2024-09-26 11:51:04 +02:00
|
|
|
{
|
|
|
|
lib,
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
with lib;
|
|
|
|
{
|
|
|
|
imports = [
|
|
|
|
./users
|
|
|
|
./root.nix
|
|
|
|
];
|
|
|
|
options.kat = {
|
2024-10-02 16:11:49 +02:00
|
|
|
wireguardPubKey = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
};
|
2024-09-26 11:51:04 +02:00
|
|
|
path = mkOption {
|
|
|
|
readOnly = true;
|
|
|
|
type = types.path;
|
|
|
|
};
|
|
|
|
anywhere = lib.mkOption {
|
|
|
|
type = lib.types.package;
|
|
|
|
readOnly = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
config = {
|
|
|
|
kat = {
|
|
|
|
path = ./.;
|
|
|
|
anywhere = pkgs.writeShellApplication {
|
|
|
|
name = "anywhere-deploy_${name}.sh";
|
|
|
|
runtimeInputs = [ pkgs.nixos-anywhere ];
|
|
|
|
# --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz
|
|
|
|
text = ''
|
|
|
|
nixos-anywhere --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
boot.tmp.useTmpfs = true;
|
2024-10-02 16:11:49 +02:00
|
|
|
networking = {
|
|
|
|
useNetworkd = true;
|
|
|
|
nftables.enable = true;
|
|
|
|
};
|
|
|
|
systemd.network.enable = true;
|
2024-09-26 11:51:04 +02:00
|
|
|
nix = {
|
|
|
|
nixPath = [
|
|
|
|
"nixpkgs=${builtins.storePath pkgs.path}"
|
|
|
|
"nixos=${builtins.storePath pkgs.path}"
|
|
|
|
];
|
|
|
|
channel.enable = false;
|
|
|
|
settings.nix-path = config.nix.nixPath;
|
|
|
|
package = pkgs.lix;
|
|
|
|
};
|
|
|
|
services = {
|
|
|
|
resolved.enable = !config.boot.isContainer;
|
|
|
|
openssh.settings = {
|
|
|
|
ClientAliveInterval = 60;
|
|
|
|
ClientAliveCountMax = 1;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|