refactor(systems): pull out inline modules

2026-02-09 04:19:19 -08:00 · 2024-02-19 17:34:39 -08:00 · 2024-02-19 17:34:39 -08:00 · b339ef65f6
commit b339ef65f6
parent 35177ce911
20 changed files with 296 additions and 218 deletions
--- a/systems/aya/default.nix
+++ b/systems/aya/default.nix
@ -4,4 +4,5 @@ _: {
  modules = [
    ./nixos.nix
  ];
+  access.tailscale.enable = true;
 }
--- a/systems/default.nix
+++ b/systems/default.nix
@ -2,139 +2,17 @@
  # The purpose of this file is to set up the host module which allows assigning of the system, e.g. aarch64-linux and the builder used with less pain.
  lib = inputs.self.lib.nixlib;
  inherit (inputs.self.lib) meta std;
-  inherit (lib.modules) evalModules mkOptionDefault;
-  inherit (std) string set;
-  defaultSpecialArgs = {
-    inherit inputs std meta;
-  };
-  hostModule = {
-    config,
-    machine,
-    ...
-  }: {
-    options = let
-      inherit (inputs.self.lib.lib) json;
-      inherit (lib.types) str listOf attrs unspecified attrsOf nullOr;
-      inherit (lib.options) mkOption;
-    in {
-      arch = mkOption {
-        description = "Processor architecture of the host";
-        type = str;
-        default = "x86_64";
-      };
-      type = mkOption {
-        description = "Operating system type of the host";
-        type = nullOr str;
-        default = "NixOS";
-      };
-      folder = mkOption {
-        type = str;
-        internal = true;
-      };
-      system = mkOption {
-        type = str;
-        internal = true;
-      };
-      modules = mkOption {
-        type = listOf unspecified;
-      };
-      specialArgs = mkOption {
-        type = attrs;
-        internal = true;
-      };
-      builder = mkOption {
-        type = unspecified;
-        internal = true;
-      };
-      deploy = mkOption {
-        type = nullOr json.types.attrs;
-      };
-    };
-    config = {
-      deploy = let
-        nixos = inputs.self.nixosConfigurations.${machine};
-      in {
-        sshUser = mkOptionDefault "root";
-        user = mkOptionDefault "root";
-        sshOpts = mkOptionDefault ["-p" "${builtins.toString (builtins.head nixos.config.services.openssh.ports)}"];
-        autoRollback = mkOptionDefault true;
-        magicRollback = mkOptionDefault true;
-        fastConnection = mkOptionDefault false;
-        hostname = mkOptionDefault "${machine}.local.gensokyo.zone";
-        profiles.system = {
-          user = "root";
-          path = let
-            inherit (inputs.self.legacyPackages.${config.system}.deploy-rs) activate;
-          in
-            activate.nixos nixos;
-        };
-      };
-      system = let
-        kernel =
-          {
-            nixos = "linux";
-            macos = "darwin";
-            darwin = "darwin";
-            linux = "linux";
-          }
-          .${string.toLower config.type};
-      in "${config.arch}-${kernel}";
-      folder =
-        {
-          nixos = "nixos";
-          macos = "darwin";
-          darwin = "darwin";
-          linux = "linux";
-        }
-        .${string.toLower config.type};
-      modules = [
-        # per-OS modules
-        meta.modules.${config.folder}
-        # per-OS configuration
-        meta.${config.folder}.base
-      ];
-      builder =
-        {
-          nixos = let
-            lib = inputs.nixpkgs.lib.extend (self: super:
-              import (inputs.arcexprs + "/lib") {
-                inherit super;
-                lib = self;
-                isOverlayLib = true;
-              });
-            sys = args:
-              lib.nixosSystem ({
-                  inherit lib;
-                }
-                // args);
-          in
-            sys;
-          darwin = inputs.darwin.lib.darwinSystem;
-          macos = inputs.darwin.lib.darwinSystem;
-        }
-        .${string.toLower config.type};
-      specialArgs =
-        {
-          name = machine;
-          inherit machine;
-          systemType = config.folder;
-          inherit (config) system;
-        }
-        // defaultSpecialArgs;
-    };
-  };
+  inherit (lib.modules) evalModules;
+  inherit (std) set;
  hostConfigs = set.map (name: path:
    evalModules {
      modules = [
-        hostModule
        path
+        meta.modules.system
      ];
-      specialArgs =
-        defaultSpecialArgs
-        // {
-          inherit name;
-          machine = name;
-        };
+      specialArgs = {
+        inherit name inputs std meta;
+      };
    })
  (set.map (_: c: c) meta.systems);
  processHost = name: cfg: let
@ -143,9 +21,10 @@
    set.optional (host.type != null) {
      deploy.nodes.${name} = host.deploy;

-      "${host.folder}Configurations".${name} = host.builder {
-        inherit (host) system modules specialArgs;
-      };
+      "${host.folder}Configurations".${name} = host.built;
    };
 in
-  set.merge (set.mapToValues processHost hostConfigs)
+  {
+    systems = hostConfigs;
+  }
+  // set.merge (set.mapToValues processHost hostConfigs)
--- a/systems/hakurei/default.nix
+++ b/systems/hakurei/default.nix
@ -4,4 +4,8 @@ _: {
  modules = [
    ./nixos.nix
  ];
+  access = {
+    tailscale.enable = true;
+    global.enable = true;
+  };
 }
--- a/systems/hakurei/nixos.nix
+++ b/systems/hakurei/nixos.nix
@ -6,8 +6,8 @@
  ...
 }: let
  inherit (lib.modules) mkIf mkMerge;
-  mediabox = access.systemFor "mediabox";
-  tei = access.systemFor "tei";
+  mediabox = access.nixosFor "mediabox";
+  tei = access.nixosFor "tei";
  inherit (mediabox.services) plex;
  inherit (tei.services) kanidm vouch-proxy;
 in {
@ -139,16 +139,16 @@ in {
    inherit (config.services.nginx) access;
  in {
    access.plex = assert plex.enable; {
-      url = "http://${mediabox.networking.access.hostnameForNetwork.local}:${toString plex.port}";
+      url = "http://${mediabox.lib.access.hostnameForNetwork.local}:${toString plex.port}";
      externalPort = 41324;
    };
    access.vouch = assert vouch-proxy.enable; {
-      url = "http://${tei.networking.access.hostnameForNetwork.tail}:${toString vouch-proxy.settings.vouch.port}";
+      url = "http://${tei.lib.access.hostnameForNetwork.tail}:${toString vouch-proxy.settings.vouch.port}";
      useACMEHost = access.vouch.localDomain;
    };
    access.kanidm = assert kanidm.enableServer; {
      inherit (kanidm.server.frontend) domain port;
-      host = tei.networking.access.hostnameForNetwork.local;
+      host = tei.lib.access.hostnameForNetwork.local;
      ldapEnable = false;
    };
    access.freeipa = {
@ -159,7 +159,7 @@ in {
      useACMEHost = access.kitchencam.domain;
    };
    access.invidious = {
-      url = "http://${mediabox.networking.access.hostnameForNetwork.local}:${toString mediabox.services.invidious.port}";
+      url = "http://${mediabox.lib.access.hostnameForNetwork.local}:${toString mediabox.services.invidious.port}";
    };
    virtualHosts = {
      ${access.kanidm.domain} = {
--- a/systems/litterbox/default.nix
+++ b/systems/litterbox/default.nix
@ -4,4 +4,5 @@ _: {
  modules = [
    ./nixos.nix
  ];
+  access.tailscale.enable = true;
 }
--- a/systems/reimu/default.nix
+++ b/systems/reimu/default.nix
@ -4,4 +4,5 @@ _: {
  modules = [
    ./nixos.nix
  ];
+  access.tailscale.enable = true;
 }
--- a/systems/tei/cloudflared.nix
+++ b/systems/tei/cloudflared.nix
@ -6,17 +6,17 @@
 }: let
  inherit (lib.modules) mkIf;
  inherit (lib.attrsets) listToAttrs nameValuePair;
-  inherit (access) systemFor;
+  inherit (access) nixosFor;
  inherit (config.networking) hostName;
  cfg = config.services.cloudflared;
  apartment = "5e85d878-c6b2-4b15-b803-9aeb63d63543";
  accessHostFor = {
    hostName,
-    system ? systemFor hostName,
+    system ? nixosFor hostName,
    access ? "local",
    ...
  }: let
-    host = system.networking.access.hostnameForNetwork.${access} or (throw "unsupported access ${access}");
+    host = system.lib.access.hostnameForNetwork.${access} or (throw "unsupported access ${access}");
  in
    if hostName == config.networking.hostName
    then "localhost"
@ -25,7 +25,7 @@
    host ? system.networking.fqdn,
    port ? 80,
    hostName,
-    system ? systemFor hostName,
+    system ? nixosFor hostName,
  } @ args:
    nameValuePair host {
      service = "http://${accessHostFor args}:${toString port}";
@ -34,7 +34,7 @@
    host ? system.services.home-assistant.domain,
    port ? system.services.home-assistant.config.http.server_port,
    hostName,
-    system ? systemFor hostName,
+    system ? nixosFor hostName,
    ...
  } @ args:
    nameValuePair host {
@ -44,7 +44,7 @@
    host ? system.services.vouch-proxy.domain,
    port ? system.services.vouch-proxy.settings.vouch.port,
    hostName,
-    system ? systemFor hostName,
+    system ? nixosFor hostName,
    ...
  } @ args:
    nameValuePair host {
@ -54,7 +54,7 @@
    host ? system.services.kanidm.server.frontend.domain,
    port ? system.services.kanidm.server.frontend.port,
    hostName,
-    system ? systemFor hostName,
+    system ? nixosFor hostName,
    ...
  } @ args:
    nameValuePair host {
--- a/systems/tei/default.nix
+++ b/systems/tei/default.nix
@ -4,4 +4,5 @@ _: {
  modules = [
    ./nixos.nix
  ];
+  access.tailscale.enable = true;
 }