From 9f6d0fbaf88f1f2a4936f4f449f82edd8a8a3f8f Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Wed, 18 Sep 2024 03:06:48 +0100 Subject: [PATCH 1/3] treewide: move all deployment keys to flake.nix --- common/base-server/default.nix | 1 - flake.nix | 26 ++++++++++++++++++++++++++ hosts/kalessin/default.nix | 4 ---- hosts/kilgharrah/default.nix | 5 ----- hosts/orm/default.nix | 1 - hosts/tohru/default.nix | 5 ----- hosts/yevaud/default.nix | 1 - 7 files changed, 26 insertions(+), 17 deletions(-) diff --git a/common/base-server/default.nix b/common/base-server/default.nix index 47a82fa..c074c3c 100644 --- a/common/base-server/default.nix +++ b/common/base-server/default.nix @@ -11,7 +11,6 @@ in time.timeZone = "Etc/UTC"; # Allow remote deployment with colmena - deployment.targetUser = null; security.sudo.wheelNeedsPassword = false; nix.settings.trusted-users = [ "@wheel" ]; }; diff --git a/flake.nix b/flake.nix index b1a2ac9..0a20e84 100644 --- a/flake.nix +++ b/flake.nix @@ -78,6 +78,32 @@ yevaud.imports = [ ./hosts/yevaud ]; orm.imports = [ ./hosts/orm ]; kalessin.imports = [ ./hosts/kalessin ]; + + kilgharrah.deployment = { + allowLocalDeployment = true; + targetHost = null; # disallow remote deployment + }; + + tohru.deployment = { + allowLocalDeployment = true; + targetHost = null; # disallow remote deployment + }; + + yevaud.deployment = { + targetHost = "yevaud.birdsong.network"; + targetUser = null; + }; + + orm.deployment = { + targetHost = "orm.birdsong.network"; + targetUser = null; + }; + + kalessin.deployment = { + targetHost = "kalessin.birdsong.network"; + targetUser = null; + buildOnTarget = true; + }; }; # TODO: have this work on other systems too diff --git a/hosts/kalessin/default.nix b/hosts/kalessin/default.nix index e3c08a6..d1a568b 100644 --- a/hosts/kalessin/default.nix +++ b/hosts/kalessin/default.nix @@ -6,10 +6,6 @@ ]; networking.hostId = "534b538e"; - deployment = { - targetHost = "kalessin.birdsong.network"; - buildOnTarget = true; - }; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/hosts/kilgharrah/default.nix b/hosts/kilgharrah/default.nix index 4418b4a..0ebc881 100644 --- a/hosts/kilgharrah/default.nix +++ b/hosts/kilgharrah/default.nix @@ -11,11 +11,6 @@ nixpkgs.hostPlatform = "x86_64-linux"; networking.hostId = "72885bb5"; - deployment = { - allowLocalDeployment = true; - targetHost = null; # disallow remote deployment - }; - qenya.base-graphical.enable = true; qenya.base-graphical.desktop = "plasma6"; diff --git a/hosts/orm/default.nix b/hosts/orm/default.nix index 4b6e346..3753fcc 100644 --- a/hosts/orm/default.nix +++ b/hosts/orm/default.nix @@ -6,7 +6,6 @@ ]; networking.hostId = "00000000"; - deployment.targetHost = "orm.birdsong.network"; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/hosts/tohru/default.nix b/hosts/tohru/default.nix index 53fb544..a071c2b 100644 --- a/hosts/tohru/default.nix +++ b/hosts/tohru/default.nix @@ -13,11 +13,6 @@ nixpkgs.hostPlatform = "x86_64-linux"; networking.hostId = "31da19c1"; - deployment = { - allowLocalDeployment = true; - targetHost = null; # disallow remote deployment - }; - qenya.base-graphical.enable = true; time.timeZone = "Europe/London"; diff --git a/hosts/yevaud/default.nix b/hosts/yevaud/default.nix index 18f868a..eebd456 100644 --- a/hosts/yevaud/default.nix +++ b/hosts/yevaud/default.nix @@ -6,7 +6,6 @@ ]; networking.hostId = "09673d65"; - deployment.targetHost = "yevaud.birdsong.network"; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; From f6010a968c6ae560f23c2314e38b621cf3124052 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Wed, 18 Sep 2024 03:13:34 +0100 Subject: [PATCH 2/3] treewide: specify hostname in host configs --- flake.nix | 2 -- hosts/kalessin/default.nix | 1 + hosts/kilgharrah/default.nix | 1 + hosts/orm/default.nix | 1 + hosts/tohru/default.nix | 1 + hosts/yevaud/default.nix | 1 + 6 files changed, 5 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 0a20e84..384fd1d 100644 --- a/flake.nix +++ b/flake.nix @@ -51,8 +51,6 @@ }; defaults = { name, nodes, ... }: { - networking.hostName = name; - nix.settings.experimental-features = "nix-command flakes"; nix.nixPath = [ "nixpkgs=flake:nixpkgs" ]; nixpkgs.config.allowUnfree = true; diff --git a/hosts/kalessin/default.nix b/hosts/kalessin/default.nix index d1a568b..aeb39a6 100644 --- a/hosts/kalessin/default.nix +++ b/hosts/kalessin/default.nix @@ -5,6 +5,7 @@ ./hardware-configuration.nix ]; + networking.hostName = "kalessin"; networking.hostId = "534b538e"; boot.loader.systemd-boot.enable = true; diff --git a/hosts/kilgharrah/default.nix b/hosts/kilgharrah/default.nix index 0ebc881..00daac3 100644 --- a/hosts/kilgharrah/default.nix +++ b/hosts/kilgharrah/default.nix @@ -9,6 +9,7 @@ ]; nixpkgs.hostPlatform = "x86_64-linux"; + networking.hostName = "kilgharrah"; networking.hostId = "72885bb5"; qenya.base-graphical.enable = true; diff --git a/hosts/orm/default.nix b/hosts/orm/default.nix index 3753fcc..c76bd6b 100644 --- a/hosts/orm/default.nix +++ b/hosts/orm/default.nix @@ -5,6 +5,7 @@ ./hardware-configuration.nix ]; + networking.hostName = "orm"; networking.hostId = "00000000"; boot.loader.systemd-boot.enable = true; diff --git a/hosts/tohru/default.nix b/hosts/tohru/default.nix index a071c2b..c5b1fef 100644 --- a/hosts/tohru/default.nix +++ b/hosts/tohru/default.nix @@ -11,6 +11,7 @@ ]; nixpkgs.hostPlatform = "x86_64-linux"; + networking.hostName = "tohru"; networking.hostId = "31da19c1"; qenya.base-graphical.enable = true; diff --git a/hosts/yevaud/default.nix b/hosts/yevaud/default.nix index eebd456..b620f43 100644 --- a/hosts/yevaud/default.nix +++ b/hosts/yevaud/default.nix @@ -5,6 +5,7 @@ ./hardware-configuration.nix ]; + networking.hostName = "yevaud"; networking.hostId = "09673d65"; boot.loader.systemd-boot.enable = true; From a938b33679575ae5870e7f73af24e318a034084c Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Wed, 18 Sep 2024 03:49:56 +0100 Subject: [PATCH 3/3] export nixos configurations as standard flake outputs --- flake.nix | 87 ++++++++++++++++++++++++++----------------------------- 1 file changed, 41 insertions(+), 46 deletions(-) diff --git a/flake.nix b/flake.nix index 384fd1d..71aa94d 100644 --- a/flake.nix +++ b/flake.nix @@ -27,6 +27,36 @@ }; outputs = inputs@{ self, nixpkgs, home-manager, plasma-manager, nur, agenix, birdsong, ... }: { + nixosModules.default = { + nix.settings.experimental-features = "nix-command flakes"; + nix.nixPath = [ "nixpkgs=flake:nixpkgs" ]; + nixpkgs.config.allowUnfree = true; + + nixpkgs.overlays = [ nur.overlay ]; + + # TODO: make this or something like it work without infinite recursion + # home-manager.users."qenya" = lib.mkIf (config.users.users ? "qenya") self.homeManagerModules."qenya"; + home-manager.users."qenya" = self.homeManagerModules."qenya"; + + imports = [ + home-manager.nixosModules.home-manager + nur.nixosModules.nur + agenix.nixosModules.default + birdsong.nixosModules.default + ./common + ./services + ]; + }; + + # TODO: simplify + nixosConfigurations = { + "kilgharrah" = nixpkgs.lib.nixosSystem { modules = [ ./hosts/kilgharrah self.nixosModules.default ]; }; + "tohru" = nixpkgs.lib.nixosSystem { modules = [ ./hosts/tohru self.nixosModules.default ]; }; + "yevaud" = nixpkgs.lib.nixosSystem { modules = [ ./hosts/yevaud self.nixosModules.default ]; }; + "orm" = nixpkgs.lib.nixosSystem { modules = [ ./hosts/orm self.nixosModules.default ]; }; + "kalessin" = nixpkgs.lib.nixosSystem { modules = [ ./hosts/kalessin self.nixosModules.default ]; }; + }; + # The name of this output type is not standardised. I have picked # "homeManagerModules" as the discussion here suggests it's the most common: # https://github.com/nix-community/home-manager/issues/1783 @@ -45,63 +75,28 @@ colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; - nodeNixpkgs = { - kalessin = import nixpkgs { system = "aarch64-linux"; }; # TODO: this should be generated from the host config somehow - }; - }; - - defaults = { name, nodes, ... }: { - nix.settings.experimental-features = "nix-command flakes"; - nix.nixPath = [ "nixpkgs=flake:nixpkgs" ]; - nixpkgs.config.allowUnfree = true; - - nixpkgs.overlays = [ nur.overlay ]; - - # TODO: make this or something like it work without infinite recursion - # home-manager.users."qenya" = lib.mkIf (config.users.users ? "qenya") self.homeManagerModules."qenya"; - home-manager.users."qenya" = self.homeManagerModules."qenya"; - - imports = [ - home-manager.nixosModules.home-manager - nur.nixosModules.nur - agenix.nixosModules.default - birdsong.nixosModules.default - ./common - ./services - ]; + nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) self.nixosConfigurations; }; + # TODO: eliminate duplication with nixosConfigurations + defaults.imports = [ self.nixosModules.default ]; kilgharrah.imports = [ ./hosts/kilgharrah ]; tohru.imports = [ ./hosts/tohru ]; yevaud.imports = [ ./hosts/yevaud ]; orm.imports = [ ./hosts/orm ]; kalessin.imports = [ ./hosts/kalessin ]; - kilgharrah.deployment = { + defaults.deployment = { allowLocalDeployment = true; - targetHost = null; # disallow remote deployment - }; - - tohru.deployment = { - allowLocalDeployment = true; - targetHost = null; # disallow remote deployment - }; - - yevaud.deployment = { - targetHost = "yevaud.birdsong.network"; - targetUser = null; - }; - - orm.deployment = { - targetHost = "orm.birdsong.network"; - targetUser = null; - }; - - kalessin.deployment = { - targetHost = "kalessin.birdsong.network"; - targetUser = null; buildOnTarget = true; + targetUser = null; }; + + kilgharrah.deployment.targetHost = null; + tohru.deployment.targetHost = null; + yevaud.deployment.targetHost = "yevaud.birdsong.network"; + orm.deployment.targetHost = "orm.birdsong.network"; + kalessin.deployment.targetHost = "kalessin.birdsong.network"; }; # TODO: have this work on other systems too