kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 20:39:18 -08:00
Code Issues Projects Releases Packages Wiki Activity

feat: kw -> nixfiles, kw.secrets -> secrets

Browse source
This commit is contained in:
Kat Inskip 2022-10-02 14:57:26 -07:00
parent 9794026f6c
commit ece1dbe466
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
63 changed files with 180 additions and 265 deletions
Download patch file Download diff file Expand all files Collapse all files

32
hardware/oracle/common.nix
View file

@ -1,9 +1,9 @@
{ config, tf, meta, kw, pkgs, lib, inputs, ... }: let
{ config, tf, meta, nixfiles, pkgs, lib, inputs, ... }: let
oci-root = meta.deploy.targets.oci-root.tf;
cfg = config.kw.oci;
cfg = config.nixfiles.oci;
in
{
options.kw.oci = {
options.nixfiles.oci = {
base = lib.mkOption {
description = ''
Canonical Ubuntu provides an EXT4 root filesystem.
@ -86,19 +86,19 @@ in
interfaces = lib.singleton interface;
ipv4 = lib.mkOrder 1000 (tf.resources.${config.networking.hostName}.getAttr "public_ip");
ipv6 = let
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6;
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6;
ip = hostname: class: if hostname != config.networking.hostName then
if class == 6 then let
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6
else if class == 4 then
tf.resources.${config.networking.hostName}.importAttr "public_ip"
else throw "${config.networking.hostName}: IP for ${hostname} of ${toString class} is invalid."
else
if class == 6 then let
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.kw.oci.network.publicV6
prefix = lib.head (lib.splitString "/" (oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block"));
in assert lib.hasSuffix "::" prefix; prefix + toString config.nixfiles.oci.network.publicV6
else if class == 4 then
tf.resources.${config.networking.hostName}.getAttr "public_ip"
else throw "${config.networking.hostName}: IP for ${hostname} of ${toString class} is invalid.";
@ -111,7 +111,7 @@ in
deploy.tf =
let
compartment_id = oci-root.resources.oci_kw_compartment.importAttr "id";
compartment_id = oci-root.resources.oci_nixfiles_compartment.importAttr "id";
inherit (tf.lib.tf) terraformExpr;
in
{
@ -127,10 +127,10 @@ in
providers.oci = {
inputs = {
tenancy_ocid = oci-root.outputs.oci_tenancy.import;
user_ocid = oci-root.resources.oci_kw_user.importAttr "id";
fingerprint = oci-root.resources.oci_kw_apikey.importAttr "fingerprint";
user_ocid = oci-root.resources.oci_nixfiles_user.importAttr "id";
fingerprint = oci-root.resources.oci_nixfiles_apikey.importAttr "fingerprint";
region = oci-root.outputs.oci_region.import;
private_key_path = oci-root.resources.oci_kw_key_file.importAttr "filename";
private_key_path = oci-root.resources.oci_nixfiles_key_file.importAttr "filename";
};
};
resources = lib.mkMerge [{
@ -183,7 +183,7 @@ in
inputs = {
vnic_id = tf.resources."${config.networking.hostName}_vnic".refAttr "vnic_attachments[0].vnic_id";
display_name = config.networking.hostName;
ip_address = terraformExpr ''cidrhost("${oci-root.resources.oci_kw_subnet.importAttr "ipv6cidr_block"}", ${toString cfg.network.publicV6})'';
ip_address = terraformExpr ''cidrhost("${oci-root.resources.oci_nixfiles_subnet.importAttr "ipv6cidr_block"}", ${toString cfg.network.publicV6})'';
};
};
"${config.networking.hostName}" = {
@ -209,8 +209,8 @@ in
create_vnic_details = [
{
assign_public_ip = true;
subnet_id = oci-root.resources.oci_kw_subnet.importAttr "id";
private_ip = terraformExpr ''cidrhost("${oci-root.resources.oci_kw_subnet.importAttr "cidr_block"}", ${toString cfg.network.privateV4})'';
subnet_id = oci-root.resources.oci_nixfiles_subnet.importAttr "id";
private_ip = terraformExpr ''cidrhost("${oci-root.resources.oci_nixfiles_subnet.importAttr "cidr_block"}", ${toString cfg.network.privateV4})'';
nsg_ids = [
(tf.resources.firewall_group.refAttr "id")
];

4
hardware/oracle/default.nix
View file

@ -2,14 +2,14 @@
profiles = tree.prev;
appendedProfiles = with profiles; {
ubuntu = { config, ... }: {
kw.oci.base = "Canonical Ubuntu";
nixfiles.oci.base = "Canonical Ubuntu";
imports = with import (inputs.tf-nix + "/modules"); [
nixos.ubuntu-linux
common
];
};
oracle = { config, ... }: {
kw.oci.base = "Oracle Linux";
nixfiles.oci.base = "Oracle Linux";
imports = with import (inputs.tf-nix + "/modules"); [
nixos.oracle-linux
common

2
hardware/wifi.nix
View file

@ -4,7 +4,7 @@ let
inherit (lib.attrsets) mapListToAttrs nameValuePair;
inherit (lib.modules) mkIf;
in {
kw.secrets.variables = mapListToAttrs
secrets.variables = mapListToAttrs
(field:
nameValuePair "wireless-${field}" {
path = "secrets/wifi";