chore: Abstract machines and modules
All checks were successful
Check workflows / check_workflows (push) Successful in 21s
Run pre-commit on all files / check (push) Successful in 24s
Check meta / check_dns (pull_request) Successful in 19s
Check meta / check_meta (pull_request) Successful in 18s
Check workflows / check_workflows (pull_request) Successful in 19s
Build all the nodes / bridge01 (pull_request) Successful in 1m13s
Build all the nodes / geo01 (pull_request) Successful in 1m14s
Build all the nodes / compute01 (pull_request) Successful in 1m44s
Build all the nodes / geo02 (pull_request) Successful in 1m12s
Build all the nodes / rescue01 (pull_request) Successful in 1m30s
Build all the nodes / storage01 (pull_request) Successful in 1m29s
Build all the nodes / vault01 (pull_request) Successful in 1m26s
Build all the nodes / web02 (pull_request) Successful in 1m19s
Run pre-commit on all files / check (pull_request) Successful in 24s
Build all the nodes / web01 (pull_request) Successful in 1m56s
Build all the nodes / web03 (pull_request) Successful in 1m25s
All checks were successful
Check workflows / check_workflows (push) Successful in 21s
Run pre-commit on all files / check (push) Successful in 24s
Check meta / check_dns (pull_request) Successful in 19s
Check meta / check_meta (pull_request) Successful in 18s
Check workflows / check_workflows (pull_request) Successful in 19s
Build all the nodes / bridge01 (pull_request) Successful in 1m13s
Build all the nodes / geo01 (pull_request) Successful in 1m14s
Build all the nodes / compute01 (pull_request) Successful in 1m44s
Build all the nodes / geo02 (pull_request) Successful in 1m12s
Build all the nodes / rescue01 (pull_request) Successful in 1m30s
Build all the nodes / storage01 (pull_request) Successful in 1m29s
Build all the nodes / vault01 (pull_request) Successful in 1m26s
Build all the nodes / web02 (pull_request) Successful in 1m19s
Run pre-commit on all files / check (pull_request) Successful in 24s
Build all the nodes / web01 (pull_request) Successful in 1m56s
Build all the nodes / web03 (pull_request) Successful in 1m25s
This adds subdirectories for the different types of systems, for the modules and the machines
This commit is contained in:
parent
c3f4e7ade6
commit
ecbad0a638
264 changed files with 49 additions and 38 deletions
24
hive.nix
24
hive.nix
|
@ -14,10 +14,7 @@ let
|
||||||
nodes = builtins.attrNames nodes';
|
nodes = builtins.attrNames nodes';
|
||||||
|
|
||||||
mkNode = node: {
|
mkNode = node: {
|
||||||
# Import the base configuration for each node
|
deployment.systemType = system node;
|
||||||
imports = [ ./machines/${node}/_configuration.nix ];
|
|
||||||
|
|
||||||
deployment.systemType = "nixos";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs' = import ./meta/nixpkgs.nix;
|
nixpkgs' = import ./meta/nixpkgs.nix;
|
||||||
|
@ -28,6 +25,7 @@ let
|
||||||
# defaulting to the one defined in meta/nixpkgs
|
# defaulting to the one defined in meta/nixpkgs
|
||||||
version = node: nodes'.${node}.nixpkgs.version;
|
version = node: nodes'.${node}.nixpkgs.version;
|
||||||
system = node: nodes'.${node}.nixpkgs.system;
|
system = node: nodes'.${node}.nixpkgs.system;
|
||||||
|
category = node: nixpkgs'.categories.${system node};
|
||||||
|
|
||||||
nodePkgs = node: nixpkgs.${system node}.${version node};
|
nodePkgs = node: nixpkgs.${system node}.${version node};
|
||||||
|
|
||||||
|
@ -77,6 +75,7 @@ let
|
||||||
meta = (import ./meta) lib;
|
meta = (import ./meta) lib;
|
||||||
|
|
||||||
nodeMeta = meta.nodes.${node};
|
nodeMeta = meta.nodes.${node};
|
||||||
|
nodePath = "machines/${category node}/${node}";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
|
||||||
|
@ -97,23 +96,32 @@ in
|
||||||
nixos = {
|
nixos = {
|
||||||
evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args;
|
evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args;
|
||||||
defaults =
|
defaults =
|
||||||
{ name, nodeMeta, ... }:
|
{
|
||||||
|
name,
|
||||||
|
nodeMeta,
|
||||||
|
nodePath,
|
||||||
|
sourcePkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
# Import the default modules
|
# Import the default modules
|
||||||
imports = [
|
imports = [
|
||||||
./modules
|
# Import the base configuration for each node
|
||||||
|
./${nodePath}/_configuration.nix
|
||||||
|
./modules/generic
|
||||||
(import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
|
(import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
|
||||||
|
./modules/${category name}
|
||||||
];
|
];
|
||||||
|
|
||||||
# Include default secrets
|
# Include default secrets
|
||||||
age-secrets.sources = [ ./machines/${name}/secrets ];
|
age-secrets.sources = [ ./${nodePath}/secrets ];
|
||||||
|
|
||||||
# Deployment config is specified in meta.nodes.${node}.deployment
|
# Deployment config is specified in meta.nodes.${node}.deployment
|
||||||
inherit (nodeMeta) deployment;
|
inherit (nodeMeta) deployment;
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
# Set NIX_PATH to the patched version of nixpkgs
|
# Set NIX_PATH to the patched version of nixpkgs
|
||||||
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
|
nixPath = [ "nixpkgs=${sourcePkgs.path}" ];
|
||||||
optimise.automatic = true;
|
optimise.automatic = true;
|
||||||
|
|
||||||
gc = {
|
gc = {
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
(import ../../../keys).mkSecrets [ "bridg01" ] [
|
|
||||||
# List of secrets for bridge01
|
|
||||||
]
|
|
|
@ -1,3 +0,0 @@
|
||||||
(import ../../../keys).mkSecrets [ "geo01" ] [
|
|
||||||
# List of secrets for geo01
|
|
||||||
]
|
|
|
@ -1,3 +0,0 @@
|
||||||
(import ../../../keys).mkSecrets [ "geo02" ] [
|
|
||||||
# List of secrets for geo02
|
|
||||||
]
|
|
3
machines/nixos/bridge01/secrets/secrets.nix
Normal file
3
machines/nixos/bridge01/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
(import ../../../../keys).mkSecrets [ "bridg01" ] [
|
||||||
|
# List of secrets for bridge01
|
||||||
|
]
|
|
@ -1,4 +1,4 @@
|
||||||
(import ../../../../keys).mkSecrets [ "compute01" ] [
|
(import ../../../../../keys).mkSecrets [ "compute01" ] [
|
||||||
"kanidm-password_admin"
|
"kanidm-password_admin"
|
||||||
"kanidm-password_idm_admin"
|
"kanidm-password_idm_admin"
|
||||||
]
|
]
|
|
@ -1,4 +1,4 @@
|
||||||
(import ../../../keys).mkSecrets [ "compute01" ] [
|
(import ../../../../keys).mkSecrets [ "compute01" ] [
|
||||||
# List of secrets for compute01
|
# List of secrets for compute01
|
||||||
"arkheon-env_file"
|
"arkheon-env_file"
|
||||||
"bupstash-put_key"
|
"bupstash-put_key"
|
3
machines/nixos/geo01/secrets/secrets.nix
Normal file
3
machines/nixos/geo01/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
(import ../../../../keys).mkSecrets [ "geo01" ] [
|
||||||
|
# List of secrets for geo01
|
||||||
|
]
|
3
machines/nixos/geo02/secrets/secrets.nix
Normal file
3
machines/nixos/geo02/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
(import ../../../../keys).mkSecrets [ "geo02" ] [
|
||||||
|
# List of secrets for geo02
|
||||||
|
]
|
|
@ -1,4 +1,4 @@
|
||||||
(import ../../../keys).mkSecrets [ "rescue01" ] [
|
(import ../../../../keys).mkSecrets [ "rescue01" ] [
|
||||||
# List of secrets for rescue01
|
# List of secrets for rescue01
|
||||||
"stateless-uptime-kuma-password"
|
"stateless-uptime-kuma-password"
|
||||||
]
|
]
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue