {
      nixfilesInputs = import ./flake/overlay.nix inputs;
      clerie = import ./pkgs/overlay.nix;
      default = self.overlays.clerie;
    };
    packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let
-      pkgs = localNixpkgs.${system};
+      pkgs = import nixpkgs {
        inherit system;
        overlays = [
          self.overlays.clerie
          (_: _: {
            inherit (chaosevents.packages.${system})
              chaosevents;
            inherit (ssh-to-age.packages.${system})
              ssh-to-age;
           })
        ];
      };
    in {
      inherit (pkgs)
        clerie-keys
@ -130,7 +142,12 @@
    inherit lib self;
-    hydraJobs = import ./flake/hydraJobs.nix inputs;
+    hydraJobs = {
      inherit (self)
        packages;
      nixosConfigurations = helper.buildHosts self.nixosConfigurations;
      iso = self.nixosConfigurations._iso.config.system.build.isoImage;
    };
    nixConfig = {
      extra-substituters = [
--- a/flake/hydraJobs.nix
+++ b/flake/hydraJobs.nix
@ -1,15 +0,0 @@
 { self
 , nixpkgs
 , ...
 }@inputs:
 let
  buildHosts = hosts: builtins.mapAttrs (name: host: host.config.system.build.toplevel) (nixpkgs.lib.filterAttrs (name: host: (builtins.substring 0 1 name) != "_") hosts);
 in {
  inherit (self)
    packages;
  nixosConfigurations = buildHosts self.nixosConfigurations;
  iso = self.nixosConfigurations._iso.config.system.build.isoImage;
 }
--- a/flake/modules.nix
+++ b/flake/modules.nix
@ -1,19 +0,0 @@
 { self
 , fernglas
 , fieldpoc
 , nixos-exporter
 , solid-xmpp-alarm
 , sops-nix
 , ...
 }@inputs:
 { ... }:
 {
  imports = [
    fernglas.nixosModules.default
    fieldpoc.nixosModules.default
    nixos-exporter.nixosModules.default
    solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
    sops-nix.nixosModules.sops
  ];
 }
--- a/flake/nixpkgs.nix
+++ b/flake/nixpkgs.nix
@ -1,17 +0,0 @@
 { self
 , nixpkgs
 , ...
 }@inputs:
 let
  mkNixpkgs = { system, ... }@args: 
    import nixpkgs {
      inherit system;
      overlays = [
        self.overlays.nixfilesInputs
        self.overlays.clerie
      ];
    };
 in
  nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: mkNixpkgs { inherit system; })
--- a/flake/overlay.nix
+++ b/flake/overlay.nix
@ -1,14 +0,0 @@
 { self
 , bij
 , chaosevents
 , ssh-to-age
 , ...
 }@inputs:
 final: prev: {
  inherit (bij.packages.${final.system})
    bij;
  inherit (chaosevents.packages.${final.system})
    chaosevents;
  inherit (ssh-to-age.packages.${final.system})
    ssh-to-age;
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -7,6 +7,13 @@ let
  } // inputs);
  lib = {
    flake-helper = callLibs ./flake-helper.nix;
    inherit ("flake-helper")
      generateNixosSystem
      mapToNixosConfigurations
      generateColmenaHost
      mapToColmenaHosts
      buildHosts;
    clerie-monitoring-ids = callLibs ./clerie-monitoring-ids.nix;
  };
--- a/flake/nixosConfigurations.nix
+++ b/flake/nixosConfigurations.nix
@ -1,9 +1,6 @@
-{ self
+{ self, nixpkgs, bij, chaosevents, fernglas, fieldpoc, nixos-exporter, solid-xmpp-alarm, sops-nix, ... }@inputs:
 , nixpkgs
 , ...
 }@inputs:
-let
+rec {
  generateNixosSystem = {
    name,
    system ? "x86_64-linux",
@ -14,16 +11,7 @@ let
  in localNixpkgs.lib.nixosSystem {
    system = system;
    modules = modules ++ [
-      self.nixosModules.nixfilesInputs
+      ({ ... }: {
      self.nixosModules.clerie
      ({ config, lib, ... }: {
        # Apply overlays
        nixpkgs.overlays = [
          self.overlays.nixfilesInputs
          self.overlays.clerie
        ];
        /*
          Make the contents of the flake availiable to modules.
          Useful for having the monitoring server scraping the
@ -33,11 +21,29 @@ let
          inputs = inputs;
          _nixfiles = self;
        };
-
+      })
-        # Expose host group to monitoring
+      ../configuration/common
      ../users/clerie
      ({ ... }: {
        nixpkgs.overlays = [
          self.overlays.clerie
          (_: _: {
            inherit (bij.packages."${system}")
              bij;
            inherit (chaosevents.packages."x86_64-linux")
              chaosevents;
           })
        ];
        clerie.monitoring = nixpkgs.lib.attrsets.optionalAttrs (group != null) { serviceLevel = group; };
-
+      })
      fernglas.nixosModules.default
      fieldpoc.nixosModules.default
      nixos-exporter.nixosModules.default
      solid-xmpp-alarm.nixosModules.solid-xmpp-alarm
      sops-nix.nixosModules.sops
      (../hosts + "/${name}/configuration.nix")
      # Automatically load secrets from sops file for host
      ({ config, lib, ... }: {
        sops.defaultSopsFile = ../hosts + "/${name}/secrets.json";
        sops.secrets = let
          secretFile = config.sops.defaultSopsFile;
@ -49,17 +55,25 @@ let
        in
          secrets;
      })
      # Config to be applied to every host
      ../configuration/common
      ../users/clerie
      # Host specific config
      (../hosts + "/${name}/configuration.nix")
    ];
  };
  mapToNixosConfigurations = hosts: builtins.mapAttrs (name: host: generateNixosSystem host) hosts;
-in
+  generateColmenaHost = name: hostSystem: {
-  mapToNixosConfigurations self.clerie.hosts
+    deployment = {
      targetHost = hostSystem.config.networking.fqdn;
      targetUser = null;
      tags = let
        group = nixpkgs.lib.attrByPath [ "clerie" "monitoring" "serviceLevel" ] null hostSystem.config;
      in nixpkgs.lib.lists.optional (group != null) group;
    };
    nixpkgs.system = hostSystem.config.nixpkgs.system;
    imports = hostSystem._module.args.modules;
    deployment.allowLocalDeployment = builtins.any (n: n == name) [ "osmium" ];
  };
  mapToColmenaHosts = hosts: builtins.mapAttrs (generateColmenaHost) hosts;
  buildHosts = hosts: builtins.mapAttrs (name: host: host.config.system.build.toplevel) (nixpkgs.lib.filterAttrs (name: host: (builtins.substring 0 1 name) != "_") hosts);
 }