chore: Abstract machines and modules
All checks were successful
Check workflows / check_workflows (push) Successful in 21s
Run pre-commit on all files / check (push) Successful in 24s
Check meta / check_dns (pull_request) Successful in 19s
Check meta / check_meta (pull_request) Successful in 18s
Check workflows / check_workflows (pull_request) Successful in 19s
Build all the nodes / bridge01 (pull_request) Successful in 1m13s
Build all the nodes / geo01 (pull_request) Successful in 1m14s
Build all the nodes / compute01 (pull_request) Successful in 1m44s
Build all the nodes / geo02 (pull_request) Successful in 1m12s
Build all the nodes / rescue01 (pull_request) Successful in 1m30s
Build all the nodes / storage01 (pull_request) Successful in 1m29s
Build all the nodes / vault01 (pull_request) Successful in 1m26s
Build all the nodes / web02 (pull_request) Successful in 1m19s
Run pre-commit on all files / check (pull_request) Successful in 24s
Build all the nodes / web01 (pull_request) Successful in 1m56s
Build all the nodes / web03 (pull_request) Successful in 1m25s

This adds subdirectories for the different types of systems, for the
modules and the machines
This commit is contained in:
Tom Hubrecht 2024-12-08 13:22:07 +01:00
parent c3f4e7ade6
commit ecbad0a638
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
264 changed files with 49 additions and 38 deletions

View file

@ -14,10 +14,7 @@ let
nodes = builtins.attrNames nodes'; nodes = builtins.attrNames nodes';
mkNode = node: { mkNode = node: {
# Import the base configuration for each node deployment.systemType = system node;
imports = [ ./machines/${node}/_configuration.nix ];
deployment.systemType = "nixos";
}; };
nixpkgs' = import ./meta/nixpkgs.nix; nixpkgs' = import ./meta/nixpkgs.nix;
@ -28,6 +25,7 @@ let
# defaulting to the one defined in meta/nixpkgs # defaulting to the one defined in meta/nixpkgs
version = node: nodes'.${node}.nixpkgs.version; version = node: nodes'.${node}.nixpkgs.version;
system = node: nodes'.${node}.nixpkgs.system; system = node: nodes'.${node}.nixpkgs.system;
category = node: nixpkgs'.categories.${system node};
nodePkgs = node: nixpkgs.${system node}.${version node}; nodePkgs = node: nixpkgs.${system node}.${version node};
@ -77,6 +75,7 @@ let
meta = (import ./meta) lib; meta = (import ./meta) lib;
nodeMeta = meta.nodes.${node}; nodeMeta = meta.nodes.${node};
nodePath = "machines/${category node}/${node}";
}; };
in in
@ -97,23 +96,32 @@ in
nixos = { nixos = {
evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args; evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args;
defaults = defaults =
{ name, nodeMeta, ... }: {
name,
nodeMeta,
nodePath,
sourcePkgs,
...
}:
{ {
# Import the default modules # Import the default modules
imports = [ imports = [
./modules # Import the base configuration for each node
./${nodePath}/_configuration.nix
./modules/generic
(import "${sources.lix-module}/module.nix" { inherit (sources) lix; }) (import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
./modules/${category name}
]; ];
# Include default secrets # Include default secrets
age-secrets.sources = [ ./machines/${name}/secrets ]; age-secrets.sources = [ ./${nodePath}/secrets ];
# Deployment config is specified in meta.nodes.${node}.deployment # Deployment config is specified in meta.nodes.${node}.deployment
inherit (nodeMeta) deployment; inherit (nodeMeta) deployment;
nix = { nix = {
# Set NIX_PATH to the patched version of nixpkgs # Set NIX_PATH to the patched version of nixpkgs
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ]; nixPath = [ "nixpkgs=${sourcePkgs.path}" ];
optimise.automatic = true; optimise.automatic = true;
gc = { gc = {

View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "bridg01" ] [
# List of secrets for bridge01
]

View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "geo01" ] [
# List of secrets for geo01
]

View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "geo02" ] [
# List of secrets for geo02
]

View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "bridg01" ] [
# List of secrets for bridge01
]

View file

@ -1,4 +1,4 @@
(import ../../../../keys).mkSecrets [ "compute01" ] [ (import ../../../../../keys).mkSecrets [ "compute01" ] [
"kanidm-password_admin" "kanidm-password_admin"
"kanidm-password_idm_admin" "kanidm-password_idm_admin"
] ]

View file

@ -1,4 +1,4 @@
(import ../../../keys).mkSecrets [ "compute01" ] [ (import ../../../../keys).mkSecrets [ "compute01" ] [
# List of secrets for compute01 # List of secrets for compute01
"arkheon-env_file" "arkheon-env_file"
"bupstash-put_key" "bupstash-put_key"

View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "geo01" ] [
# List of secrets for geo01
]

View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "geo02" ] [
# List of secrets for geo02
]

View file

@ -1,4 +1,4 @@
(import ../../../keys).mkSecrets [ "rescue01" ] [ (import ../../../../keys).mkSecrets [ "rescue01" ] [
# List of secrets for rescue01 # List of secrets for rescue01
"stateless-uptime-kuma-password" "stateless-uptime-kuma-password"
] ]

Some files were not shown because too many files have changed in this diff Show more