Merge pull request 'feat: format with nixpkgs-fmt' (#103) from feat/nixpkgs-fmt into main
Reviewed-on: #103 Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
This commit is contained in:
commit
9e80c52965
2
.git-blame-ignore-revs
Normal file
2
.git-blame-ignore-revs
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
# Apply treewide formatting with nixpkgs-fmt
|
||||||
|
815033c764660e1468b1564a02570bad0f84f77a
|
|
@ -80,7 +80,8 @@
|
||||||
flake =
|
flake =
|
||||||
let
|
let
|
||||||
username = "barkeeper";
|
username = "barkeeper";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
inherit username;
|
inherit username;
|
||||||
|
|
||||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
|
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.drone-secrets = {
|
age.secrets.drone-secrets = {
|
||||||
file = "${flake.self}/secrets/drone-secrets.age";
|
file = "${flake.self}/secrets/drone-secrets.age";
|
||||||
|
@ -31,10 +30,12 @@
|
||||||
"d '/var/lib/drone-db' 0750 drone drone - -"
|
"d '/var/lib/drone-db' 0750 drone drone - -"
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.services."docker-network-drone" = let
|
systemd.services."docker-network-drone" =
|
||||||
|
let
|
||||||
docker = config.virtualisation.oci-containers.backend;
|
docker = config.virtualisation.oci-containers.backend;
|
||||||
dockerBin = "${pkgs.${docker}}/bin/${docker}";
|
dockerBin = "${pkgs.${docker}}/bin/${docker}";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
before = [ "docker-drone-server.service" ];
|
before = [ "docker-drone-server.service" ];
|
||||||
script = ''
|
script = ''
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.forgejo-actions-runner-token = {
|
age.secrets.forgejo-actions-runner-token = {
|
||||||
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
|
file = "${flake.self}/secrets/forgejo-actions-runner-token.age";
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.grafana-admin-password = {
|
age.secrets.grafana-admin-password = {
|
||||||
file = "${flake.self}/secrets/grafana-admin-password.age";
|
file = "${flake.self}/secrets/grafana-admin-password.age";
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
# source: https://gist.github.com/rickhull/895b0cb38fdd537c1078a858cf15d63e
|
# source: https://gist.github.com/rickhull/895b0cb38fdd537c1078a858cf15d63e
|
||||||
# https://grafana.com/docs/loki/latest/configure/examples/#1-local-configuration-exampleyaml
|
# https://grafana.com/docs/loki/latest/configure/examples/#1-local-configuration-exampleyaml
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
|
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
|
||||||
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
|
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
}:
|
||||||
}: let
|
let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
config = {
|
config = {
|
||||||
# Override nix.conf for more agressive garbage collection
|
# Override nix.conf for more agressive garbage collection
|
||||||
nix.extraOptions = lib.mkForce ''
|
nix.extraOptions = lib.mkForce ''
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[
|
||||||
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
./triton-vmtools.nix
|
./triton-vmtools.nix
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, modulesPath
|
||||||
modulesPath,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
imports = [ ];
|
imports = [ ];
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{ pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
flake.inputs.triton-vmtools.packages.${pkgs.system}.default
|
flake.inputs.triton-vmtools.packages.${pkgs.system}.default
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, self
|
||||||
self,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
services.nginx.virtualHosts."collabora.pub.solar" = {
|
services.nginx.virtualHosts."collabora.pub.solar" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
|
@ -21,7 +21,8 @@
|
||||||
let
|
let
|
||||||
externalIPv4s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv4.addresses;
|
externalIPv4s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv4.addresses;
|
||||||
externalIPv6s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv6.addresses;
|
externalIPv6s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv6.addresses;
|
||||||
in ''
|
in
|
||||||
|
''
|
||||||
${externalIPv4s}
|
${externalIPv4s}
|
||||||
${externalIPv6s}
|
${externalIPv6s}
|
||||||
|
|
||||||
|
@ -64,7 +65,8 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
interfaces.enp35s0 = let
|
interfaces.enp35s0 =
|
||||||
|
let
|
||||||
range = with config.services.coturn; [{
|
range = with config.services.coturn; [{
|
||||||
from = min-port;
|
from = min-port;
|
||||||
to = max-port;
|
to = max-port;
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.forgejo-database-password = {
|
age.secrets.forgejo-database-password = {
|
||||||
file = "${flake.self}/secrets/forgejo-database-password.age";
|
file = "${flake.self}/secrets/forgejo-database-password.age";
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.keycloak-database-password = {
|
age.secrets.keycloak-database-password = {
|
||||||
file = "${flake.self}/secrets/keycloak-database-password.age";
|
file = "${flake.self}/secrets/keycloak-database-password.age";
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
networking.firewall.allowedTCPPorts = [ 25 ];
|
networking.firewall.allowedTCPPorts = [ 25 ];
|
||||||
|
|
|
@ -90,7 +90,8 @@
|
||||||
sendConnectionMessages = true;
|
sendConnectionMessages = true;
|
||||||
ssl = true;
|
ssl = true;
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
"irc.libera.chat" = lib.attrsets.recursiveUpdate commonConfig {
|
"irc.libera.chat" = lib.attrsets.recursiveUpdate commonConfig {
|
||||||
name = "libera";
|
name = "libera";
|
||||||
dynamicChannels.groupId = "+libera.chat:localhost";
|
dynamicChannels.groupId = "+libera.chat:localhost";
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
let
|
let
|
||||||
publicDomain = "matrix.pub.solar";
|
publicDomain = "matrix.pub.solar";
|
||||||
serverDomain = "pub.solar";
|
serverDomain = "pub.solar";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
age.secrets."matrix-synapse-signing-key" = {
|
age.secrets."matrix-synapse-signing-key" = {
|
||||||
file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
|
file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
|
||||||
mode = "400";
|
mode = "400";
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
}:
|
||||||
}: let
|
let
|
||||||
localSettingsPHP = pkgs.writeScript "LocalSettings.php" ''
|
localSettingsPHP = pkgs.writeScript "LocalSettings.php" ''
|
||||||
<?php
|
<?php
|
||||||
# Protect against web entry
|
# Protect against web entry
|
||||||
|
@ -154,7 +154,8 @@
|
||||||
|
|
||||||
uid = 986;
|
uid = 986;
|
||||||
gid = 984;
|
gid = 984;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
age.secrets.mediawiki-database-password = {
|
age.secrets.mediawiki-database-password = {
|
||||||
file = "${flake.self}/secrets/mediawiki-database-password.age";
|
file = "${flake.self}/secrets/mediawiki-database-password.age";
|
||||||
path = "/run/mediawiki/database-password";
|
path = "/run/mediawiki/database-password";
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
age.secrets."nextcloud-secrets" = {
|
age.secrets."nextcloud-secrets" = {
|
||||||
|
|
|
@ -46,10 +46,12 @@ in
|
||||||
least_conn;
|
least_conn;
|
||||||
'';
|
'';
|
||||||
servers = builtins.listToAttrs
|
servers = builtins.listToAttrs
|
||||||
(map (i: {
|
(map
|
||||||
|
(i: {
|
||||||
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
|
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
|
||||||
value = { };
|
value = { };
|
||||||
}) (lib.range 1 cfg.streamingProcesses));
|
})
|
||||||
|
(lib.range 1 cfg.streamingProcesses));
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -128,7 +128,8 @@ in
|
||||||
port = 8448;
|
port = 8448;
|
||||||
addr = "0.0.0.0";
|
addr = "0.0.0.0";
|
||||||
ssl = true;
|
ssl = true;
|
||||||
} {
|
}
|
||||||
|
{
|
||||||
port = 8448;
|
port = 8448;
|
||||||
addr = "[::]";
|
addr = "[::]";
|
||||||
ssl = true;
|
ssl = true;
|
||||||
|
|
|
@ -1,13 +1,14 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, self
|
||||||
self,
|
, ...
|
||||||
...
|
}:
|
||||||
}: let
|
let
|
||||||
acmeEmailAddress = "admins@pub.solar";
|
acmeEmailAddress = "admins@pub.solar";
|
||||||
webserverGroup = "hakkonaut";
|
webserverGroup = "hakkonaut";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
group = webserverGroup;
|
group = webserverGroup;
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
services.nginx.virtualHosts."stream.pub.solar" = {
|
services.nginx.virtualHosts."stream.pub.solar" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
services.prometheus = {
|
services.prometheus = {
|
||||||
exporters = {
|
exporters = {
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
|
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
|
||||||
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
|
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, lib
|
||||||
lib,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
age.secrets.searx-environment = {
|
age.secrets.searx-environment = {
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
{
|
{ flake
|
||||||
flake,
|
, config
|
||||||
config,
|
, pkgs
|
||||||
pkgs,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
# Use GRUB2 as the boot loader.
|
# Use GRUB2 as the boot loader.
|
||||||
# We don't use systemd-boot because Hetzner uses BIOS legacy boot.
|
# We don't use systemd-boot because Hetzner uses BIOS legacy boot.
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[
|
||||||
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
[
|
||||||
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
|
boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
|
||||||
|
@ -14,32 +15,38 @@
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "root_pool/root";
|
{
|
||||||
|
device = "root_pool/root";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/var/lib" =
|
fileSystems."/var/lib" =
|
||||||
{ device = "root_pool/data";
|
{
|
||||||
|
device = "root_pool/data";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/var/lib/postgresql" =
|
fileSystems."/var/lib/postgresql" =
|
||||||
{ device = "root_pool/data/postgresql";
|
{
|
||||||
|
device = "root_pool/data/postgresql";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/var/lib/docker" =
|
fileSystems."/var/lib/docker" =
|
||||||
{ device = "root_pool/data/docker";
|
{
|
||||||
|
device = "root_pool/data/docker";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot1" =
|
fileSystems."/boot1" =
|
||||||
{ device = "/dev/disk/by-uuid/5493-EFF5";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/5493-EFF5";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot2" =
|
fileSystems."/boot2" =
|
||||||
{ device = "/dev/disk/by-uuid/5494-BA1E";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/5494-BA1E";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{...}: let
|
{ ... }:
|
||||||
|
let
|
||||||
inherit (default.inputs.nixos) lib;
|
inherit (default.inputs.nixos) lib;
|
||||||
|
|
||||||
host = configs.${hostname} or configs.PubSolarOS;
|
host = configs.${hostname} or configs.PubSolarOS;
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
{ self, lib, inputs, ... }: {
|
{ self, lib, inputs, ... }: {
|
||||||
# Configuration common to all Linux systems
|
# Configuration common to all Linux systems
|
||||||
flake = {
|
flake = {
|
||||||
lib = let
|
lib =
|
||||||
|
let
|
||||||
callLibs = file: import file { inherit lib; };
|
callLibs = file: import file { inherit lib; };
|
||||||
in rec {
|
in
|
||||||
|
rec {
|
||||||
## Define your own library functions here!
|
## Define your own library functions here!
|
||||||
#id = x: x;
|
#id = x: x;
|
||||||
## Or in files, containing functions that take {lib}
|
## Or in files, containing functions that take {lib}
|
||||||
|
|
|
@ -5,7 +5,8 @@
|
||||||
* Licensed under the MIT license
|
* Licensed under the MIT license
|
||||||
*/
|
*/
|
||||||
|
|
||||||
{ lib, inputs }: let
|
{ lib, inputs }:
|
||||||
|
let
|
||||||
# https://github.com/serokell/deploy-rs#overall-usage
|
# https://github.com/serokell/deploy-rs#overall-usage
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
pkgs = import inputs.nixpkgs { inherit system; };
|
pkgs = import inputs.nixpkgs { inherit system; };
|
||||||
|
@ -16,7 +17,8 @@
|
||||||
(self: super: { deploy-rs = { inherit (pkgs) deploy-rs; lib = super.deploy-rs.lib; }; })
|
(self: super: { deploy-rs = { inherit (pkgs) deploy-rs; lib = super.deploy-rs.lib; }; })
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
getFqdn = c: let
|
getFqdn = c:
|
||||||
|
let
|
||||||
net = c.config.networking;
|
net = c.config.networking;
|
||||||
fqdn =
|
fqdn =
|
||||||
if (net ? domain) && (net.domain != null)
|
if (net ? domain) && (net.domain != null)
|
||||||
|
@ -24,7 +26,8 @@
|
||||||
else net.hostName;
|
else net.hostName;
|
||||||
in
|
in
|
||||||
fqdn;
|
fqdn;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
mkDeployNodes = systemConfigurations: extraConfig:
|
mkDeployNodes = systemConfigurations: extraConfig:
|
||||||
/*
|
/*
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{ config
|
||||||
config,
|
, pkgs
|
||||||
pkgs,
|
, lib
|
||||||
lib,
|
, flake
|
||||||
flake,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{ self
|
||||||
self,
|
, inputs
|
||||||
inputs,
|
, ...
|
||||||
...
|
|
||||||
}: {
|
}: {
|
||||||
flake = {
|
flake = {
|
||||||
nixosModules = rec {
|
nixosModules = rec {
|
||||||
|
|
|
@ -24,7 +24,8 @@ let
|
||||||
flora6Keys = [
|
flora6Keys = [
|
||||||
flora-6-host
|
flora-6-host
|
||||||
];
|
];
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
|
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
|
||||||
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
"nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue