From 45705650bb44c0b23a10f29b695aa18e3f5aa61b Mon Sep 17 00:00:00 2001 From: arcnmx Date: Sun, 23 Jun 2024 10:06:36 -0700 Subject: [PATCH] refactor: system -> systemConfig --- ci/nodes.nix | 4 +-- generate.nix | 24 +++++++-------- lib.nix | 3 +- modules/extern/home/ssh.nix | 6 ++-- modules/extern/nixos/dns.nix | 8 ++--- modules/extern/nixos/krb5.nix | 4 +-- modules/nixos/monitoring/ingest/grafana.nix | 4 +-- modules/nixos/monitoring/ingest/loki.nix | 4 +-- .../nixos/monitoring/ingest/prometheus.nix | 12 ++++---- modules/nixos/monitoring/source/promtail.nix | 6 ++-- modules/nixos/nginx/proxied.nix | 4 +-- modules/nixos/nginx/vouch.nix | 4 +-- modules/system/access.nix | 29 +++++++++---------- modules/system/exports/dnsmasq.nix | 6 ++-- modules/system/exports/monitoring.nix | 10 +++---- modules/system/exports/nginx.nix | 4 +-- modules/system/exports/services.nix | 9 +++--- modules/system/host.nix | 3 +- modules/system/network/networks.nix | 8 ++--- modules/system/proxmox/network.nix | 18 ++++++------ nixos/access/invidious.nix | 1 - nixos/access/nfandroidtv.nix | 4 +-- nixos/base/nixpkgs.nix | 4 +-- nixos/dnsmasq.nix | 16 +++++----- nixos/home-assistant.nix | 8 ++--- nixos/keycloak.nix | 4 +-- nixos/monitoring/gatus.nix | 27 +++++++++-------- nixos/reisen-ct/proxmox.nix | 4 +-- nixos/samba.nix | 12 ++++---- nixos/wake-chen.nix | 2 +- packages/default.nix | 6 ++-- 31 files changed, 127 insertions(+), 131 deletions(-) diff --git a/ci/nodes.nix b/ci/nodes.nix index 97341248..f1cad765 100644 --- a/ci/nodes.nix +++ b/ci/nodes.nix @@ -11,11 +11,11 @@ with lib; { name = "nodes"; jobs = let - enabledSystems = filterAttrs (_: system: system.config.ci.enable) channels.nixfiles.lib.systems; + enabledSystems = filterAttrs (_: system: system.ci.enable) channels.nixfiles.lib.gensokyo-zone.systems; mkSystemJob = name: system: nameValuePair "${name}" { tasks.system = { inputs = channels.nixfiles.nixosConfigurations.${name}.config.system.build.toplevel; - warn = system.config.ci.allowFailure; + warn = system.ci.allowFailure; }; }; systemJobs = mapAttrs' mkSystemJob enabledSystems; diff --git a/generate.nix b/generate.nix index 3e5050cd..ff57c022 100644 --- a/generate.nix +++ b/generate.nix @@ -6,9 +6,9 @@ inherit (nixlib.attrsets) mapAttrs mapAttrs' nameValuePair filterAttrs mapAttrsToList; inherit (nixlib.lists) sortOn; inherit (inputs.self.lib.lib) userIs; - inherit (inputs.self.lib) systems; - templateSystem = inputs.self.nixosConfigurations.reimu; - templateUsers = filterAttrs (_: userIs "peeps") templateSystem.config.users.users; + inherit (inputs.self.lib.gensokyo-zone) systems; + templateSystem = inputs.self.nixosConfigurations.reimu.config; + templateUsers = filterAttrs (_: userIs "peeps") templateSystem.users.users; mkNodeUsers = users: let nodeUsers = mapAttrsToList (_: mkNodeUser) templateUsers; in @@ -18,13 +18,13 @@ authorizedKeys = user.openssh.authorizedKeys.keys; }; nodeSystems = let - matchesNode = nodeName: system: system.config.proxmox.enabled && system.config.proxmox.node.name == nodeName; + matchesNode = nodeName: system: system.proxmox.enabled && system.proxmox.node.name == nodeName; in nodeName: filterAttrs (_: matchesNode nodeName) systems; mkNodeSystem = system: { - inherit (system.config.access) hostName; + inherit (system.access) hostName; network = let - inherit (system.config.network) networks; + inherit (system.network) networks; in { networks = { int = @@ -62,14 +62,14 @@ }; mkNode = system: { users = mkNodeUsers templateUsers; - systems = mkNodeSystems (nodeSystems system.config.name); - extern = mkExtern system.config; + systems = mkNodeSystems (nodeSystems system.name); + extern = mkExtern system; ssh.root.authorizedKeys = { - inherit (templateSystem.config.environment.etc."ssh/authorized_keys.d/root".source) text; + inherit (templateSystem.environment.etc."ssh/authorized_keys.d/root".source) text; }; }; mkNetwork = system: { - inherit (system.config.access) hostName; + inherit (system.access) hostName; networks = { int = null; @@ -80,14 +80,14 @@ nameValuePair network.name { inherit (network) macAddress address4 address6; }) - system.config.network.networks; + system.network.networks; }; mkSystem = name: system: { network = mkNetwork system; }; in { nodes = let - nodes = filterAttrs (_: node: node.config.proxmox.node.enable) systems; + nodes = filterAttrs (_: node: node.proxmox.node.enable) systems; in mapAttrs (_: mkNode) nodes; systems = mapAttrs mkSystem systems; diff --git a/lib.nix b/lib.nix index 4f329d08..20302ee3 100644 --- a/lib.nix +++ b/lib.nix @@ -147,7 +147,8 @@ in { inherit inputs; inherit (inputs) self; inherit (inputs.self) overlays; - inherit (inputs.self.lib) tree meta lib systems std Std; + inherit (inputs.self.lib) tree meta lib std Std; + systems = builtins.mapAttrs (_: system: system.config) systems; }; generate = import ./generate.nix {inherit inputs tree;}; } diff --git a/modules/extern/home/ssh.nix b/modules/extern/home/ssh.nix index 6b16046c..4eed4549 100644 --- a/modules/extern/home/ssh.nix +++ b/modules/extern/home/ssh.nix @@ -16,7 +16,7 @@ let inherit (lib.strings) optionalString; inherit (osConfig.gensokyo-zone) access; cfg = gensokyo-zone.ssh.cfg; - system = gensokyo-zone.systems.${config.systemName}.config; + system = gensokyo-zone.systems.${config.systemName}; networks = let fallbackNetwork = if system.network.networks.local.enable or false && access.local.enable @@ -167,14 +167,14 @@ let proxyJump = mkOptionDefault ( if config.hosts.hakurei.enable then config.hosts.hakurei.name - else gensokyo-zone.systems.hakurei.config.access.fqdn + else gensokyo-zone.systems.hakurei.access.fqdn ); networks = mkOptionDefault [ (mkIf access.local.enable "local") (mkIf access.tail.enabled "tail") ]; hosts = mapAttrs (name: system: let - enabled = system.config.access.online.enable && system.config.exports.services.sshd.enable; + enabled = system.access.online.enable && system.exports.services.sshd.enable; in mkIf enabled { systemName = mkOptionDefault name; diff --git a/modules/extern/nixos/dns.nix b/modules/extern/nixos/dns.nix index f12bcfc7..bdd1a72b 100644 --- a/modules/extern/nixos/dns.nix +++ b/modules/extern/nixos/dns.nix @@ -71,13 +71,13 @@ mkMerge [ (mkOptionDefault []) (mkIf access.local.enable [ - (mkIf enableIPv6 utsuho.config.access.address6ForNetwork.local) - utsuho.config.access.address4ForNetwork.local + (mkIf enableIPv6 utsuho.access.address6ForNetwork.local) + utsuho.access.address4ForNetwork.local ]) # TODO: mirror or tunnel on hakurei or something .-. (mkIf (access.tail.enabled && false) [ - (mkIf enableIPv6 hakurei.config.access.address6ForNetwork.tail) - hakurei.config.access.address4ForNetwork.tail + (mkIf enableIPv6 hakurei.access.address6ForNetwork.tail) + hakurei.access.address4ForNetwork.tail ]) ]; fallbackNameservers = diff --git a/modules/extern/nixos/krb5.nix b/modules/extern/nixos/krb5.nix index 62915d19..f8e051ac 100644 --- a/modules/extern/nixos/krb5.nix +++ b/modules/extern/nixos/krb5.nix @@ -435,8 +435,8 @@ in { # TODO: consider hakurei instead... in mkIf (cfg.enable && !config.gensokyo-zone.dns.enable or false && config.gensokyo-zone.access.local.enable) { - ${freeipa.config.access.address6ForNetwork.local} = mkIf config.networking.enableIPv6 (mkBefore [cfg.host]); - ${freeipa.config.access.address4ForNetwork.local} = mkBefore [cfg.host]; + ${freeipa.access.address6ForNetwork.local} = mkIf config.networking.enableIPv6 (mkBefore [cfg.host]); + ${freeipa.access.address4ForNetwork.local} = mkBefore [cfg.host]; }; }; environment.etc = { diff --git a/modules/nixos/monitoring/ingest/grafana.nix b/modules/nixos/monitoring/ingest/grafana.nix index dd9575a3..70ea5503 100644 --- a/modules/nixos/monitoring/ingest/grafana.nix +++ b/modules/nixos/monitoring/ingest/grafana.nix @@ -1,12 +1,12 @@ { config, - system, + systemConfig, lib, ... }: let inherit (lib.modules) mkDefault; cfg = config.services.grafana; - service = system.exports.services.grafana; + service = systemConfig.exports.services.grafana; in { services.grafana = { settings.server = { diff --git a/modules/nixos/monitoring/ingest/loki.nix b/modules/nixos/monitoring/ingest/loki.nix index c07b161c..9112ece5 100644 --- a/modules/nixos/monitoring/ingest/loki.nix +++ b/modules/nixos/monitoring/ingest/loki.nix @@ -11,8 +11,8 @@ promtailSystems = filterAttrs ( _: system: - system.config.access.online.enable - && system.config.exports.services.promtail.enable + system.access.online.enable + && system.exports.services.promtail.enable ) systems; cfg = config.services.loki; diff --git a/modules/nixos/monitoring/ingest/prometheus.nix b/modules/nixos/monitoring/ingest/prometheus.nix index aa253ae6..dab2d7cf 100644 --- a/modules/nixos/monitoring/ingest/prometheus.nix +++ b/modules/nixos/monitoring/ingest/prometheus.nix @@ -12,8 +12,8 @@ nodeExporterSystems = filter ( system: - system.config.exports.prometheus.exporter.enable - && system.config.exports.prometheus.exporter.services != [] + system.exports.prometheus.exporter.enable + && system.exports.prometheus.exporter.services != [] ) (attrValues systems); mkPortTarget = { @@ -22,17 +22,17 @@ portName, }: let port = service.ports.${portName}; - in "${mkAddress6 (access.getAddressFor system.config.name "lan")}:${toString port.port}"; + in "${mkAddress6 (access.getAddressFor system.name "lan")}:${toString port.port}"; mkServiceConfig = system: serviceName: let inherit (service.prometheus) exporter; - service = system.config.exports.services.${serviceName}; + service = system.exports.services.${serviceName}; targets = map (portName: mkPortTarget { inherit system service portName; }) exporter.ports; in { - job_name = "${system.config.name}-${service.id}"; + job_name = "${system.name}-${service.id}"; static_configs = [ { inherit targets; @@ -49,7 +49,7 @@ insecure_skip_verify = mkDefault true; }; }; - mapSystem = system: map (mkServiceConfig system) system.config.exports.prometheus.exporter.services; + mapSystem = system: map (mkServiceConfig system) system.exports.prometheus.exporter.services; in { services.prometheus = { port = mkDefault 9090; diff --git a/modules/nixos/monitoring/source/promtail.nix b/modules/nixos/monitoring/source/promtail.nix index 1e576d03..7c182683 100644 --- a/modules/nixos/monitoring/source/promtail.nix +++ b/modules/nixos/monitoring/source/promtail.nix @@ -1,6 +1,6 @@ { config, - system, + systemConfig, access, lib, ... @@ -23,12 +23,12 @@ in { ]; scrape_configs = [ { - job_name = "${system.name}-journald"; + job_name = "${systemConfig.name}-journald"; journal = { max_age = "${toString (24 * 7)}h"; labels = { job = "systemd-journald"; - system = system.name; + system = systemConfig.name; host = config.networking.fqdn; }; }; diff --git a/modules/nixos/nginx/proxied.nix b/modules/nixos/nginx/proxied.nix index c704c9a9..d9f8cd7f 100644 --- a/modules/nixos/nginx/proxied.nix +++ b/modules/nixos/nginx/proxied.nix @@ -158,7 +158,7 @@ let in { config, - system, + systemConfig, gensokyo-zone, lib, ... @@ -196,7 +196,7 @@ in nginx'proxied = mkIf (warnEnable cfg.enable) { servers.local = { accessService = { - system = system.name; + system = systemConfig.name; name = "nginx"; port = "proxied"; }; diff --git a/modules/nixos/nginx/vouch.nix b/modules/nixos/nginx/vouch.nix index 126bf45a..14640f70 100644 --- a/modules/nixos/nginx/vouch.nix +++ b/modules/nixos/nginx/vouch.nix @@ -1,6 +1,6 @@ { config, - system, + systemConfig, lib, gensokyo-zone, ... @@ -348,7 +348,7 @@ in { ssl.enable = mkAlmostOptionDefault true; }; int = {upstream, ...}: { - enable = mkAlmostOptionDefault system.network.networks.int.enable or false; + enable = mkAlmostOptionDefault systemConfig.network.networks.int.enable or false; addr = mkAlmostOptionDefault "login.int.${networking.domain}"; port = mkOptionDefault 9080; }; diff --git a/modules/system/access.nix b/modules/system/access.nix index 424222a3..6ffdb88a 100644 --- a/modules/system/access.nix +++ b/modules/system/access.nix @@ -15,11 +15,10 @@ inherit (lib.lists) findSingle; inherit (lib.trivial) mapNullable; cfg = config.access; - systemConfig = config; systemAccess = access; nixosModule = { config, - system, + systemConfig, access, ... }: let @@ -28,16 +27,16 @@ if config.networking.enableIPv6 then "address6ForNetwork" else "address4ForNetwork"; - has'Int = system.network.networks.int.enable or false; - has'Local = system.network.networks.local.enable or false; - has'Tail' = system.network.networks.tail.enable or false; + has'Int = systemConfig.network.networks.int.enable or false; + has'Local = systemConfig.network.networks.local.enable or false; + has'Tail' = systemConfig.network.networks.tail.enable or false; has'Tail = lib.warnIf (has'Tail' != config.services.tailscale.enable) "tailscale set incorrectly in system.access for ${config.networking.hostName}" has'Tail'; in { options.networking.access = with lib.types; { global.enable = mkEnableOption "global access" // { - default = system.access.global.enable; + default = systemConfig.access.global.enable; }; moduleArgAttrs = mkOption { type = lazyAttrsOf unspecified; @@ -61,7 +60,7 @@ in { lan = - if hostName == system.name + if hostName == systemConfig.name then forSystem.access.${addressForAttr}.localhost else if has'Int && forSystemHas "int" then int @@ -124,7 +123,7 @@ in { lan = - if hostName == system.name + if hostName == systemConfig.name then forSystem.access.hostnameForNetwork.localhost else if has'Int && forSystem.access.hostnameForNetwork ? int then forSystem.access.hostnameForNetwork.int @@ -207,7 +206,7 @@ in { }; global.enable = mkEnableOption "globally routeable"; online = let - proxmoxNodeAccess = systems.${config.proxmox.node.name}.config.access; + proxmoxNodeAccess = systems.${config.proxmox.node.name}.access; in { enable = mkEnableOption "a deployed machine" @@ -288,22 +287,22 @@ in { _module.args.access = { inherit (cfg) hostnameForNetwork address4ForNetwork address6ForNetwork; - systemFor = hostName: systems.${hostName}.config; - systemForOrNull = hostName: systems.${hostName}.config or null; + systemFor = hostName: systems.${hostName}; + systemForOrNull = hostName: systems.${hostName} or null; nixosFor = hostName: nixosConfigurations.${hostName}.config or (access.systemFor hostName).built.config; nixosForOrNull = hostName: nixosConfigurations.${hostName}.config or (access.systemForOrNull hostName).built.config or null; systemForService = service: let - hasService = system: system.config.exports.services.${service}.enable; + hasService = system: system.exports.services.${service}.enable; notFound = throw "no system found serving ${service}"; multiple = throw "multiple systems found serving ${service}"; in - (findSingle hasService notFound multiple (attrValues systems)).config; + (findSingle hasService notFound multiple (attrValues systems)); systemForServiceId = serviceId: let - hasService = system: findSingle (service: service.id == serviceId && service.enable) null multiple (attrValues system.config.exports.services) != null; + hasService = system: findSingle (service: service.id == serviceId && service.enable) null multiple (attrValues system.exports.services) != null; notFound = throw "no system found serving ${serviceId}"; multiple = throw "multiple systems found serving ${serviceId}"; in - (findSingle hasService notFound multiple (attrValues systems)).config; + (findSingle hasService notFound multiple (attrValues systems)); }; }; } diff --git a/modules/system/exports/dnsmasq.nix b/modules/system/exports/dnsmasq.nix index 0f07a40d..541593e5 100644 --- a/modules/system/exports/dnsmasq.nix +++ b/modules/system/exports/dnsmasq.nix @@ -7,7 +7,7 @@ inherit (lib.modules) mkOptionDefault; in { config.exports.services.dnsmasq = { - system, + systemConfig, config, ... }: { @@ -28,10 +28,10 @@ in { settings = { dns = { query-type = mkOptionDefault "A"; - query-name = mkOptionDefault system.access.fqdn; + query-name = mkOptionDefault systemConfig.access.fqdn; }; conditions = mkOptionDefault [ - "[BODY] == ${system.network.networks.local.address4}" + "[BODY] == ${systemConfig.network.networks.local.address4}" ]; }; }; diff --git a/modules/system/exports/monitoring.nix b/modules/system/exports/monitoring.nix index 9386b938..c9e38614 100644 --- a/modules/system/exports/monitoring.nix +++ b/modules/system/exports/monitoring.nix @@ -1,6 +1,6 @@ let portModule = { - system, + systemConfig, config, gensokyo-zone, lib, @@ -20,7 +20,7 @@ let enable = mkEnableOption "health check alerts" // { - default = system.exports.status.alert.enable; + default = systemConfig.exports.status.alert.enable; }; }; gatus = { @@ -127,7 +127,7 @@ let }; }; serviceModule = { - system, + systemConfig, config, gensokyo-zone, lib, @@ -185,8 +185,8 @@ let labels = mapOptionDefaults { gensokyo_exports_service = config.name; gensokyo_exports_id = config.id; - gensokyo_system = system.name; - gensokyo_host = system.access.fqdn; + gensokyo_system = systemConfig.name; + gensokyo_host = systemConfig.access.fqdn; }; }; status = { diff --git a/modules/system/exports/nginx.nix b/modules/system/exports/nginx.nix index 33d00df8..0d863a73 100644 --- a/modules/system/exports/nginx.nix +++ b/modules/system/exports/nginx.nix @@ -9,7 +9,7 @@ in { config.exports.services.nginx = { config, - system, + systemConfig, ... }: let mkAssertion = f: nixosConfig: let @@ -29,7 +29,7 @@ in { message = "proxied.port mismatch"; }; in { - displayName = mkAlmostOptionDefault "NGINX/${system.name}"; + displayName = mkAlmostOptionDefault "NGINX/${systemConfig.name}"; nixos = { serviceAttr = "nginx"; assertions = mkIf config.enable (map mkAssertion [ diff --git a/modules/system/exports/services.nix b/modules/system/exports/services.nix index 735d3bfd..9dde5fd3 100644 --- a/modules/system/exports/services.nix +++ b/modules/system/exports/services.nix @@ -76,7 +76,7 @@ }; }; serviceModule = { - system, + systemConfig, config, name, machine, @@ -101,7 +101,7 @@ type = attrsOf (submoduleWith { modules = [portModule]; specialArgs = { - inherit gensokyo-zone machine system; + inherit gensokyo-zone machine systemConfig; service = config; }; }); @@ -153,7 +153,7 @@ }; nixosModule = { config, - system, + systemConfig, ... }: let mapAssertion = service: a: let @@ -163,7 +163,7 @@ // { message = "system.exports.${service.name}: " + res.message or "assertion failed"; }; - assertions = mapAttrsToList (_: service: map (mapAssertion service) service.nixos.assertions) system.exports.services; + assertions = mapAttrsToList (_: service: map (mapAssertion service) service.nixos.assertions) systemConfig.exports.services; in { config = { assertions = mkMerge assertions; @@ -183,7 +183,6 @@ in { specialArgs = { inherit gensokyo-zone; machine = name; - system = config; systemConfig = config; }; }); diff --git a/modules/system/host.nix b/modules/system/host.nix index 80320035..bd88fe00 100644 --- a/modules/system/host.nix +++ b/modules/system/host.nix @@ -111,8 +111,7 @@ in { specialArgs = { inherit name inputs std Std meta; inherit (inputs.self.lib) gensokyo-zone; - systemType = config.folder; - system = config; + systemConfig = config; }; }; } diff --git a/modules/system/network/networks.nix b/modules/system/network/networks.nix index 1d72a3e6..690ea778 100644 --- a/modules/system/network/networks.nix +++ b/modules/system/network/networks.nix @@ -11,7 +11,7 @@ networkModule = { config, name, - system, + systemConfig, ... }: let knownNetworks = { @@ -68,8 +68,8 @@ ); postfix = mkIf (config.macAddress != null) (mkOptionDefault (eui64 config.macAddress)); }; - domain = mkOptionDefault "${config.name}.${system.access.domain}"; - fqdn = mkOptionDefault (mapNullable (domain: "${system.access.hostName}.${domain}") config.domain); + domain = mkOptionDefault "${config.name}.${systemConfig.access.domain}"; + fqdn = mkOptionDefault (mapNullable (domain: "${systemConfig.access.hostName}.${domain}") config.domain); address6 = mkIf config.slaac.enable (mkOptionDefault "${config.slaac.prefix}:${config.slaac.postfix}"); }; }; @@ -79,7 +79,7 @@ in { type = attrsOf (submoduleWith { modules = [networkModule]; specialArgs = { - system = config; + systemConfig = config; }; }); default = {}; diff --git a/modules/system/proxmox/network.nix b/modules/system/proxmox/network.nix index f4057257..3aeaf1b4 100644 --- a/modules/system/proxmox/network.nix +++ b/modules/system/proxmox/network.nix @@ -18,7 +18,7 @@ networkInterfaceModule = { config, name, - system, + systemConfig, ... }: { options = with lib.types; { @@ -81,7 +81,7 @@ local = { enable = mkOption { type = bool; - default = system.proxmox.node.name == "reisen" && config.id == "net0" && config.bridge == "vmbr0"; + default = systemConfig.proxmox.node.name == "reisen" && config.id == "net0" && config.bridge == "vmbr0"; }; address4 = mkOption { type = nullOr str; @@ -125,12 +125,12 @@ ); }; name = mkMerge [ - (mkIf (hasPrefix "net" config.id && system.proxmox.container.enable) (mkOptionDefault ("eth" + removePrefix "net" config.id))) + (mkIf (hasPrefix "net" config.id && systemConfig.proxmox.container.enable) (mkOptionDefault ("eth" + removePrefix "net" config.id))) # VMs have names like `ens18` for net0... ]; slaac.postfix = mkOptionDefault (mapNullable eui64 config.macAddress); gateway4 = mkMerge [ - (mkIf (system.proxmox.node.name == "reisen" && config.bridge == "vmbr0" && config.address4 != null && config.address4 != "dhcp") (mkAlmostOptionDefault "10.1.1.1")) + (mkIf (systemConfig.proxmox.node.name == "reisen" && config.bridge == "vmbr0" && config.address4 != null && config.address4 != "dhcp") (mkAlmostOptionDefault "10.1.1.1")) ]; networkd.name = mkIf config.local.enable ( mkDefault "_00-local" @@ -176,14 +176,14 @@ }; }; confInternal = let - index = system.proxmox.vm.id - internalOffset; + index = systemConfig.proxmox.vm.id - internalOffset; in { - name = mkIf system.proxmox.container.enable (mkAlmostOptionDefault "eth9"); + name = mkIf systemConfig.proxmox.container.enable (mkAlmostOptionDefault "eth9"); bridge = mkAlmostOptionDefault "vmbr9"; address4 = mkAlmostOptionDefault "10.9.1.${toString index}/24"; address6 = mkAlmostOptionDefault "fd0c::${UInt.toHexLower index}/64"; - macAddress = mkIf (system.proxmox.network.interfaces.net0.macAddress or null != null && hasPrefix "BC:24:11:" system.proxmox.network.interfaces.net0.macAddress) (mkAlmostOptionDefault ( - replaceStrings ["BC:24:11:"] ["BC:24:19:"] system.proxmox.network.interfaces.net0.macAddress + macAddress = mkIf (systemConfig.proxmox.network.interfaces.net0.macAddress or null != null && hasPrefix "BC:24:11:" systemConfig.proxmox.network.interfaces.net0.macAddress) (mkAlmostOptionDefault ( + replaceStrings ["BC:24:11:"] ["BC:24:19:"] systemConfig.proxmox.network.interfaces.net0.macAddress )); networkd.name = mkDefault "_00-int"; networkd.networkSettings = { @@ -210,7 +210,7 @@ in { type = attrsOf (submoduleWith { modules = [networkInterfaceModule]; specialArgs = { - system = config; + systemConfig = config; }; }); default = {}; diff --git a/nixos/access/invidious.nix b/nixos/access/invidious.nix index 6a6fe7f4..5173e963 100644 --- a/nixos/access/invidious.nix +++ b/nixos/access/invidious.nix @@ -1,6 +1,5 @@ { config, - system, lib, ... }: let diff --git a/nixos/access/nfandroidtv.nix b/nixos/access/nfandroidtv.nix index 2ae382e1..148b0ba0 100644 --- a/nixos/access/nfandroidtv.nix +++ b/nixos/access/nfandroidtv.nix @@ -1,12 +1,12 @@ { config, - system, + systemConfig, lib, ... }: let inherit (lib.modules) mkIf mkDefault; inherit (config.services) nginx; - inherit (system.exports.services) nfandroidtv; + inherit (systemConfig.exports.services) nfandroidtv; upstreamName = "nfandroidtv'bedroom"; in { config.services.nginx = { diff --git a/nixos/base/nixpkgs.nix b/nixos/base/nixpkgs.nix index ad305c83..be8ef22d 100644 --- a/nixos/base/nixpkgs.nix +++ b/nixos/base/nixpkgs.nix @@ -1,6 +1,6 @@ { config, - system, + systemConfig, gensokyo-zone, lib, ... @@ -12,7 +12,7 @@ inherit (gensokyo-zone.self) overlays; cfg = config.nixpkgs; hostPlatform = lib.systems.elaborate { - inherit (system) system; + inherit (systemConfig) system; }; in { options.nixpkgs = with lib.types; { diff --git a/nixos/dnsmasq.nix b/nixos/dnsmasq.nix index e36b2578..24b4b9ef 100644 --- a/nixos/dnsmasq.nix +++ b/nixos/dnsmasq.nix @@ -16,7 +16,7 @@ localSystems = filterAttrs ( _: system: - system.config.access.online.enable && system.config.network.networks.local.enable or false + system.access.online.enable && system.network.networks.local.enable or false ) systems; mkHostRecordPairs = _: system: [ @@ -27,12 +27,12 @@ mapDynamic4 = replaceStrings ["10.1.1."] ["0.0.0."]; mapDynamic6 = replaceStrings ["fd0a::"] ["2001::"]; mkDynamicHostRecord = _: system: let - address4 = system.config.network.networks.local.address4 or null; - address6 = system.config.network.networks.local.address6 or null; + address4 = system.network.networks.local.address4 or null; + address6 = system.network.networks.local.address6 or null; in concatStringsSep "," ( [ - system.config.access.fqdn + system.access.fqdn ] ++ optional (address4 != null) (toString (mapNullable mapDynamic4 address4)) @@ -42,15 +42,15 @@ cfg.dynamic.interface ); mkHostRecordPair = network: system: let - address4 = system.config.network.networks.${network}.address4 or null; - address6 = system.config.network.networks.${network}.address6 or null; - fqdn = system.config.network.networks.${network}.fqdn or null; + address4 = system.network.networks.${network}.address4 or null; + address6 = system.network.networks.${network}.address6 or null; + fqdn = system.network.networks.${network}.fqdn or null; in nameValuePair ( if fqdn != null then fqdn - else "${network}.${system.config.access.fqdn}" + else "${network}.${system.access.fqdn}" ) (concatStringsSep "," ( optional (address4 != null) diff --git a/nixos/home-assistant.nix b/nixos/home-assistant.nix index 4920fa30..973d902d 100644 --- a/nixos/home-assistant.nix +++ b/nixos/home-assistant.nix @@ -49,19 +49,19 @@ in { }; auth_providers = let inherit (lib.attrsets) genAttrs; - shanghai = with gensokyo-zone.systems.shanghai.config.network.networks.local; [ + shanghai = with gensokyo-zone.systems.shanghai.network.networks.local; [ address4 address6 ]; - nue = with gensokyo-zone.systems.nue.config.network.networks.local; [ + nue = with gensokyo-zone.systems.nue.network.networks.local; [ address4 address6 ]; - logistics = with gensokyo-zone.systems.logistics.config.network.networks.local; [ + logistics = with gensokyo-zone.systems.logistics.network.networks.local; [ address4 address6 ]; - koishi = with gensokyo-zone.systems.koishi.config.network.networks.local; [ + koishi = with gensokyo-zone.systems.koishi.network.networks.local; [ address4 #address6 ]; diff --git a/nixos/keycloak.nix b/nixos/keycloak.nix index 361c5b7e..1d59bc11 100644 --- a/nixos/keycloak.nix +++ b/nixos/keycloak.nix @@ -1,5 +1,5 @@ { - system, + systemConfig, access, config, gensokyo-zone, @@ -15,7 +15,7 @@ }; hostname = "sso.${config.networking.domain}"; hostname-strict = false; - inherit (gensokyo-zone.self.legacyPackages.${system.system}) patchedNixpkgs; + inherit (gensokyo-zone.self.legacyPackages.${systemConfig.system}) patchedNixpkgs; keycloakModulePath = "services/web-apps/keycloak.nix"; in { # upstream keycloak makes an incorrect assumption in its assertions, so we patch it diff --git a/nixos/monitoring/gatus.nix b/nixos/monitoring/gatus.nix index 12a3b449..1adf93ae 100644 --- a/nixos/monitoring/gatus.nix +++ b/nixos/monitoring/gatus.nix @@ -12,9 +12,9 @@ inherit (lib.lists) filter length optional concatMap; inherit (lib.strings) hasPrefix hasInfix optionalString concatStringsSep match; cfg = config.services.gatus; - statusSystems = filter (system: system.config.exports.status.enable) (attrValues systems); + statusSystems = filter (system: system.exports.status.enable) (attrValues systems); mapSystem = system: let - statusServices = map (serviceName: system.config.exports.services.${serviceName}) system.config.exports.status.services; + statusServices = map (serviceName: system.exports.services.${serviceName}) system.exports.status.services; serviceEndpoints = concatMap (mkServiceEndpoint system) statusServices; systemEndpoint = mkSystemEndpoint system; in @@ -34,7 +34,7 @@ ++ optional hasId service.id ++ [ port.name - system.config.name + system.name ]); #network = port.listen; network = "lan"; @@ -43,12 +43,11 @@ # XXX: they're lying when they say "You may optionally prefix said DNS IPs with dns://" scheme = ""; }; - starttls.host = system.config.access.fqdn; + starttls.host = system.access.fqdn; }; urlConf = { - inherit service port network; - system = system.config; + inherit service port network system; scheme = gatus.protocol; ${ if gatus.client.network != "ip" @@ -97,21 +96,21 @@ }) gatusPorts; mkSystemEndpoint = system: let - inherit (system.config.exports) status; + inherit (system.exports) status; network = "lan"; getAddressFor = - if system.config.network.networks.local.address4 or null != null + if system.network.networks.local.address4 or null != null then "getAddress4For" else "getAddressFor"; - addr = access.${getAddressFor} system.config.name network; + addr = access.${getAddressFor} system.name network; addrIs6 = hasInfix ":" addr; in - nameValuePair "ping-${system.config.name}" (_: { + nameValuePair "ping-${system.name}" (_: { imports = [alertingConfig] ++ optional status.alert.enable alertingConfigAlerts; config = { - name = mkAlmostOptionDefault system.config.name; + name = mkAlmostOptionDefault system.name; # XXX: it can't seem to ping ipv6 for some reason..? :< enabled = mkIf addrIs6 (mkAlmostOptionDefault false); client.network = mkIf addrIs6 (mkAlmostOptionDefault "ip6"); @@ -160,11 +159,11 @@ servers = "${groups.systems}/Servers"; systems = "Systems"; forSystem = system: let - node = systems.${system.config.proxmox.node.name}.config; + node = systems.${system.proxmox.node.name}; in - if system.config.proxmox.enabled + if system.proxmox.enabled then "${groups.servers}/${node.name}" - else if system.config.access.online.available + else if system.access.online.available then groups.servers else groups.systems; }; diff --git a/nixos/reisen-ct/proxmox.nix b/nixos/reisen-ct/proxmox.nix index e9f3043f..2bf10c27 100644 --- a/nixos/reisen-ct/proxmox.nix +++ b/nixos/reisen-ct/proxmox.nix @@ -1,5 +1,5 @@ { - system, + systemConfig, gensokyo-zone, lib, modulesPath, @@ -8,7 +8,7 @@ inherit (gensokyo-zone.lib) unmerged; inherit (lib.modules) mkIf mkMerge mkDefault; inherit (lib.attrsets) mapAttrsToList; - inherit (system) proxmox; + inherit (systemConfig) proxmox; in { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") diff --git a/nixos/samba.nix b/nixos/samba.nix index 1fdb6ea9..edcb1d09 100644 --- a/nixos/samba.nix +++ b/nixos/samba.nix @@ -1,6 +1,6 @@ { config, - system, + systemConfig, access, gensokyo-zone, lib, @@ -25,9 +25,9 @@ in { name = "GENSOKYO"; netbiosName = "reisen"; netbiosHostAddresses = { - ${cfg.domain.netbiosName'} = mkIf system.network.networks.local.enable or false [ - system.network.networks.local.address4 - system.network.networks.local.address6 + ${cfg.domain.netbiosName'} = mkIf systemConfig.network.networks.local.enable or false [ + systemConfig.network.networks.local.address4 + systemConfig.network.networks.local.address6 ]; }; }; @@ -79,11 +79,11 @@ in { config.networking.fqdn "smb.${domain}" ] - (mkIf system.network.networks.local.enable or false [ + (mkIf systemConfig.network.networks.local.enable or false [ "smb.local.${domain}" access.hostnameForNetwork.local ]) - (mkIf system.network.networks.int.enable or false [ + (mkIf systemConfig.network.networks.int.enable or false [ "smb.int.${domain}" access.hostnameForNetwork.int ]) diff --git a/nixos/wake-chen.nix b/nixos/wake-chen.nix index 1a949d7f..f5ac49bc 100644 --- a/nixos/wake-chen.nix +++ b/nixos/wake-chen.nix @@ -7,7 +7,7 @@ }: let inherit (gensokyo-zone.lib) mapOptionDefaults; inherit (lib.meta) getExe; - chen = gensokyo-zone.systems.chen.config; + inherit (gensokyo-zone.systems) chen; service = "wake-chen"; in { systemd.services.${service} = { diff --git a/packages/default.nix b/packages/default.nix index 59dc56dc..7c5b3204 100644 --- a/packages/default.nix +++ b/packages/default.nix @@ -21,9 +21,9 @@ NF_NIX_WHITELIST_FILES=(${string.concatMapSep " " string.escapeShellArg fmt.nix.whitelist}) ''; exportsSystems = let - inherit (inputs.self.lib) systems; - nixosSystems = set.filter (_: system: system.config.ci.enable) systems; - warnSystems = set.filter (_: system: system.config.ci.allowFailure) nixosSystems; + inherit (inputs.self.lib.gensokyo-zone) systems; + nixosSystems = set.filter (_: system: system.ci.enable) systems; + warnSystems = set.filter (_: system: system.ci.allowFailure) nixosSystems; toSystems = systems: string.concatMapSep " " string.escapeShellArg (set.keys systems); in '' NF_NIX_SYSTEMS=(${toSystems nixosSystems})