From 8cbfb51930afbd828f9add0956078482186276de Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Thu, 19 Sep 2024 23:06:08 +0100
Subject: [PATCH] move deployment config

---
 common/base-server/default.nix |  1 +
 flake.nix                      | 44 ++++++++++++++++++----------------
 2 files changed, 24 insertions(+), 21 deletions(-)

diff --git a/common/base-server/default.nix b/common/base-server/default.nix
index c074c3c..47a82fa 100644
--- a/common/base-server/default.nix
+++ b/common/base-server/default.nix
@@ -11,6 +11,7 @@ in
     time.timeZone = "Etc/UTC";
 
     # Allow remote deployment with colmena
+    deployment.targetUser = null;
     security.sudo.wheelNeedsPassword = false;
     nix.settings.trusted-users = [ "@wheel" ];
   };
diff --git a/flake.nix b/flake.nix
index 50a5c8a..4cafa05 100644
--- a/flake.nix
+++ b/flake.nix
@@ -64,33 +64,35 @@
         specialArgs = { inherit inputs; };
       };
 
-      defaults.imports = [
-        home-manager.nixosModules.home-manager
-        nur.nixosModules.nur
-        { nixpkgs.overlays = [ nur.overlay ]; }
-        agenix.nixosModules.default
-        birdsong.nixosModules.default
-        ./common
-        ./services
-      ];
+      defaults = { config, lib, pkgs, ... }: {
+        # disable remote deployment by default
+        # (can stil build locally with nixos-rebuild)
+        deployment.targetHost = lib.mkDefault null;
+
+        # TODO: set up some remote builders
+        # until this is done, as we have multiple architectures, safer to build on target
+        deployment.buildOnTarget = true;
+
+        imports = [
+          home-manager.nixosModules.home-manager
+          nur.nixosModules.nur
+          { nixpkgs.overlays = [ nur.overlay ]; }
+          agenix.nixosModules.default
+          birdsong.nixosModules.default
+          ./common
+          ./services
+        ];
+      };
+
+      yevaud.deployment.targetHost = "yevaud.birdsong.network";
+      orm.deployment.targetHost = "orm.birdsong.network";
+      kalessin.deployment.targetHost = "kalessin.birdsong.network";
 
       kilgharrah.imports = [ ./hosts/kilgharrah ];
       tohru.imports = [ ./hosts/tohru ];
       yevaud.imports = [ ./hosts/yevaud ];
       orm.imports = [ ./hosts/orm ];
       kalessin.imports = [ ./hosts/kalessin ];
-
-      defaults.deployment = {
-        allowLocalDeployment = true;
-        buildOnTarget = true;
-        targetUser = null;
-      };
-
-      kilgharrah.deployment.targetHost = null;
-      tohru.deployment.targetHost = null;
-      yevaud.deployment.targetHost = "yevaud.birdsong.network";
-      orm.deployment.targetHost = "orm.birdsong.network";
-      kalessin.deployment.targetHost = "kalessin.birdsong.network";
     };
 
     # TODO: have this work on other systems too