diff --git a/.gitmodules b/.gitmodules index 43c15d68..7dce1d03 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ -[submodule "trusted"] - path = trusted +[submodule "config/trusted"] + path = config/trusted branch = main url = "https://git.kittywit.ch/kat/nixfiles-trusted.git" diff --git a/README.md b/README.md index 22ec0263..83f03d38 100644 --- a/README.md +++ b/README.md @@ -8,10 +8,9 @@ The public section of my NixOS configuration, using [arcnmx/tf-nix](https://gith ### Deployment -* `nix run -f . deploy.target..run.apply` - -* `nix run -f . deploy.target..run -c terraform destroy` +* `-deploy` +* `-tf` ### Host Building -* `nix build -f . hosts..config.system.build.toplevel` +* `nix build -f . network.nodes..deploy.system` diff --git a/ci/hosts.nix b/ci/hosts.nix index 83569450..735b1691 100644 --- a/ci/hosts.nix +++ b/ci/hosts.nix @@ -16,7 +16,7 @@ jobs = let hostnames = [ "samhain" "yule" "athame" ]; in mapAttrs' (k: nameValuePair "host-${k}") (genAttrs hostnames (host: { - tasks.${host}.inputs = channels.nixfiles.hosts.${host}.config.system.build.toplevel; + tasks.${host}.inputs = channels.nixfiles.network.nodes.${host}.deploy.system; })); ci.gh-actions.checkoutOptions.submodules = false; diff --git a/ci/niv-cron.nix b/ci/niv-cron.nix index 0f97c614..fb886137 100644 --- a/ci/niv-cron.nix +++ b/ci/niv-cron.nix @@ -74,8 +74,8 @@ with lib; { if git status --porcelain | grep -qF nix/sources.json; then git -P diff nix/sources.json nix build --no-link -Lf . sourceCache.local - echo "checking that hosts still build..." >&2 - if nix build -Lf . hosts.athame.config.system.build.toplevel && nix-collect-garbage -d && nix build -Lf . hosts.yule.config.system.build.toplevel && nix-collect-garbage -d && nix build -Lf . hosts.samhain.config.system.build.toplevel; then + echo "checking that network.nodes.still build..." >&2 + if nix build -Lf . network.nodes.athame.deploy.system && nix-collect-garbage -d && nix build -Lf . network.nodes.yule.system && nix-collect-garbage -d && nix build -Lf . network.nodes.samhain.system; then if [[ -n $CACHIX_SIGNING_KEY ]]; then nix build --no-link -Lf . sourceCache.all cachix push kittywitch $(nix eval --raw -f . sourceCache.allStr) diff --git a/hosts/athame/home/default.nix b/config/hosts/athame/home/default.nix similarity index 100% rename from hosts/athame/home/default.nix rename to config/hosts/athame/home/default.nix diff --git a/hosts/athame/home/weechat.nix b/config/hosts/athame/home/weechat.nix similarity index 100% rename from hosts/athame/home/weechat.nix rename to config/hosts/athame/home/weechat.nix diff --git a/hosts/athame/meta.nix b/config/hosts/athame/meta.nix similarity index 62% rename from hosts/athame/meta.nix rename to config/hosts/athame/meta.nix index 2767c647..563c018a 100644 --- a/hosts/athame/meta.nix +++ b/config/hosts/athame/meta.nix @@ -1,25 +1,38 @@ -{ config, hosts, lib, ... }: -with config.resources; { - resources.hcloud_ssh_key = { - provider = "hcloud"; - type = "ssh_key"; - inputs = { - name = "yubikey"; - public_key = - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"; +{ lib, config, ... }: with lib; { +config = { + deploy.targets.infra = { + tf = { + resources.hcloud_ssh_key = { + provider = "hcloud"; + type = "ssh_key"; + inputs = { + name = "yubikey"; + public_key = + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"; + }; + }; + resources.athame = { + provider = "null"; + type = "resource"; + connection = { + port = 62954; + host = "athame.kittywit.ch"; + }; + }; + }; + }; + network.nodes.athame = { + imports = lib.hostImport "athame"; + networking = { + hostName = "athame"; + }; }; }; +} - resources.athame = { - provider = "null"; - type = "resource"; - connection = { - port = 62954; - host = "athame.kittywit.ch"; - }; - }; +# For the eventual migration - #resources.athame = { +#resources.athame = { #provider = "hcloud"; # type = "server"; # inputs = { @@ -105,4 +118,3 @@ with config.resources; { # SRV = record.out.resource.refAttr "id"; # }.${record.out.type}) config.dns.records; -} diff --git a/hosts/athame/nixos/default.nix b/config/hosts/athame/nixos/default.nix similarity index 96% rename from hosts/athame/nixos/default.nix rename to config/hosts/athame/nixos/default.nix index bc2bb384..b1c55689 100644 --- a/hosts/athame/nixos/default.nix +++ b/config/hosts/athame/nixos/default.nix @@ -20,7 +20,7 @@ with lib; ../../../services/gitea ../../../services/syncplay.nix ../../../services/weechat.nix - ../../../services/bitwarden.nix + ../../../services/vaultwarden.nix ../../../services/taskserver.nix ../../../services/murmur.nix ../../../services/matrix.nix @@ -38,8 +38,6 @@ with lib; boot.loader.grub.enable = true; boot.loader.grub.version = 2; - deploy.target = "infra"; - networking = { hostName = "athame"; domain = "kittywit.ch"; diff --git a/hosts/athame/nixos/hw.nix b/config/hosts/athame/nixos/hw.nix similarity index 100% rename from hosts/athame/nixos/hw.nix rename to config/hosts/athame/nixos/hw.nix diff --git a/hosts/athame/nixos/virtualhosts.nix b/config/hosts/athame/nixos/virtualhosts.nix similarity index 100% rename from hosts/athame/nixos/virtualhosts.nix rename to config/hosts/athame/nixos/virtualhosts.nix diff --git a/hosts/dummy/nixos/default.nix b/config/hosts/dummy/nixos/default.nix similarity index 100% rename from hosts/dummy/nixos/default.nix rename to config/hosts/dummy/nixos/default.nix diff --git a/hosts/mabon/home/default.nix b/config/hosts/mabon/home/default.nix similarity index 100% rename from hosts/mabon/home/default.nix rename to config/hosts/mabon/home/default.nix diff --git a/config/hosts/mabon/meta.nix b/config/hosts/mabon/meta.nix new file mode 100644 index 00000000..e69de29b diff --git a/hosts/mabon/nixos/default.nix b/config/hosts/mabon/nixos/default.nix similarity index 96% rename from hosts/mabon/nixos/default.nix rename to config/hosts/mabon/nixos/default.nix index 3080f40d..1495ba65 100644 --- a/hosts/mabon/nixos/default.nix +++ b/config/hosts/mabon/nixos/default.nix @@ -9,8 +9,6 @@ users.kairi.guiFull ]; - deploy.target = "mbp"; - networking.wireless.interfaces = [ "wlp3s0" ]; boot.loader.systemd-boot.enable = true; diff --git a/hosts/mabon/nixos/hw.nix b/config/hosts/mabon/nixos/hw.nix similarity index 100% rename from hosts/mabon/nixos/hw.nix rename to config/hosts/mabon/nixos/hw.nix diff --git a/hosts/mabon/meta.nix b/config/hosts/mabon/tf.nix similarity index 100% rename from hosts/mabon/meta.nix rename to config/hosts/mabon/tf.nix diff --git a/hosts/ostara/home/default.nix b/config/hosts/ostara/home/default.nix similarity index 100% rename from hosts/ostara/home/default.nix rename to config/hosts/ostara/home/default.nix diff --git a/config/hosts/ostara/meta.nix b/config/hosts/ostara/meta.nix new file mode 100644 index 00000000..d53a7ef9 --- /dev/null +++ b/config/hosts/ostara/meta.nix @@ -0,0 +1,22 @@ +{ lib, config, ... }: with lib; { + config = { + deploy.targets.personal = { + tf = { + resources.ostara = { + provider = "null"; + type = "resource"; + connection = { + port = 62954; + host = "192.168.1.245"; + }; + }; + }; + network.nodes.samhain = { + imports = lib.hostImport "samhain"; + networking = { + hostName = "samhain"; + }; + }; + }; + }; +} diff --git a/hosts/ostara/nixos/default.nix b/config/hosts/ostara/nixos/default.nix similarity index 98% rename from hosts/ostara/nixos/default.nix rename to config/hosts/ostara/nixos/default.nix index c8bcd7a7..c5706d15 100644 --- a/hosts/ostara/nixos/default.nix +++ b/config/hosts/ostara/nixos/default.nix @@ -5,8 +5,6 @@ with lib; { imports = [ ./hw.nix profiles.laptop ]; - deploy.target = "slow"; - boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; diff --git a/hosts/ostara/nixos/hw.nix b/config/hosts/ostara/nixos/hw.nix similarity index 100% rename from hosts/ostara/nixos/hw.nix rename to config/hosts/ostara/nixos/hw.nix diff --git a/hosts/ostara/meta.nix b/config/hosts/ostara/tf.nix similarity index 100% rename from hosts/ostara/meta.nix rename to config/hosts/ostara/tf.nix diff --git a/hosts/samhain/home/default.nix b/config/hosts/samhain/home/default.nix similarity index 100% rename from hosts/samhain/home/default.nix rename to config/hosts/samhain/home/default.nix diff --git a/hosts/samhain/home/sway/default.nix b/config/hosts/samhain/home/sway/default.nix similarity index 100% rename from hosts/samhain/home/sway/default.nix rename to config/hosts/samhain/home/sway/default.nix diff --git a/hosts/samhain/home/sway/swayidle.nix b/config/hosts/samhain/home/sway/swayidle.nix similarity index 100% rename from hosts/samhain/home/sway/swayidle.nix rename to config/hosts/samhain/home/sway/swayidle.nix diff --git a/config/hosts/samhain/meta.nix b/config/hosts/samhain/meta.nix new file mode 100644 index 00000000..804d98bc --- /dev/null +++ b/config/hosts/samhain/meta.nix @@ -0,0 +1,22 @@ +{ lib, config, ... }: with lib; { + config = { + deploy.targets.personal = { + tf = { + resources.samhain = { + provider = "null"; + type = "resource"; + connection = { + port = 62954; + host = "192.168.1.135"; + }; + }; + }; + }; + network.nodes.samhain = { + imports = lib.hostImport "samhain"; + networking = { + hostName = "samhain"; + }; + }; + }; +} diff --git a/hosts/samhain/nixos/default.nix b/config/hosts/samhain/nixos/default.nix similarity index 97% rename from hosts/samhain/nixos/default.nix rename to config/hosts/samhain/nixos/default.nix index fe28f788..1e0ff352 100644 --- a/hosts/samhain/nixos/default.nix +++ b/config/hosts/samhain/nixos/default.nix @@ -24,7 +24,11 @@ in ./virtualhosts.nix ]; - deploy.target = "personal"; + home-manager.users.kat = { + imports = [ + ../home + ]; + }; deploy.tf.variables.dyn_username = { type = "string"; diff --git a/hosts/samhain/nixos/hw.nix b/config/hosts/samhain/nixos/hw.nix similarity index 100% rename from hosts/samhain/nixos/hw.nix rename to config/hosts/samhain/nixos/hw.nix diff --git a/hosts/samhain/nixos/jellyfin.nix b/config/hosts/samhain/nixos/jellyfin.nix similarity index 100% rename from hosts/samhain/nixos/jellyfin.nix rename to config/hosts/samhain/nixos/jellyfin.nix diff --git a/hosts/samhain/nixos/thermal/default.nix b/config/hosts/samhain/nixos/thermal/default.nix similarity index 100% rename from hosts/samhain/nixos/thermal/default.nix rename to config/hosts/samhain/nixos/thermal/default.nix diff --git a/hosts/samhain/nixos/thermal/kaede-power.sh b/config/hosts/samhain/nixos/thermal/kaede-power.sh similarity index 100% rename from hosts/samhain/nixos/thermal/kaede-power.sh rename to config/hosts/samhain/nixos/thermal/kaede-power.sh diff --git a/hosts/samhain/nixos/thermal/kaede-thermald.xml b/config/hosts/samhain/nixos/thermal/kaede-thermald.xml similarity index 100% rename from hosts/samhain/nixos/thermal/kaede-thermald.xml rename to config/hosts/samhain/nixos/thermal/kaede-thermald.xml diff --git a/hosts/samhain/nixos/thermal/kaede-thermals.sh b/config/hosts/samhain/nixos/thermal/kaede-thermals.sh similarity index 100% rename from hosts/samhain/nixos/thermal/kaede-thermals.sh rename to config/hosts/samhain/nixos/thermal/kaede-thermals.sh diff --git a/hosts/samhain/nixos/transmission.nix b/config/hosts/samhain/nixos/transmission.nix similarity index 100% rename from hosts/samhain/nixos/transmission.nix rename to config/hosts/samhain/nixos/transmission.nix diff --git a/hosts/samhain/nixos/virtualhosts.nix b/config/hosts/samhain/nixos/virtualhosts.nix similarity index 100% rename from hosts/samhain/nixos/virtualhosts.nix rename to config/hosts/samhain/nixos/virtualhosts.nix diff --git a/hosts/yule/home/default.nix b/config/hosts/yule/home/default.nix similarity index 100% rename from hosts/yule/home/default.nix rename to config/hosts/yule/home/default.nix diff --git a/hosts/yule/home/sway/default.nix b/config/hosts/yule/home/sway/default.nix similarity index 100% rename from hosts/yule/home/sway/default.nix rename to config/hosts/yule/home/sway/default.nix diff --git a/hosts/yule/home/sway/swayidle.nix b/config/hosts/yule/home/sway/swayidle.nix similarity index 100% rename from hosts/yule/home/sway/swayidle.nix rename to config/hosts/yule/home/sway/swayidle.nix diff --git a/config/hosts/yule/meta.nix b/config/hosts/yule/meta.nix new file mode 100644 index 00000000..29c8c063 --- /dev/null +++ b/config/hosts/yule/meta.nix @@ -0,0 +1,22 @@ +{ lib, config, ... }: with lib; { + config = { + deploy.targets.personal = { + tf = { + resources.yule = { + provider = "null"; + type = "resource"; + connection = { + port = 62954; + host = "192.168.1.92"; + }; + }; + }; + }; + network.nodes.yule = { + imports = lib.hostImport "yule"; + networking = { + hostName = "yule"; + }; + }; + }; +} diff --git a/hosts/yule/nixos/default.nix b/config/hosts/yule/nixos/default.nix similarity index 94% rename from hosts/yule/nixos/default.nix rename to config/hosts/yule/nixos/default.nix index 2227b83c..b71a4597 100644 --- a/hosts/yule/nixos/default.nix +++ b/config/hosts/yule/nixos/default.nix @@ -17,9 +17,13 @@ with lib; users.kat.guiFull ]; - networking.wireless.interfaces = [ "wlp2s0" ]; + home-manager.users.kat = { + imports = [ + ../home + ]; + }; - deploy.target = "personal"; + networking.wireless.interfaces = [ "wlp2s0" ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/hosts/yule/nixos/hw.nix b/config/hosts/yule/nixos/hw.nix similarity index 100% rename from hosts/yule/nixos/hw.nix rename to config/hosts/yule/nixos/hw.nix diff --git a/modules/home/default.nix b/config/modules/home/default.nix similarity index 100% rename from modules/home/default.nix rename to config/modules/home/default.nix diff --git a/modules/home/deploy-tf/default.nix b/config/modules/home/deploy-tf/default.nix similarity index 100% rename from modules/home/deploy-tf/default.nix rename to config/modules/home/deploy-tf/default.nix diff --git a/modules/home/vim.nix b/config/modules/home/vim.nix similarity index 100% rename from modules/home/vim.nix rename to config/modules/home/vim.nix diff --git a/config/modules/meta/default.nix b/config/modules/meta/default.nix new file mode 100644 index 00000000..b71fe2ed --- /dev/null +++ b/config/modules/meta/default.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + imports = [ + ./deploy.nix + ./network.nix + ]; +} diff --git a/modules/nixos/deploy-tf/default.nix b/config/modules/meta/deploy-old.nix similarity index 100% rename from modules/nixos/deploy-tf/default.nix rename to config/modules/meta/deploy-old.nix diff --git a/config/modules/meta/deploy.nix b/config/modules/meta/deploy.nix new file mode 100644 index 00000000..9643aeb0 --- /dev/null +++ b/config/modules/meta/deploy.nix @@ -0,0 +1,99 @@ +{ sources, config, pkgs, lib, ... }: with lib; let + cfg = config.deploy; + meta = config; + tfModule = { lib, ... }: with lib; { + config._module.args = { + pkgs = mkDefault pkgs; + }; + }; + tfType = types.submoduleWith { + modules = [ + tfModule + "${toString sources.tf-nix}/modules" + ]; + }; +in { + imports = [ + (toString (sources.tf-nix + "/modules/run.nix")) + ] ++ (optional (builtins.pathExists ../../trusted/tf/tf.nix) (../../trusted/tf/tf.nix)); + options = { + deploy = { + dataDir = mkOption { + type = types.path; + }; + local = { + isRoot = mkOption { + type = types.bool; + default = builtins.getEnv "HOME_UID" == "0"; + }; + hostName = mkOption { + type = types.nullOr types.str; + default = let + hostName = builtins.getEnv "HOME_HOSTNAME"; + in if hostName == "" then null else hostName; + }; + }; + targets = let + type = types.submodule ({ config, name, ... }: { + options = { + name = mkOption { + type = types.str; + default = name; + }; + nodeNames = mkOption { + type = types.listOf types.str; + default = [ ]; + }; + tf = mkOption { + type = tfType; + default = { }; + }; + }; + config.tf = mkMerge (singleton { + imports = [ + ../../targets/common + ]; + deps = { + select.allProviders = true; + enable = true; + }; + terraform = { + version = "1.0"; + logPath = cfg.dataDir + "/terraform-${config.name}.log"; + dataDir = cfg.dataDir + "/tfdata/${config.name}"; + environment.TF_CLI_ARGS_apply = "-backup=-"; + environment.TF_CLI_ARGS_taint = "-backup=-"; + }; + state = { + file = cfg.dataDir + "/terraform-${config.name}.tfstate"; + }; + runners = { + lazy = { + inherit (meta.runners.lazy) file args; + attrPrefix = "deploy.targets.${name}.tf.runners.run."; + }; + run = { + apply.name = "${name}-apply"; + terraform.name = "${name}-tf"; + }; + }; + continue.envVar = "TF_NIX_CONTINUE_${replaceStrings [ "-" ] [ "_" ] config.name}"; + } ++ map (nodeName: mapAttrs (_: mkMerge) meta.network.nodes.${nodeName}.deploy.tf.out.set) config.nodeNames); + }); + in mkOption { + type = types.attrsOf type; + default = { }; + }; + }; + }; + config = { + runners = { + run = mkMerge (mapAttrsToList (targetName: target: mapAttrs' (k: run: + nameValuePair run.name run.set + ) target.tf.runners.run) cfg.targets); + lazy.run = mkMerge (mapAttrsToList (targetName: target: mapAttrs' (k: run: + nameValuePair run.name run.set + ) target.tf.runners.lazy.run) cfg.targets); + }; + }; +} diff --git a/config/modules/meta/network.nix b/config/modules/meta/network.nix new file mode 100644 index 00000000..776dc857 --- /dev/null +++ b/config/modules/meta/network.nix @@ -0,0 +1,59 @@ +{ pkgs, sources, users, profiles, lib, config, ... }: with lib; + +{ + options.network = { + nixos = { + extraModules = mkOption { + type = types.listOf types.unspecified; + default = [ ]; + }; + specialArgs = mkOption { + type = types.attrsOf types.unspecified; + default = { }; + }; + modulesPath = mkOption { + type = types.path; + default = toString (pkgs.path + "/nixos/modules"); + }; + }; + nodes = let + nixosModule = { name, config, meta, modulesPath, lib, ... }: with lib; { + config = { + nixpkgs = { + system = mkDefault pkgs.system; + pkgs = mkDefault pkgs; + #inherit (pkgs) config; + }; + }; + }; + nixosType = let + baseModules = import (config.network.nixos.modulesPath + "/module-list.nix"); + in types.submoduleWith { + modules = baseModules + ++ singleton nixosModule + ++ config.network.nixos.extraModules; + + specialArgs = { + inherit baseModules; + inherit (config.network.nixos) modulesPath; + } // config.network.nixos.specialArgs; + }; + in mkOption { + type = types.attrsOf nixosType; + default = { }; + }; + }; + config.network = { + nixos = { + extraModules = [ + "${toString sources.home-manager}/nixos" + ../../modules/nixos + ]; + specialArgs = { + inherit (config.network) nodes; + inherit sources profiles users; + meta = config; + }; + }; + }; +} diff --git a/modules/nixos/default.nix b/config/modules/nixos/default.nix similarity index 65% rename from modules/nixos/default.nix rename to config/modules/nixos/default.nix index 61faa2df..08df897d 100644 --- a/modules/nixos/default.nix +++ b/config/modules/nixos/default.nix @@ -1,10 +1,10 @@ -{ sources, lib, ... }: +{ meta, sources, lib, ... }: { imports = with (import (sources.nixexprs + "/modules")).nixos; [ base16 base16-shared ] ++ [ - ./nftables - ./fw-abstraction - ./deploy-tf + ./nftables.nix + ./fw-abstraction.nix + ./deploy-tf.nix (sources.tf-nix + "/modules/nixos/secrets.nix") (sources.tf-nix + "/modules/nixos/secrets-users.nix") (sources.hexchen + "/modules/hexnet") @@ -13,4 +13,9 @@ # stubs for hexchens modules, until more generalized options.hexchen.dns = lib.mkOption { }; options.hexchen.deploy = lib.mkOption { }; + + # shim + config = { + _module.args.hosts = lib.mapAttrs (_: config: { inherit config; } ) meta.network.nodes; + }; } diff --git a/config/modules/nixos/deploy-tf.nix b/config/modules/nixos/deploy-tf.nix new file mode 100644 index 00000000..a10ae85b --- /dev/null +++ b/config/modules/nixos/deploy-tf.nix @@ -0,0 +1,91 @@ +{ tf, target, name, meta, config, lib, ... }: +with lib; +let + cfg = config.deploy; + unmergedValues = types.mkOptionType { + name = "unmergedValues"; + merge = loc: defs: map (def: def.value) defs; + }; +in +{ + options.deploy = { + targetName = mkOption { + type = types.nullOr types.str; + default = null; + }; + system = mkOption { + type = types.unspecified; + readOnly = true; + }; + }; + options.deploy.tf = mkOption { + type = types.submodule { + freeformType = types.attrsOf unmergedValues; + + options = { + import = mkOption { + type = types.attrsOf types.unspecified; + default = [ ]; + }; + imports = mkOption { + type = types.listOf types.str; + description = "Other targets to depend on"; + default = [ ]; + }; + attrs = mkOption { + type = types.listOf types.str; + default = [ ]; + }; + out.set = mkOption { type = types.unspecified; }; + }; + }; + }; + + config = { + deploy = { + system = config.system.build.toplevel; + targetName = if (meta.deploy.targets ? ${name}) then + (mkDefault name) + else + head (attrNames ((filterAttrs(targetName: target: elem config.networking.hostName target.nodeNames) meta.deploy.targets))); + }; + deploy.tf = mkMerge (singleton + { + attrs = [ "import" "imports" "out" "attrs" ]; + import = genAttrs cfg.tf.imports (target: meta.deploy.targets.${target}.tf); + out.set = removeAttrs cfg.tf cfg.tf.attrs; + deploy.systems.${config.networking.hostName} = + with tf.resources; { + isRemote = + (config.networking.hostName != builtins.getEnv "HOME_HOSTNAME"); + nixosConfig = config; + connection = tf.resources.${config.networking.hostName}.connection.set; + triggers.copy.${config.networking.hostName} = + tf.resources.${config.networking.hostName}.refAttr "id"; + triggers.secrets.${config.networking.hostName} = + tf.resources.${config.networking.hostName}.refAttr "id"; + }; + + dns.records."kittywitch_net_${config.networking.hostName}" = + mkIf (config.hexchen.network.enable) { + tld = "kittywit.ch."; + domain = "${config.networking.hostName}.net"; + aaaa.address = config.hexchen.network.address; + }; + + } ++ mapAttrsToList + (_: user: + mapAttrs (_: mkMerge) user.deploy.tf.out.set) + config.home-manager.users); + + security.acme.certs."${config.networking.hostName}.net.kittywit.ch" = + mkIf (config.services.nginx.enable && config.hexchen.network.enable) { + domain = "${config.networking.hostName}.net.kittywit.ch"; + dnsProvider = "rfc2136"; + credentialsFile = config.secrets.files.dns_creds.path; + group = "nginx"; + }; + _module.args.target = mapNullable (targetName: meta.deploy.targets.${targetName}) cfg.targetName; + _module.args.tf = mapNullable (target: target.tf) target; + }; +} diff --git a/modules/nixos/fw-abstraction/default.nix b/config/modules/nixos/fw-abstraction.nix similarity index 98% rename from modules/nixos/fw-abstraction/default.nix rename to config/modules/nixos/fw-abstraction.nix index df6bdc1c..e172db8a 100644 --- a/modules/nixos/fw-abstraction/default.nix +++ b/config/modules/nixos/fw-abstraction.nix @@ -1,4 +1,4 @@ -{ config, hosts, lib, pkgs, ... }: +{ config, lib, pkgs, ... }: with lib; diff --git a/modules/nixos/nftables/default.nix b/config/modules/nixos/nftables.nix similarity index 100% rename from modules/nixos/nftables/default.nix rename to config/modules/nixos/nftables.nix diff --git a/config/nixos.nix b/config/nixos.nix new file mode 100644 index 00000000..66ad906c --- /dev/null +++ b/config/nixos.nix @@ -0,0 +1,52 @@ +{ pkgs, config, lib, tf, sources, options, profiles, ... }: + +{ + imports = [ + profiles/common + ]; + + options = { + deploy.profile.gui = lib.mkEnableOption "graphical system"; + deploy.profile.fvwm = lib.mkEnableOption "fvwm"; + deploy.profile.sway = lib.mkEnableOption "sway wm"; + deploy.profile.laptop = lib.mkEnableOption "lappytop"; + home-manager.users = lib.mkOption { + type = lib.types.attrsOf (lib.types.submoduleWith { + modules = [ ./modules/home ]; + specialArgs = { + inherit sources tf; + superConfig = config; + modulesPath = sources.home-manager + "/modules"; + }; + }); + }; + }; + + config = { + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + + users = { + kat = { + imports = lib.optional (builtins.pathExists ./trusted/users/kat) (import ./trusted/users/kat); + + options = { + deploy.profile.gui = lib.mkEnableOption "graphical system"; + deploy.profile.sway = lib.mkEnableOption "sway wm"; + deploy.profile.laptop = lib.mkEnableOption "lappytop"; + }; + }; + kairi = { + imports = lib.optional (builtins.pathExists ./trusted/users/kairi) (import ./trusted/users/kairi); + + options = { + deploy.profile.gui = lib.mkEnableOption "graphical system"; + deploy.profile.fvwm = lib.mkEnableOption "fvwm"; + deploy.profile.laptop = lib.mkEnableOption "lappytop"; + }; + }; + }; + }; + }; +} diff --git a/profiles/common/access.nix b/config/profiles/common/access.nix similarity index 100% rename from profiles/common/access.nix rename to config/profiles/common/access.nix diff --git a/profiles/common/base16.nix b/config/profiles/common/base16.nix similarity index 100% rename from profiles/common/base16.nix rename to config/profiles/common/base16.nix diff --git a/profiles/common/default.nix b/config/profiles/common/default.nix similarity index 100% rename from profiles/common/default.nix rename to config/profiles/common/default.nix diff --git a/profiles/common/locale.nix b/config/profiles/common/locale.nix similarity index 100% rename from profiles/common/locale.nix rename to config/profiles/common/locale.nix diff --git a/profiles/common/net.nix b/config/profiles/common/net.nix similarity index 100% rename from profiles/common/net.nix rename to config/profiles/common/net.nix diff --git a/profiles/common/nix.nix b/config/profiles/common/nix.nix similarity index 100% rename from profiles/common/nix.nix rename to config/profiles/common/nix.nix diff --git a/profiles/common/packages.nix b/config/profiles/common/packages.nix similarity index 100% rename from profiles/common/packages.nix rename to config/profiles/common/packages.nix diff --git a/profiles/common/secrets.nix b/config/profiles/common/secrets.nix similarity index 100% rename from profiles/common/secrets.nix rename to config/profiles/common/secrets.nix diff --git a/profiles/common/ssh.nix b/config/profiles/common/ssh.nix similarity index 100% rename from profiles/common/ssh.nix rename to config/profiles/common/ssh.nix diff --git a/profiles/common/system.nix b/config/profiles/common/system.nix similarity index 100% rename from profiles/common/system.nix rename to config/profiles/common/system.nix diff --git a/profiles/fvwm/default.nix b/config/profiles/fvwm/default.nix similarity index 100% rename from profiles/fvwm/default.nix rename to config/profiles/fvwm/default.nix diff --git a/profiles/fvwm/fvwm.nix b/config/profiles/fvwm/fvwm.nix similarity index 100% rename from profiles/fvwm/fvwm.nix rename to config/profiles/fvwm/fvwm.nix diff --git a/profiles/gui/adb.nix b/config/profiles/gui/adb.nix similarity index 100% rename from profiles/gui/adb.nix rename to config/profiles/gui/adb.nix diff --git a/profiles/gui/default.nix b/config/profiles/gui/default.nix similarity index 100% rename from profiles/gui/default.nix rename to config/profiles/gui/default.nix diff --git a/profiles/gui/dns.nix b/config/profiles/gui/dns.nix similarity index 100% rename from profiles/gui/dns.nix rename to config/profiles/gui/dns.nix diff --git a/profiles/gui/firefox.nix b/config/profiles/gui/firefox.nix similarity index 100% rename from profiles/gui/firefox.nix rename to config/profiles/gui/firefox.nix diff --git a/profiles/gui/fonts.nix b/config/profiles/gui/fonts.nix similarity index 100% rename from profiles/gui/fonts.nix rename to config/profiles/gui/fonts.nix diff --git a/profiles/gui/gpg.nix b/config/profiles/gui/gpg.nix similarity index 100% rename from profiles/gui/gpg.nix rename to config/profiles/gui/gpg.nix diff --git a/profiles/gui/mingetty.nix b/config/profiles/gui/mingetty.nix similarity index 100% rename from profiles/gui/mingetty.nix rename to config/profiles/gui/mingetty.nix diff --git a/profiles/gui/mpd.nix b/config/profiles/gui/mpd.nix similarity index 100% rename from profiles/gui/mpd.nix rename to config/profiles/gui/mpd.nix diff --git a/profiles/gui/nfs.nix b/config/profiles/gui/nfs.nix similarity index 100% rename from profiles/gui/nfs.nix rename to config/profiles/gui/nfs.nix diff --git a/profiles/gui/nix-doc.nix b/config/profiles/gui/nix-doc.nix similarity index 100% rename from profiles/gui/nix-doc.nix rename to config/profiles/gui/nix-doc.nix diff --git a/profiles/gui/nixpkgs.nix b/config/profiles/gui/nixpkgs.nix similarity index 100% rename from profiles/gui/nixpkgs.nix rename to config/profiles/gui/nixpkgs.nix diff --git a/profiles/gui/sound.nix b/config/profiles/gui/sound.nix similarity index 100% rename from profiles/gui/sound.nix rename to config/profiles/gui/sound.nix diff --git a/profiles/laptop/default.nix b/config/profiles/laptop/default.nix similarity index 100% rename from profiles/laptop/default.nix rename to config/profiles/laptop/default.nix diff --git a/profiles/laptop/light.nix b/config/profiles/laptop/light.nix similarity index 100% rename from profiles/laptop/light.nix rename to config/profiles/laptop/light.nix diff --git a/profiles/sway/default.nix b/config/profiles/sway/default.nix similarity index 100% rename from profiles/sway/default.nix rename to config/profiles/sway/default.nix diff --git a/profiles/sway/sway.nix b/config/profiles/sway/sway.nix similarity index 100% rename from profiles/sway/sway.nix rename to config/profiles/sway/sway.nix diff --git a/services/asterisk.nix b/config/services/asterisk.nix similarity index 100% rename from services/asterisk.nix rename to config/services/asterisk.nix diff --git a/services/calendar.nix b/config/services/calendar.nix similarity index 100% rename from services/calendar.nix rename to config/services/calendar.nix diff --git a/services/fail2ban.nix b/config/services/fail2ban.nix similarity index 100% rename from services/fail2ban.nix rename to config/services/fail2ban.nix diff --git a/services/gitea/default.nix b/config/services/gitea/default.nix similarity index 100% rename from services/gitea/default.nix rename to config/services/gitea/default.nix diff --git a/services/gitea/public/img/favicon.svg b/config/services/gitea/public/img/favicon.svg similarity index 100% rename from services/gitea/public/img/favicon.svg rename to config/services/gitea/public/img/favicon.svg diff --git a/services/gitea/public/img/gitea-lg.png b/config/services/gitea/public/img/gitea-lg.png similarity index 100% rename from services/gitea/public/img/gitea-lg.png rename to config/services/gitea/public/img/gitea-lg.png diff --git a/services/gitea/public/img/gitea-sm.png b/config/services/gitea/public/img/gitea-sm.png similarity index 100% rename from services/gitea/public/img/gitea-sm.png rename to config/services/gitea/public/img/gitea-sm.png diff --git a/services/gitea/templates/admin/navbar.tmpl b/config/services/gitea/templates/admin/navbar.tmpl similarity index 100% rename from services/gitea/templates/admin/navbar.tmpl rename to config/services/gitea/templates/admin/navbar.tmpl diff --git a/services/gitea/templates/custom/head.tmpl b/config/services/gitea/templates/custom/head.tmpl similarity index 100% rename from services/gitea/templates/custom/head.tmpl rename to config/services/gitea/templates/custom/head.tmpl diff --git a/services/gitea/templates/explore/navbar.tmpl b/config/services/gitea/templates/explore/navbar.tmpl similarity index 100% rename from services/gitea/templates/explore/navbar.tmpl rename to config/services/gitea/templates/explore/navbar.tmpl diff --git a/services/gitea/templates/home.tmpl b/config/services/gitea/templates/home.tmpl similarity index 100% rename from services/gitea/templates/home.tmpl rename to config/services/gitea/templates/home.tmpl diff --git a/services/gitea/templates/repo/header.tmpl b/config/services/gitea/templates/repo/header.tmpl similarity index 100% rename from services/gitea/templates/repo/header.tmpl rename to config/services/gitea/templates/repo/header.tmpl diff --git a/services/gitea/templates/repo/home.tmpl b/config/services/gitea/templates/repo/home.tmpl similarity index 100% rename from services/gitea/templates/repo/home.tmpl rename to config/services/gitea/templates/repo/home.tmpl diff --git a/services/gitea/templates/repo/settings/navbar.tmpl b/config/services/gitea/templates/repo/settings/navbar.tmpl similarity index 100% rename from services/gitea/templates/repo/settings/navbar.tmpl rename to config/services/gitea/templates/repo/settings/navbar.tmpl diff --git a/services/gitea/templates/user/dashboard/dashboard.tmpl b/config/services/gitea/templates/user/dashboard/dashboard.tmpl similarity index 100% rename from services/gitea/templates/user/dashboard/dashboard.tmpl rename to config/services/gitea/templates/user/dashboard/dashboard.tmpl diff --git a/services/gitea/templates/user/settings/navbar.tmpl b/config/services/gitea/templates/user/settings/navbar.tmpl similarity index 100% rename from services/gitea/templates/user/settings/navbar.tmpl rename to config/services/gitea/templates/user/settings/navbar.tmpl diff --git a/services/grafana.nix b/config/services/grafana.nix similarity index 100% rename from services/grafana.nix rename to config/services/grafana.nix diff --git a/services/logrotate.nix b/config/services/logrotate.nix similarity index 100% rename from services/logrotate.nix rename to config/services/logrotate.nix diff --git a/services/loki.nix b/config/services/loki.nix similarity index 100% rename from services/loki.nix rename to config/services/loki.nix diff --git a/services/mail.nix b/config/services/mail.nix similarity index 100% rename from services/mail.nix rename to config/services/mail.nix diff --git a/services/matrix.nix b/config/services/matrix.nix similarity index 100% rename from services/matrix.nix rename to config/services/matrix.nix diff --git a/services/murmur.nix b/config/services/murmur.nix similarity index 100% rename from services/murmur.nix rename to config/services/murmur.nix diff --git a/services/netdata.nix b/config/services/netdata.nix similarity index 100% rename from services/netdata.nix rename to config/services/netdata.nix diff --git a/services/nginx.nix b/config/services/nginx.nix similarity index 100% rename from services/nginx.nix rename to config/services/nginx.nix diff --git a/services/node-exporter.nix b/config/services/node-exporter.nix similarity index 100% rename from services/node-exporter.nix rename to config/services/node-exporter.nix diff --git a/services/postgres.nix b/config/services/postgres.nix similarity index 100% rename from services/postgres.nix rename to config/services/postgres.nix diff --git a/services/prometheus.nix b/config/services/prometheus.nix similarity index 100% rename from services/prometheus.nix rename to config/services/prometheus.nix diff --git a/services/promtail.nix b/config/services/promtail.nix similarity index 100% rename from services/promtail.nix rename to config/services/promtail.nix diff --git a/services/restic.nix b/config/services/restic.nix similarity index 100% rename from services/restic.nix rename to config/services/restic.nix diff --git a/services/syncplay.nix b/config/services/syncplay.nix similarity index 100% rename from services/syncplay.nix rename to config/services/syncplay.nix diff --git a/services/taskserver.nix b/config/services/taskserver.nix similarity index 100% rename from services/taskserver.nix rename to config/services/taskserver.nix diff --git a/services/bitwarden.nix b/config/services/vaultwarden.nix similarity index 97% rename from services/bitwarden.nix rename to config/services/vaultwarden.nix index dca92102..3a9a28c5 100644 --- a/services/bitwarden.nix +++ b/config/services/vaultwarden.nix @@ -9,7 +9,7 @@ }]; }; - services.bitwarden_rs = { + services.vaultwarden = { enable = true; dbBackend = "postgresql"; config = { diff --git a/services/weechat.nix b/config/services/weechat.nix similarity index 100% rename from services/weechat.nix rename to config/services/weechat.nix diff --git a/services/xmpp.nix b/config/services/xmpp.nix similarity index 100% rename from services/xmpp.nix rename to config/services/xmpp.nix diff --git a/services/zfs.nix b/config/services/zfs.nix similarity index 100% rename from services/zfs.nix rename to config/services/zfs.nix diff --git a/services/znc.nix b/config/services/znc.nix similarity index 100% rename from services/znc.nix rename to config/services/znc.nix diff --git a/config/targets/common/default.nix b/config/targets/common/default.nix new file mode 100644 index 00000000..14dc48c0 --- /dev/null +++ b/config/targets/common/default.nix @@ -0,0 +1,31 @@ +{ config, ... }: + +{ + variables.hcloud_token = { + type = "string"; + value.shellCommand = "bitw get infra/hcloud_token"; + }; + + variables.glauca_key = { + type = "string"; + value.shellCommand = "bitw get infra/rfc2136 -f username"; + }; + + variables.glauca_secret = { + type = "string"; + value.shellCommand = "bitw get infra/rfc2136 -f password"; + }; + + dns.zones."kittywit.ch." = { provider = "dns"; }; + + providers.hcloud = { inputs.token = config.variables.hcloud_token.ref; }; + + providers.dns = { + inputs.update = { + server = "ns1.as207960.net"; + key_name = config.variables.glauca_key.ref; + key_secret = config.variables.glauca_secret.ref; + key_algorithm = "hmac-sha512"; + }; + }; +} diff --git a/config/targets/default.nix b/config/targets/default.nix new file mode 100644 index 00000000..1197886d --- /dev/null +++ b/config/targets/default.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + imports = [ + ./personal + ./infra + ]; +} diff --git a/config/targets/infra/default.nix b/config/targets/infra/default.nix new file mode 100644 index 00000000..4a3b68a0 --- /dev/null +++ b/config/targets/infra/default.nix @@ -0,0 +1,7 @@ +{ config, ... }: + +{ + deploy.targets.infra = { + nodeNames = [ "athame" ]; + }; +} diff --git a/config/targets/personal/default.nix b/config/targets/personal/default.nix new file mode 100644 index 00000000..308b6930 --- /dev/null +++ b/config/targets/personal/default.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +{ + deploy.targets.personal = { + nodeNames = [ "samhain" "yule"]; + tf = { config, ... }: { + # phone (android) + variables.phone_ygg = { + type = "string"; + value.shellCommand = "bitw get infra/phone-ygg"; + }; + + dns.records.kittywitch_net_grimoire = { + tld = "kittywit.ch."; + domain = "grimoire.net"; + aaaa.address = config.variables.phone_ygg.ref; + }; + + # pi (sensors) + + variables.pi_ygg = { + type = "string"; + value.shellCommand = "bitw get infra/pi-ygg"; + }; + + dns.records.kittywitch_net_boline = { + tld = "kittywit.ch."; + domain = "boline.net"; + aaaa.address = config.variables.pi_ygg.ref; + }; + }; + }; +} diff --git a/trusted b/config/trusted similarity index 100% rename from trusted rename to config/trusted diff --git a/users/arc/default.nix b/config/users/arc/default.nix similarity index 100% rename from users/arc/default.nix rename to config/users/arc/default.nix diff --git a/users/hexchen/default.nix b/config/users/hexchen/default.nix similarity index 100% rename from users/hexchen/default.nix rename to config/users/hexchen/default.nix diff --git a/users/kairi/base.nix b/config/users/kairi/base.nix similarity index 100% rename from users/kairi/base.nix rename to config/users/kairi/base.nix diff --git a/users/kairi/base/base16.nix b/config/users/kairi/base/base16.nix similarity index 100% rename from users/kairi/base/base16.nix rename to config/users/kairi/base/base16.nix diff --git a/users/kairi/base/default.nix b/config/users/kairi/base/default.nix similarity index 100% rename from users/kairi/base/default.nix rename to config/users/kairi/base/default.nix diff --git a/users/kairi/base/git.nix b/config/users/kairi/base/git.nix similarity index 100% rename from users/kairi/base/git.nix rename to config/users/kairi/base/git.nix diff --git a/users/kairi/base/inputrc.nix b/config/users/kairi/base/inputrc.nix similarity index 100% rename from users/kairi/base/inputrc.nix rename to config/users/kairi/base/inputrc.nix diff --git a/users/kairi/base/kitty.nix b/config/users/kairi/base/kitty.nix similarity index 100% rename from users/kairi/base/kitty.nix rename to config/users/kairi/base/kitty.nix diff --git a/users/kairi/base/nano.png b/config/users/kairi/base/nano.png similarity index 100% rename from users/kairi/base/nano.png rename to config/users/kairi/base/nano.png diff --git a/users/kairi/base/packages.nix b/config/users/kairi/base/packages.nix similarity index 100% rename from users/kairi/base/packages.nix rename to config/users/kairi/base/packages.nix diff --git a/users/kairi/base/rink.nix b/config/users/kairi/base/rink.nix similarity index 100% rename from users/kairi/base/rink.nix rename to config/users/kairi/base/rink.nix diff --git a/users/kairi/base/secrets.nix b/config/users/kairi/base/secrets.nix similarity index 100% rename from users/kairi/base/secrets.nix rename to config/users/kairi/base/secrets.nix diff --git a/users/kairi/base/ssh.nix b/config/users/kairi/base/ssh.nix similarity index 100% rename from users/kairi/base/ssh.nix rename to config/users/kairi/base/ssh.nix diff --git a/users/kairi/base/tmux.nix b/config/users/kairi/base/tmux.nix similarity index 100% rename from users/kairi/base/tmux.nix rename to config/users/kairi/base/tmux.nix diff --git a/users/kairi/base/vim/default.nix b/config/users/kairi/base/vim/default.nix similarity index 100% rename from users/kairi/base/vim/default.nix rename to config/users/kairi/base/vim/default.nix diff --git a/users/kairi/base/vim/vimrc.nix b/config/users/kairi/base/vim/vimrc.nix similarity index 100% rename from users/kairi/base/vim/vimrc.nix rename to config/users/kairi/base/vim/vimrc.nix diff --git a/users/kairi/base/weechat.nix b/config/users/kairi/base/weechat.nix similarity index 100% rename from users/kairi/base/weechat.nix rename to config/users/kairi/base/weechat.nix diff --git a/users/kairi/base/xdg.nix b/config/users/kairi/base/xdg.nix similarity index 100% rename from users/kairi/base/xdg.nix rename to config/users/kairi/base/xdg.nix diff --git a/users/kairi/base/zsh.nix b/config/users/kairi/base/zsh.nix similarity index 100% rename from users/kairi/base/zsh.nix rename to config/users/kairi/base/zsh.nix diff --git a/users/kairi/default.nix b/config/users/kairi/default.nix similarity index 100% rename from users/kairi/default.nix rename to config/users/kairi/default.nix diff --git a/users/kairi/dev.nix b/config/users/kairi/dev.nix similarity index 100% rename from users/kairi/dev.nix rename to config/users/kairi/dev.nix diff --git a/users/kairi/dev/cookiecutter.nix b/config/users/kairi/dev/cookiecutter.nix similarity index 100% rename from users/kairi/dev/cookiecutter.nix rename to config/users/kairi/dev/cookiecutter.nix diff --git a/users/kairi/dev/default.nix b/config/users/kairi/dev/default.nix similarity index 100% rename from users/kairi/dev/default.nix rename to config/users/kairi/dev/default.nix diff --git a/users/kairi/dev/packages.nix b/config/users/kairi/dev/packages.nix similarity index 100% rename from users/kairi/dev/packages.nix rename to config/users/kairi/dev/packages.nix diff --git a/users/kairi/fvwm.nix b/config/users/kairi/fvwm.nix similarity index 100% rename from users/kairi/fvwm.nix rename to config/users/kairi/fvwm.nix diff --git a/users/kairi/fvwm/default.nix b/config/users/kairi/fvwm/default.nix similarity index 100% rename from users/kairi/fvwm/default.nix rename to config/users/kairi/fvwm/default.nix diff --git a/users/kairi/gui.nix b/config/users/kairi/gui.nix similarity index 100% rename from users/kairi/gui.nix rename to config/users/kairi/gui.nix diff --git a/users/kairi/gui/default.nix b/config/users/kairi/gui/default.nix similarity index 100% rename from users/kairi/gui/default.nix rename to config/users/kairi/gui/default.nix diff --git a/users/kairi/gui/firefox/default.nix b/config/users/kairi/gui/firefox/default.nix similarity index 100% rename from users/kairi/gui/firefox/default.nix rename to config/users/kairi/gui/firefox/default.nix diff --git a/users/kairi/gui/firefox/userChrome.css.nix b/config/users/kairi/gui/firefox/userChrome.css.nix similarity index 100% rename from users/kairi/gui/firefox/userChrome.css.nix rename to config/users/kairi/gui/firefox/userChrome.css.nix diff --git a/users/kairi/gui/foot.nix b/config/users/kairi/gui/foot.nix similarity index 100% rename from users/kairi/gui/foot.nix rename to config/users/kairi/gui/foot.nix diff --git a/users/kairi/gui/gtk.nix b/config/users/kairi/gui/gtk.nix similarity index 100% rename from users/kairi/gui/gtk.nix rename to config/users/kairi/gui/gtk.nix diff --git a/users/kairi/gui/kitty.nix b/config/users/kairi/gui/kitty.nix similarity index 100% rename from users/kairi/gui/kitty.nix rename to config/users/kairi/gui/kitty.nix diff --git a/users/kairi/gui/packages.nix b/config/users/kairi/gui/packages.nix similarity index 100% rename from users/kairi/gui/packages.nix rename to config/users/kairi/gui/packages.nix diff --git a/users/kairi/gui/ranger.nix b/config/users/kairi/gui/ranger.nix similarity index 100% rename from users/kairi/gui/ranger.nix rename to config/users/kairi/gui/ranger.nix diff --git a/users/kairi/gui/wezterm.nix b/config/users/kairi/gui/wezterm.nix similarity index 100% rename from users/kairi/gui/wezterm.nix rename to config/users/kairi/gui/wezterm.nix diff --git a/users/kairi/gui/xdg.nix b/config/users/kairi/gui/xdg.nix similarity index 100% rename from users/kairi/gui/xdg.nix rename to config/users/kairi/gui/xdg.nix diff --git a/users/kairi/media.nix b/config/users/kairi/media.nix similarity index 100% rename from users/kairi/media.nix rename to config/users/kairi/media.nix diff --git a/users/kairi/media/beets.nix b/config/users/kairi/media/beets.nix similarity index 100% rename from users/kairi/media/beets.nix rename to config/users/kairi/media/beets.nix diff --git a/users/kairi/media/default.nix b/config/users/kairi/media/default.nix similarity index 100% rename from users/kairi/media/default.nix rename to config/users/kairi/media/default.nix diff --git a/users/kairi/media/mpd.nix b/config/users/kairi/media/mpd.nix similarity index 100% rename from users/kairi/media/mpd.nix rename to config/users/kairi/media/mpd.nix diff --git a/users/kairi/media/mpv.nix b/config/users/kairi/media/mpv.nix similarity index 100% rename from users/kairi/media/mpv.nix rename to config/users/kairi/media/mpv.nix diff --git a/users/kairi/media/ncmpcpp.nix b/config/users/kairi/media/ncmpcpp.nix similarity index 100% rename from users/kairi/media/ncmpcpp.nix rename to config/users/kairi/media/ncmpcpp.nix diff --git a/users/kairi/media/obs.nix b/config/users/kairi/media/obs.nix similarity index 100% rename from users/kairi/media/obs.nix rename to config/users/kairi/media/obs.nix diff --git a/users/kairi/media/packages.nix b/config/users/kairi/media/packages.nix similarity index 100% rename from users/kairi/media/packages.nix rename to config/users/kairi/media/packages.nix diff --git a/users/kairi/media/syncplay.nix b/config/users/kairi/media/syncplay.nix similarity index 100% rename from users/kairi/media/syncplay.nix rename to config/users/kairi/media/syncplay.nix diff --git a/users/kairi/personal.nix b/config/users/kairi/personal.nix similarity index 100% rename from users/kairi/personal.nix rename to config/users/kairi/personal.nix diff --git a/users/kairi/personal/default.nix b/config/users/kairi/personal/default.nix similarity index 100% rename from users/kairi/personal/default.nix rename to config/users/kairi/personal/default.nix diff --git a/users/kairi/personal/gpg.nix b/config/users/kairi/personal/gpg.nix similarity index 100% rename from users/kairi/personal/gpg.nix rename to config/users/kairi/personal/gpg.nix diff --git a/users/kairi/personal/packages.nix b/config/users/kairi/personal/packages.nix similarity index 100% rename from users/kairi/personal/packages.nix rename to config/users/kairi/personal/packages.nix diff --git a/users/kairi/sway.nix b/config/users/kairi/sway.nix similarity index 100% rename from users/kairi/sway.nix rename to config/users/kairi/sway.nix diff --git a/users/kairi/sway/default.nix b/config/users/kairi/sway/default.nix similarity index 100% rename from users/kairi/sway/default.nix rename to config/users/kairi/sway/default.nix diff --git a/users/kairi/sway/gammastep.nix b/config/users/kairi/sway/gammastep.nix similarity index 100% rename from users/kairi/sway/gammastep.nix rename to config/users/kairi/sway/gammastep.nix diff --git a/users/kairi/sway/konawall.nix b/config/users/kairi/sway/konawall.nix similarity index 100% rename from users/kairi/sway/konawall.nix rename to config/users/kairi/sway/konawall.nix diff --git a/users/kairi/sway/mako.nix b/config/users/kairi/sway/mako.nix similarity index 100% rename from users/kairi/sway/mako.nix rename to config/users/kairi/sway/mako.nix diff --git a/users/kairi/sway/packages.nix b/config/users/kairi/sway/packages.nix similarity index 100% rename from users/kairi/sway/packages.nix rename to config/users/kairi/sway/packages.nix diff --git a/users/kairi/sway/sway.nix b/config/users/kairi/sway/sway.nix similarity index 100% rename from users/kairi/sway/sway.nix rename to config/users/kairi/sway/sway.nix diff --git a/users/kairi/sway/wallpapers/left.jpg b/config/users/kairi/sway/wallpapers/left.jpg similarity index 100% rename from users/kairi/sway/wallpapers/left.jpg rename to config/users/kairi/sway/wallpapers/left.jpg diff --git a/users/kairi/sway/wallpapers/main.png b/config/users/kairi/sway/wallpapers/main.png similarity index 100% rename from users/kairi/sway/wallpapers/main.png rename to config/users/kairi/sway/wallpapers/main.png diff --git a/users/kairi/sway/wallpapers/right.jpg b/config/users/kairi/sway/wallpapers/right.jpg similarity index 100% rename from users/kairi/sway/wallpapers/right.jpg rename to config/users/kairi/sway/wallpapers/right.jpg diff --git a/users/kairi/sway/waybar/default.nix b/config/users/kairi/sway/waybar/default.nix similarity index 100% rename from users/kairi/sway/waybar/default.nix rename to config/users/kairi/sway/waybar/default.nix diff --git a/users/kairi/sway/waybar/waybar.css.nix b/config/users/kairi/sway/waybar/waybar.css.nix similarity index 100% rename from users/kairi/sway/waybar/waybar.css.nix rename to config/users/kairi/sway/waybar/waybar.css.nix diff --git a/users/kat/base.nix b/config/users/kat/base.nix similarity index 100% rename from users/kat/base.nix rename to config/users/kat/base.nix diff --git a/users/kat/base/base16.nix b/config/users/kat/base/base16.nix similarity index 100% rename from users/kat/base/base16.nix rename to config/users/kat/base/base16.nix diff --git a/users/kat/base/default.nix b/config/users/kat/base/default.nix similarity index 100% rename from users/kat/base/default.nix rename to config/users/kat/base/default.nix diff --git a/users/kat/base/git.nix b/config/users/kat/base/git.nix similarity index 100% rename from users/kat/base/git.nix rename to config/users/kat/base/git.nix diff --git a/users/kat/base/inputrc.nix b/config/users/kat/base/inputrc.nix similarity index 100% rename from users/kat/base/inputrc.nix rename to config/users/kat/base/inputrc.nix diff --git a/users/kat/base/kitty.nix b/config/users/kat/base/kitty.nix similarity index 100% rename from users/kat/base/kitty.nix rename to config/users/kat/base/kitty.nix diff --git a/users/kat/base/nano.png b/config/users/kat/base/nano.png similarity index 100% rename from users/kat/base/nano.png rename to config/users/kat/base/nano.png diff --git a/users/kat/base/packages.nix b/config/users/kat/base/packages.nix similarity index 100% rename from users/kat/base/packages.nix rename to config/users/kat/base/packages.nix diff --git a/users/kat/base/rink.nix b/config/users/kat/base/rink.nix similarity index 100% rename from users/kat/base/rink.nix rename to config/users/kat/base/rink.nix diff --git a/users/kat/base/secrets.nix b/config/users/kat/base/secrets.nix similarity index 100% rename from users/kat/base/secrets.nix rename to config/users/kat/base/secrets.nix diff --git a/users/kat/base/ssh.nix b/config/users/kat/base/ssh.nix similarity index 100% rename from users/kat/base/ssh.nix rename to config/users/kat/base/ssh.nix diff --git a/users/kat/base/tmux.nix b/config/users/kat/base/tmux.nix similarity index 100% rename from users/kat/base/tmux.nix rename to config/users/kat/base/tmux.nix diff --git a/users/kat/base/vim/default.nix b/config/users/kat/base/vim/default.nix similarity index 100% rename from users/kat/base/vim/default.nix rename to config/users/kat/base/vim/default.nix diff --git a/users/kat/base/vim/vimrc.nix b/config/users/kat/base/vim/vimrc.nix similarity index 100% rename from users/kat/base/vim/vimrc.nix rename to config/users/kat/base/vim/vimrc.nix diff --git a/users/kat/base/weechat.nix b/config/users/kat/base/weechat.nix similarity index 100% rename from users/kat/base/weechat.nix rename to config/users/kat/base/weechat.nix diff --git a/users/kat/base/xdg.nix b/config/users/kat/base/xdg.nix similarity index 100% rename from users/kat/base/xdg.nix rename to config/users/kat/base/xdg.nix diff --git a/users/kat/base/zsh.nix b/config/users/kat/base/zsh.nix similarity index 100% rename from users/kat/base/zsh.nix rename to config/users/kat/base/zsh.nix diff --git a/users/kat/default.nix b/config/users/kat/default.nix similarity index 100% rename from users/kat/default.nix rename to config/users/kat/default.nix diff --git a/users/kat/dev.nix b/config/users/kat/dev.nix similarity index 100% rename from users/kat/dev.nix rename to config/users/kat/dev.nix diff --git a/users/kat/dev/cookiecutter.nix b/config/users/kat/dev/cookiecutter.nix similarity index 100% rename from users/kat/dev/cookiecutter.nix rename to config/users/kat/dev/cookiecutter.nix diff --git a/users/kat/dev/default.nix b/config/users/kat/dev/default.nix similarity index 100% rename from users/kat/dev/default.nix rename to config/users/kat/dev/default.nix diff --git a/users/kat/dev/packages.nix b/config/users/kat/dev/packages.nix similarity index 100% rename from users/kat/dev/packages.nix rename to config/users/kat/dev/packages.nix diff --git a/users/kat/gui.nix b/config/users/kat/gui.nix similarity index 100% rename from users/kat/gui.nix rename to config/users/kat/gui.nix diff --git a/users/kat/gui/default.nix b/config/users/kat/gui/default.nix similarity index 100% rename from users/kat/gui/default.nix rename to config/users/kat/gui/default.nix diff --git a/users/kat/gui/firefox/default.nix b/config/users/kat/gui/firefox/default.nix similarity index 100% rename from users/kat/gui/firefox/default.nix rename to config/users/kat/gui/firefox/default.nix diff --git a/users/kat/gui/firefox/userChrome.css.nix b/config/users/kat/gui/firefox/userChrome.css.nix similarity index 100% rename from users/kat/gui/firefox/userChrome.css.nix rename to config/users/kat/gui/firefox/userChrome.css.nix diff --git a/users/kat/gui/foot.nix b/config/users/kat/gui/foot.nix similarity index 100% rename from users/kat/gui/foot.nix rename to config/users/kat/gui/foot.nix diff --git a/users/kat/gui/gtk.nix b/config/users/kat/gui/gtk.nix similarity index 100% rename from users/kat/gui/gtk.nix rename to config/users/kat/gui/gtk.nix diff --git a/users/kat/gui/kitty.nix b/config/users/kat/gui/kitty.nix similarity index 100% rename from users/kat/gui/kitty.nix rename to config/users/kat/gui/kitty.nix diff --git a/users/kat/gui/packages.nix b/config/users/kat/gui/packages.nix similarity index 100% rename from users/kat/gui/packages.nix rename to config/users/kat/gui/packages.nix diff --git a/users/kat/gui/ranger.nix b/config/users/kat/gui/ranger.nix similarity index 100% rename from users/kat/gui/ranger.nix rename to config/users/kat/gui/ranger.nix diff --git a/users/kat/gui/wezterm.nix b/config/users/kat/gui/wezterm.nix similarity index 100% rename from users/kat/gui/wezterm.nix rename to config/users/kat/gui/wezterm.nix diff --git a/users/kat/gui/xdg.nix b/config/users/kat/gui/xdg.nix similarity index 100% rename from users/kat/gui/xdg.nix rename to config/users/kat/gui/xdg.nix diff --git a/users/kat/media.nix b/config/users/kat/media.nix similarity index 100% rename from users/kat/media.nix rename to config/users/kat/media.nix diff --git a/users/kat/media/beets.nix b/config/users/kat/media/beets.nix similarity index 100% rename from users/kat/media/beets.nix rename to config/users/kat/media/beets.nix diff --git a/users/kat/media/default.nix b/config/users/kat/media/default.nix similarity index 100% rename from users/kat/media/default.nix rename to config/users/kat/media/default.nix diff --git a/users/kat/media/mpd.nix b/config/users/kat/media/mpd.nix similarity index 100% rename from users/kat/media/mpd.nix rename to config/users/kat/media/mpd.nix diff --git a/users/kat/media/mpv.nix b/config/users/kat/media/mpv.nix similarity index 100% rename from users/kat/media/mpv.nix rename to config/users/kat/media/mpv.nix diff --git a/users/kat/media/ncmpcpp.nix b/config/users/kat/media/ncmpcpp.nix similarity index 100% rename from users/kat/media/ncmpcpp.nix rename to config/users/kat/media/ncmpcpp.nix diff --git a/users/kat/media/obs.nix b/config/users/kat/media/obs.nix similarity index 100% rename from users/kat/media/obs.nix rename to config/users/kat/media/obs.nix diff --git a/users/kat/media/packages.nix b/config/users/kat/media/packages.nix similarity index 100% rename from users/kat/media/packages.nix rename to config/users/kat/media/packages.nix diff --git a/users/kat/media/syncplay.nix b/config/users/kat/media/syncplay.nix similarity index 100% rename from users/kat/media/syncplay.nix rename to config/users/kat/media/syncplay.nix diff --git a/users/kat/personal.nix b/config/users/kat/personal.nix similarity index 100% rename from users/kat/personal.nix rename to config/users/kat/personal.nix diff --git a/users/kat/personal/default.nix b/config/users/kat/personal/default.nix similarity index 100% rename from users/kat/personal/default.nix rename to config/users/kat/personal/default.nix diff --git a/users/kat/personal/gpg.nix b/config/users/kat/personal/gpg.nix similarity index 100% rename from users/kat/personal/gpg.nix rename to config/users/kat/personal/gpg.nix diff --git a/users/kat/personal/packages.nix b/config/users/kat/personal/packages.nix similarity index 100% rename from users/kat/personal/packages.nix rename to config/users/kat/personal/packages.nix diff --git a/users/kat/sway.nix b/config/users/kat/sway.nix similarity index 100% rename from users/kat/sway.nix rename to config/users/kat/sway.nix diff --git a/users/kat/sway/default.nix b/config/users/kat/sway/default.nix similarity index 100% rename from users/kat/sway/default.nix rename to config/users/kat/sway/default.nix diff --git a/users/kat/sway/gammastep.nix b/config/users/kat/sway/gammastep.nix similarity index 100% rename from users/kat/sway/gammastep.nix rename to config/users/kat/sway/gammastep.nix diff --git a/users/kat/sway/konawall.nix b/config/users/kat/sway/konawall.nix similarity index 100% rename from users/kat/sway/konawall.nix rename to config/users/kat/sway/konawall.nix diff --git a/users/kat/sway/mako.nix b/config/users/kat/sway/mako.nix similarity index 100% rename from users/kat/sway/mako.nix rename to config/users/kat/sway/mako.nix diff --git a/users/kat/sway/packages.nix b/config/users/kat/sway/packages.nix similarity index 100% rename from users/kat/sway/packages.nix rename to config/users/kat/sway/packages.nix diff --git a/users/kat/sway/sway.nix b/config/users/kat/sway/sway.nix similarity index 100% rename from users/kat/sway/sway.nix rename to config/users/kat/sway/sway.nix diff --git a/users/kat/sway/wallpapers/left.jpg b/config/users/kat/sway/wallpapers/left.jpg similarity index 100% rename from users/kat/sway/wallpapers/left.jpg rename to config/users/kat/sway/wallpapers/left.jpg diff --git a/users/kat/sway/wallpapers/main.png b/config/users/kat/sway/wallpapers/main.png similarity index 100% rename from users/kat/sway/wallpapers/main.png rename to config/users/kat/sway/wallpapers/main.png diff --git a/users/kat/sway/wallpapers/right.jpg b/config/users/kat/sway/wallpapers/right.jpg similarity index 100% rename from users/kat/sway/wallpapers/right.jpg rename to config/users/kat/sway/wallpapers/right.jpg diff --git a/users/kat/sway/waybar/default.nix b/config/users/kat/sway/waybar/default.nix similarity index 98% rename from users/kat/sway/waybar/default.nix rename to config/users/kat/sway/waybar/default.nix index 3366ea91..5ff6ff5f 100644 --- a/users/kat/sway/waybar/default.nix +++ b/config/users/kat/sway/waybar/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, witch, ... }: +{ config, lib, pkgs, ... }: let base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}") @@ -15,7 +15,7 @@ in enable = true; style = import ./waybar.css.nix { inherit font base16; - inherit (pkgs) hextorgba; + inherit (lib) hextorgba; }; settings = [{ modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ]; diff --git a/users/kat/sway/waybar/waybar.css.nix b/config/users/kat/sway/waybar/waybar.css.nix similarity index 100% rename from users/kat/sway/waybar/waybar.css.nix rename to config/users/kat/sway/waybar/waybar.css.nix diff --git a/default.nix b/default.nix index f2a2a85a..030135c9 100644 --- a/default.nix +++ b/default.nix @@ -1,36 +1,54 @@ -rec { +let sources = import ./nix/sources.nix; pkgs = import ./pkgs { inherit sources; }; - modList = import ./lib/modules.nix; - - profiles = modList { - modulesDir = ./profiles; - }; - - users = modList { modulesDir = ./users; }; - - inherit (import ./lib/hosts.nix { - inherit pkgs sources profiles users; - inherit (deploy) target; - }) hosts targets; - inherit (pkgs) lib; - runners = import ./runners.nix { inherit lib; inherit (deploy) target; }; + profiles = lib.modList { + modulesDir = ./config/profiles; + }; + + users = lib.modList { + modulesDir = ./config/users; + }; + + metaConfig = { ... }: { + config = { + runners = { + lazy = { + file = ./.; + args = [ "--show-trace" ]; + }; + }; + _module.args = { + pkgs = lib.mkDefault pkgs; + }; + }; + }; + + eval = lib.evalModules { + modules = [ + metaConfig + ./config/targets + ./config/modules/meta/default.nix + ./config/hosts/athame/meta.nix + ./config/hosts/samhain/meta.nix + ./config/hosts/yule/meta.nix + ]; + specialArgs = { + inherit sources profiles users; + }; + }; + inherit (eval) config; + sourceCache = with lib; let - getSources = sources: removeAttrs sources [ "__functor" "dorkfiles" ]; + getSources = sources: removeAttrs sources [ "__functor" ]; #"dorkfiles" ]; source2drv = value: if isDerivation value.outPath then value.outPath else value; sources2drvs = sources: mapAttrs (_: source2drv) (getSources sources); in recurseIntoAttrs rec { local = sources2drvs sources; - hexchen = sources2drvs (import sources.hexchen {}).sources; - all = attrValues local ++ attrValues hexchen; + #hexchen = sources2drvs (import sources.hexchen {}).sources; + all = attrValues local; #++ attrValues hexchen; allStr = toString all; }; - - deploy = import ./lib/deploy.nix { - inherit pkgs sources; - inherit hosts targets; - }; -} +in config // { inherit pkgs sourceCache sources; } diff --git a/hosts/dummy/home/default.nix b/hosts/dummy/home/default.nix deleted file mode 100644 index 88d8a3b6..00000000 --- a/hosts/dummy/home/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ } diff --git a/hosts/samhain/meta.nix b/hosts/samhain/meta.nix deleted file mode 100644 index 53d2ee81..00000000 --- a/hosts/samhain/meta.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, hosts, ... }: { - config = { - resources.samhain = { - provider = "null"; - type = "resource"; - connection = { - port = 62954; - host = "192.168.1.135"; - }; - }; - }; -} diff --git a/hosts/yule/meta.nix b/hosts/yule/meta.nix deleted file mode 100644 index c7544f33..00000000 --- a/hosts/yule/meta.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, hosts, ... }: { - config = { - resources.yule = { - provider = "null"; - type = "resource"; - connection = { - port = 62954; - host = "192.168.1.92"; - }; - }; - }; -} diff --git a/lib/deploy.nix b/lib/deploy.nix deleted file mode 100644 index 678dfd1d..00000000 --- a/lib/deploy.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ pkgs, hosts, sources, targets }: - -with pkgs.lib; - -let - pkgsModule = { ... }: { config._module.args = { pkgs = mkDefault pkgs; }; }; - - configExtension = { ... }: { - options.terraform.baseDir = mkOption { - type = types.path; - }; - }; - - tfEval = config: - (evalModules { - modules = [ pkgsModule (sources.tf-nix + "/modules") configExtension ] ++ toList config; - specialArgs = { inherit hosts; }; - }).config; - - tf = { targetName ? null, target ? [] }: - tfEval ({ config, ... }: { - imports = optional (builtins.pathExists ../trusted/tf) (import ../trusted/tf/meta.nix) - ++ flatten (map (hostName: optional (builtins.pathExists (../hosts + "/${hostName}/meta.nix")) (../hosts + "/${hostName}/meta.nix")) target) ++ [{ - config = mkMerge (map - (hostName: - mapAttrs (_: mkMerge) hosts.${hostName}.config.deploy.tf.out.set) - target); - }] ++ optional - (targetName != null && builtins.pathExists (../trusted/targets + "/${targetName}")) - (../trusted/targets + "/${targetName}") - ++ optional (targetName != null && builtins.pathExists (../targets + "/${targetName}")) - (../targets + "/${targetName}") ++ concatMap - (hostName: - filter builtins.pathExists - (map (profile: ../profiles + "/${profile}/meta.nix") (attrNames - (filterAttrs (_: id) hosts.${hostName}.config.deploy.profile)))) - target; - - deps = { - select.allProviders = true; - enable = true; - }; - - terraform.version = "0.15"; - - runners = { - lazy = { - file = ../.; - args = [ "--show-trace" ]; - attrPrefix = - let attr = if targetName != null then "target.${targetName}" else "tf"; - in "deploy.${attr}.runners.run."; - }; - run = { - apply.name = if targetName != null then "${targetName}-apply" else "tf-apply"; - }; - }; - - variables.hcloud_token = { - type = "string"; - value.shellCommand = "bitw get infra/hcloud_token"; - }; - - variables.glauca_key = { - type = "string"; - value.shellCommand = "bitw get infra/rfc2136 -f username"; - }; - - variables.glauca_secret = { - type = "string"; - value.shellCommand = "bitw get infra/rfc2136 -f password"; - }; - - dns.zones."kittywit.ch." = { provider = "dns"; }; - - providers.hcloud = { inputs.token = config.variables.hcloud_token.ref; }; - - providers.dns = { - inputs.update = { - server = "ns1.as207960.net"; - key_name = config.variables.glauca_key.ref; - key_secret = config.variables.glauca_secret.ref; - key_algorithm = "hmac-sha512"; - }; - }; - - _module.args = { - inherit targetName; - }; - }); -in -{ - inherit tf; - target = - mapAttrs (targetName: target: tf { inherit target targetName; }) targets; -} diff --git a/lib/hosts.nix b/lib/hosts.nix deleted file mode 100644 index a9591d79..00000000 --- a/lib/hosts.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ pkgs -, target -, users -, hostsDir ? ../hosts -, profiles -, pkgsPath ? ../pkgs -, sources ? { } -, system ? builtins.currentSystem -}: - -with pkgs.lib; - -rec { - baseModules = import (pkgs.path + "/nixos/modules/module-list.nix"); - - hostNames = attrNames - (filterAttrs (name: type: type == "directory") (builtins.readDir hostsDir)); - - hostConfig = hostName: - { config, ... }: { - _module.args = { inherit hosts targets; }; - imports = [ ../nixos.nix ../modules/nixos ]; - networking = { inherit hostName; }; - nixpkgs.pkgs = pkgs; - }; - - hosts = listToAttrs (map - (hostName: - nameValuePair hostName (evalModules { - modules = baseModules ++ [ - (hostConfig hostName) - ({ config, ... }: { - config._module.args.pkgs = pkgs; - config.nixpkgs.system = mkDefault system; - config.nixpkgs.initialSystem = system; - }) - (if sources ? home-manager then - sources.home-manager + "/nixos" - else - { }) - ]; - args = { - inherit baseModules modules; - }; - specialArgs = { - modulesPath = builtins.toString pkgs.path + "/nixos/modules"; - inherit sources target profiles hostName users; - }; - })) - hostNames); - - targets = filterAttrs (targetName: _: targetName != "") (foldAttrs (host: hosts: [ host ] ++ hosts) [ ] (mapAttrsToList - (hostName: host: { ${host.config.deploy.target} = hostName; }) - hosts)); -} diff --git a/lib/unused b/lib/unused deleted file mode 100644 index dc24ce76..00000000 --- a/lib/unused +++ /dev/null @@ -1,23 +0,0 @@ - athame-testing = { - provider = "hcloud"; - type = "server"; - inputs = { - name = "athame-testing"; - image = "ubuntu-20.04"; - server_type = "cpx21"; - location = "nbg1"; - backups = false; - ssh_keys = [ (hcloud_ssh_key.refAttr "id") ]; - }; - connection = { host = config.lib.tf.terraformSelf "ipv4_address"; }; - provisioners = [ - { - remote-exec.command = - "curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NO_REBOOT=true PROVIDER=hetznercloud NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log"; - } - { - remote-exec.command = "reboot"; - onFailure = "continue"; - } - ]; - }; diff --git a/nix/sources.json b/nix/sources.json index 019b70bf..6454398f 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -5,10 +5,10 @@ "homepage": "https://arcnmx.github.io/ci", "owner": "arcnmx", "repo": "ci", - "rev": "c34c3de2ffb5d8d068d85fd02a0f358bfddfa722", - "sha256": "1igyr3k9sc2fp4fgvq4bnk3xf3ax05j7x42qx8f89g586m6va877", + "rev": "c2580711780633aadd3626a1b4ce66c35bb9c3d9", + "sha256": "0xbxr7wlwzlpkvw4j3yvgcg47nmy01h65wmjr65h4x16n4xdzvaf", "type": "tarball", - "url": "https://github.com/arcnmx/ci/archive/c34c3de2ffb5d8d068d85fd02a0f358bfddfa722.tar.gz", + "url": "https://github.com/arcnmx/ci/archive/c2580711780633aadd3626a1b4ce66c35bb9c3d9.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "hexchen": { @@ -29,10 +29,10 @@ "homepage": "https://nix-community.github.io/home-manager/", "owner": "nix-community", "repo": "home-manager", - "rev": "ac319fd3149b23a3ad8ee24cb2def6e67acf194c", - "sha256": "0yicwddxlp5bzaklmjfglm5y5xiyqrp4mg70g5x49832nvwclw2s", + "rev": "97d183e2e466808f5d7cd1c838815bedd88f37fe", + "sha256": "1h24illqvxymyjxr4bym11g3bgwd5ni7dhniisq829phbq11xbl6", "type": "tarball", - "url": "https://github.com/nix-community/home-manager/archive/ac319fd3149b23a3ad8ee24cb2def6e67acf194c.tar.gz", + "url": "https://github.com/nix-community/home-manager/archive/97d183e2e466808f5d7cd1c838815bedd88f37fe.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "niv": { @@ -53,10 +53,10 @@ "homepage": null, "owner": "arcnmx", "repo": "nixexprs", - "rev": "d093ea9917e888b11e67933a63681d850cd38666", - "sha256": "03l50ps15qdgw6a9g18jw3rrjyyccwifwqzr7vk1xk477knl734m", + "rev": "cc433f9aab8bb2ff6941fc88cdd2184a398649ce", + "sha256": "08lsypc8y5lxmyc7wjsk9nqyah3b4k8llrdmjxba2sp8q84zy6dg", "type": "tarball", - "url": "https://github.com/arcnmx/nixexprs/archive/d093ea9917e888b11e67933a63681d850cd38666.tar.gz", + "url": "https://github.com/arcnmx/nixexprs/archive/cc433f9aab8bb2ff6941fc88cdd2184a398649ce.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixos-mailserver": { @@ -75,10 +75,10 @@ "homepage": "", "owner": "nixos", "repo": "nixpkgs", - "rev": "09c38c29f2c719cd76ca17a596c2fdac9e186ceb", - "sha256": "0i6kcs0zxwfaflcg6wfkwcinfnilkxlb6ad29v01bkhg6asl6ihf", + "rev": "20887e4bbfdae3aed6bfa1f53ddf138ee325515e", + "sha256": "0hc79sv59appb7bynz5bzyqvrapyjdq63s79i649vxl93504kmnv", "type": "tarball", - "url": "https://github.com/nixos/nixpkgs/archive/09c38c29f2c719cd76ca17a596c2fdac9e186ceb.tar.gz", + "url": "https://github.com/nixos/nixpkgs/archive/20887e4bbfdae3aed6bfa1f53ddf138ee325515e.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nur": { @@ -87,10 +87,10 @@ "homepage": "https://nur.nix-community.org/", "owner": "nix-community", "repo": "NUR", - "rev": "3a2ab4a91c7fc7f6e3519e3091cb589db3d063ca", - "sha256": "1y2vb526b7xxa2520kfldfkn2i8w5p3rywnnr29bghsd045smpz5", + "rev": "68fd66ce33271f85fa7dc926f1f10b78c24bfc67", + "sha256": "0i4gnvs1lrff4b4ppsn54qrn80ksclfwayij37ypv4004bhn53my", "type": "tarball", - "url": "https://github.com/nix-community/NUR/archive/3a2ab4a91c7fc7f6e3519e3091cb589db3d063ca.tar.gz", + "url": "https://github.com/nix-community/NUR/archive/68fd66ce33271f85fa7dc926f1f10b78c24bfc67.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "tf-nix": { diff --git a/nixos.nix b/nixos.nix deleted file mode 100644 index 5a450e36..00000000 --- a/nixos.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ pkgs, config, lib, sources, tf, witch, options, profiles, hostName, ... }: - -{ - - imports = - [ (import (./hosts + "/${hostName}/nixos")) profiles.common ] - # trusted check - ++ lib.optional (builtins.pathExists (./trusted/hosts + "/${hostName}/nixos")) (import (./trusted/hosts + "/${hostName}/nixos")) - # trusted default check - ++ lib.optional (builtins.pathExists ./trusted/hosts) (import ./trusted/hosts) - # trusted profile check - ++ lib.optional (builtins.pathExists ./trusted/profile) (import ./trusted/profile); - - options = { - deploy.profile.gui = lib.mkEnableOption "graphical system"; - deploy.profile.fvwm = lib.mkEnableOption "fvwm"; - deploy.profile.sway = lib.mkEnableOption "sway wm"; - deploy.profile.laptop = lib.mkEnableOption "lappytop"; - }; - - options.home-manager.users = lib.mkOption { - type = lib.types.attrsOf (lib.types.submoduleWith { - modules = [ ./modules/home ]; - specialArgs = { - inherit sources witch hostName tf; - superConfig = config; - modulesPath = sources.home-manager + "/modules"; - }; - }); - }; - - config = { - home-manager = { - - useUserPackages = true; - useGlobalPkgs = true; - - users = { - kat = { - imports = lib.optional (builtins.pathExists (./hosts + "/${hostName}/home")) (import (./hosts + "/${hostName}/home")) - # trusted hosts check - ++ lib.optional (builtins.pathExists (./trusted/hosts + "/${hostName}/home")) (import (./trusted/hosts + "/${hostName}/home")) - # trusted user kat check - ++ lib.optional (builtins.pathExists ./trusted/users/kat) (import ./trusted/users/kat); - - options = { - deploy.profile.gui = lib.mkEnableOption "graphical system"; - deploy.profile.sway = lib.mkEnableOption "sway wm"; - deploy.profile.laptop = lib.mkEnableOption "lappytop"; - }; - }; - kairi = { - imports = lib.optional (builtins.pathExists (./hosts + "/${hostName}/home")) (import (./hosts + "/${hostName}/home")) - # trusted hosts check - ++ lib.optional (builtins.pathExists (./trusted/hosts + "/${hostName}/home")) (import (./trusted/hosts + "/${hostName}/home")) - # trusted user kairi check - ++ lib.optional (builtins.pathExists ./trusted/users/kairi) (import ./trusted/users/kairi); - - options = { - deploy.profile.gui = lib.mkEnableOption "graphical system"; - deploy.profile.fvwm = lib.mkEnableOption "fvwm"; - deploy.profile.laptop = lib.mkEnableOption "lappytop"; - }; - }; - }; - }; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index f4bffa0b..4c273be3 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,6 +1,15 @@ -{ sources, system ? builtins.currentSystem, ... }@args: +{ sources, system ? builtins.currentSystem, ... }@args: let + liboverlay = self: super: { + lib = super.lib.extend (self: super: import ./lib + { + inherit super; + lib = self; + isOverlayLib = true; + } + ); + }; overlay = self: super: rec { dino = super.dino.overrideAttrs ( { patches ? [], ... }: { @@ -55,8 +64,6 @@ let nerdfonts = super.nerdfonts.override { fonts = [ "Iosevka" ]; }; - hextorgba = (import ../lib/colorhelpers.nix { inherit (super) lib; }).hextorgba; - konawall = super.konawall.overide { swaySupport = true; }; imv = super.imv.override { @@ -77,11 +84,12 @@ let kat-scrot = self.callPackage ./kat-scrot { }; - } // super.lib.optionalAttrs (builtins.pathExists ../trusted/pkgs) - (import ../trusted/pkgs { inherit super self; }); + } // super.lib.optionalAttrs (builtins.pathExists ../config/trusted/pkgs) + (import ../config/trusted/pkgs { inherit super self; }); pkgs = import sources.nixpkgs { overlays = [ overlay + liboverlay (import (sources.nixexprs + "/overlay.nix")) ]; config = { diff --git a/lib/colorhelpers.nix b/pkgs/lib/color-helpers.nix similarity index 100% rename from lib/colorhelpers.nix rename to pkgs/lib/color-helpers.nix diff --git a/pkgs/lib/default.nix b/pkgs/lib/default.nix new file mode 100644 index 00000000..5b867eac --- /dev/null +++ b/pkgs/lib/default.nix @@ -0,0 +1,16 @@ +{ pkgs ? import { } +, lib ? pkgs.lib +# for internal use... +, super ? if !isOverlayLib then lib else { } +, self ? if isOverlayLib then lib else { } +, before ? if !isOverlayLib then lib else { } +, isOverlayLib ? false +}@args: let + colorHelpers = import ./color-helpers.nix { inherit lib; }; + lib = before // katlib // self; + katlib = with before; with katlib; with self; +{ + inherit (colorHelpers) hextorgba; + hostImport = import ./host-import.nix { inherit lib; }; + modList = import ./module-list.nix; +}; in katlib diff --git a/pkgs/lib/host-import.nix b/pkgs/lib/host-import.nix new file mode 100644 index 00000000..365e311e --- /dev/null +++ b/pkgs/lib/host-import.nix @@ -0,0 +1,6 @@ +{ lib }: hostName: lib.filter builtins.pathExists [ + (../../config/hosts + "/${hostName}/nixos") + (../../config/trusted/hosts + "/${hostName}/nixos") + ../../config/trusted/profile + ../../config/nixos.nix +] diff --git a/lib/modules.nix b/pkgs/lib/module-list.nix similarity index 100% rename from lib/modules.nix rename to pkgs/lib/module-list.nix diff --git a/runners.nix b/runners.nix deleted file mode 100644 index 15638919..00000000 --- a/runners.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ lib, target }: - -with lib; - -let -runners = { - run = foldAttrList (mapAttrsToList (targetName: targetx: mapAttrs' (k: run: - nameValuePair run.name run.set - ) targetx.runners.run) target); - lazy.run = foldAttrList (mapAttrsToList (targetName: targetx: mapAttrs' (k: run: - nameValuePair run.name run.set - ) targetx.runners.lazy.run) target); - lazy.nativeBuildInputs = concatLists (mapAttrsToList (targetName: target: target.runners.lazy.nativeBuildInputs) target); -}; in runners diff --git a/shell.nix b/shell.nix index 342a8e6b..769838ab 100644 --- a/shell.nix +++ b/shell.nix @@ -1,8 +1,8 @@ { }: let - config = import ./default.nix; - tf = config.deploy.tf {}; - inherit (config) pkgs; - nf-actions = config.pkgs.writeShellScriptBin "nf-actions" '' + meta = import ./default.nix; + config = meta; + inherit (meta) pkgs; + nf-actions = pkgs.writeShellScriptBin "nf-actions" '' export START_DIR="$PWD" cd ${toString ./.} export NF_CONFIG_ROOT=${toString ./.}/ci @@ -20,7 +20,7 @@ done cd $START_DIR ''; - nf-test = config.pkgs.writeShellScriptBin "nf-test" '' + nf-test = pkgs.writeShellScriptBin "nf-test" '' export START_DIR="$PWD" cd ${toString ./.} export NF_CONFIG_ROOT=${toString ./.}/ci @@ -39,16 +39,18 @@ cd $START_DIR ''; in pkgs.mkShell { - nativeBuildInputs = [ + nativeBuildInputs = with pkgs; [ + inetutils nf-actions nf-test ] ++ config.runners.lazy.nativeBuildInputs; - HISTFILE = toString (tf.terraform.baseDir + "/.history"); - CI_PLATFORM = "impure"; # use host's nixpkgs for more convenient testing + HISTFILE = toString (config.deploy.dataDir + "/.history"); shellHook = '' export HOME_HOSTNAME=$(hostname -s) - export NIX_PATH="$NIX_PATH:nixfiles=${toString ./.}" + export HOME_UID=$(id -u) + export NIX_PATH="$NIX_PATH:home=${toString ./.}" ''; } + diff --git a/targets/personal/default.nix b/targets/personal/default.nix deleted file mode 100644 index 44e8e5fa..00000000 --- a/targets/personal/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, ... }: - -{ - variables.phone_ygg = { - type = "string"; - value.shellCommand = "bitw get infra/phone-ygg"; - }; - - dns.records.kittywitch_net_grimoire = { - tld = "kittywit.ch."; - domain = "grimoire.net"; - aaaa.address = config.variables.phone_ygg.ref; - }; - - variables.pi_ygg = { - type = "string"; - value.shellCommand = "bitw get infra/pi-ygg"; - }; - - dns.records.kittywitch_net_boline = { - tld = "kittywit.ch."; - domain = "boline.net"; - aaaa.address = config.variables.pi_ygg.ref; - }; -}