diff --git a/hive.nix b/hive.nix index 1dee3cb..709cb4d 100644 --- a/hive.nix +++ b/hive.nix @@ -3,6 +3,11 @@ let users = import ./users; sources = import ./npins; mkNixpkgsSrc = (import sources.nix-patches { patchFile = ./patches; }).mkNixpkgsSrc; + lib = + (import (mkNixpkgsSrc { + src = sources.nixpkgs; + version = "unstable"; + }) { }).lib; in { meta = { @@ -20,204 +25,15 @@ in }; defaults = { - nodes, name, - pkgs, - lib, - config, ... }: { - imports = [ - ./kat - ]; + imports = [ ./kat ]; networking.hostName = name; }; - - kat-probook = - { users, ... }: - { - deployment.allowLocalDeployment = true; - - imports = [ - ./machines/kat-probook - users.catvayor - ]; - nix.settings.trusted-users = [ - "root" - "@wheel" - ]; - }; - - kat-manah = - { users, ... }: - { - deployment.targetHost = "manah.kat"; - services.openssh.enable = true; - kat.fqdn = "manah.katvayor.net"; - imports = [ - ./machines/kat-manah - ]; - }; - - kat-watcher = - { users, ... }: - { - deployment.targetHost = "watcher.kat"; - services.openssh.enable = true; - kat.fqdn = "watcher.katvayor.net"; - imports = [ - ./machines/kat-watcher - ]; - }; - - kat-virt = - { ssh-keys, ... }: - { - deployment = { - targetHost = "virt.kat"; - tags = [ "kat-vms" ]; - }; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; - kat.fqdn = "degette.katvayor.net"; - - imports = [ - ./machines/kat-virt - ]; - users.users.root.openssh.authorizedKeys.keys = with ssh-keys; sylvain ++ gaby; - }; - - kat-mail-test = - { ssh-keys, ... }: - { - deployment = { - targetHost = "mail-test.kat"; - tags = [ "kat-vms" ]; - }; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; - kat.fqdn = "betamail.katvayor.net"; - - imports = [ - ./machines/kat-mail-test - ]; - users.users.root.openssh.authorizedKeys.keys = ssh-keys.sylvain; - }; - - kat-son = - { users, ... }: - { - deployment = { - targetHost = "son.kat"; - tags = [ "kat-vms" ]; - }; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; - kat.fqdn = "son.katvayor.net"; - imports = [ - ./machines/kat-son - ]; - }; - - kat-orchid = - { users, ... }: - { - deployment = { - targetHost = "orchid.kat"; - tags = [ "kat-vms" ]; - }; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; - kat.fqdn = "orchid.katvayor.net"; - imports = [ - ./machines/kat-orchid - ]; - }; - - kat-iso = - { - users, - pkgs, - modulesPath, - lib, - ... - }: - { - deployment = { - allowLocalDeployment = false; - targetHost = null; - }; - - imports = [ - (modulesPath + "/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix") - ]; - - networking = { - networkmanager.enable = true; - wireless.enable = false; - }; - console.keyMap = "fr"; - - environment.systemPackages = with pkgs; [ - perl - git - ]; - programs.zsh.enable = true; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.supportedFilesystems = { - bcachefs = true; - zfs = lib.mkForce false; - }; - boot.kernelParams = [ "console=ttyS0" ]; - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; - services.getty.autologinUser = lib.mkForce "root"; - system.stateVersion = lib.mkForce "24.11"; - }; - - kat-kexec = - { - users, - pkgs, - modulesPath, - lib, - ... - }: - { - deployment = { - allowLocalDeployment = false; - targetHost = null; - }; - - imports = [ - ("${sources.nixos-images}/nix/kexec-installer/module.nix") - ]; - - networking = { - networkmanager.enable = false; - wireless.enable = false; - }; - console.keyMap = "fr"; - - environment.systemPackages = with pkgs; [ - perl - git - ]; - programs.zsh.enable = true; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; - boot.supportedFilesystems = { - bcachefs = true; - zfs = lib.mkForce false; - }; - services.getty.autologinUser = lib.mkForce "root"; - system.stateVersion = lib.mkForce "24.11"; - }; } +// lib.mapAttrs' (name: _: { + name = lib.removeSuffix ".nix" name; + value = import ./machines/${name}; +}) (builtins.readDir ./machines) diff --git a/kat/users/default.nix b/kat/users/default.nix index 840a656..a864d74 100644 --- a/kat/users/default.nix +++ b/kat/users/default.nix @@ -5,13 +5,18 @@ let in { imports = [ (import ./zsh.nix).system ]; - home-manager.sharedModules = [{ - imports = [ zsh.user ./neovim ]; - # options.kat = { - # ssh = mkEnableOption "ssh configuration"; - # }; - config = { - home.stateVersion = config.system.stateVersion; - }; - }]; + home-manager.sharedModules = [ + { + imports = [ + zsh.user + ./neovim + ]; + # options.kat = { + # ssh = mkEnableOption "ssh configuration"; + # }; + config = { + home.stateVersion = config.system.stateVersion; + }; + } + ]; } diff --git a/machines/kat-iso.nix b/machines/kat-iso.nix new file mode 100644 index 0000000..b3aee3a --- /dev/null +++ b/machines/kat-iso.nix @@ -0,0 +1,44 @@ +{ + pkgs, + modulesPath, + lib, + ... +}: +{ + deployment = { + allowLocalDeployment = false; + targetHost = null; + }; + + imports = [ + (modulesPath + "/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix") + ]; + + boot = { + supportedFilesystems = { + bcachefs = true; + zfs = lib.mkForce false; + }; + kernelParams = [ "console=ttyS0" ]; + kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + }; + + networking = { + networkmanager.enable = true; + wireless.enable = false; + }; + console.keyMap = "fr"; + + environment.systemPackages = with pkgs; [ + perl + git + ]; + programs.zsh.enable = true; + services = { + openssh.enable = true; + qemuGuest.enable = true; + getty.autologinUser = lib.mkForce "root"; + }; + + system.stateVersion = lib.mkForce "24.11"; +} diff --git a/machines/kat-kexec.nix b/machines/kat-kexec.nix new file mode 100644 index 0000000..55016c4 --- /dev/null +++ b/machines/kat-kexec.nix @@ -0,0 +1,45 @@ +{ + pkgs, + modulesPath, + lib, + sources, + ... +}: +{ + deployment = { + allowLocalDeployment = false; + targetHost = null; + }; + + imports = [ + ("${sources.nixos-images}/nix/kexec-installer/module.nix") + ]; + + boot = { + kernelParams = [ "console=ttyS0" ]; + kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + supportedFilesystems = { + bcachefs = true; + zfs = lib.mkForce false; + }; + }; + + networking = { + networkmanager.enable = false; + wireless.enable = false; + }; + console.keyMap = "fr"; + + environment.systemPackages = with pkgs; [ + perl + git + ]; + programs.zsh.enable = true; + services = { + openssh.enable = true; + qemuGuest.enable = true; + getty.autologinUser = lib.mkForce "root"; + }; + + system.stateVersion = lib.mkForce "24.11"; +} diff --git a/machines/kat-mail-test/default.nix b/machines/kat-mail-test/default.nix index 3bbfb78..57c40ff 100644 --- a/machines/kat-mail-test/default.nix +++ b/machines/kat-mail-test/default.nix @@ -4,12 +4,17 @@ pkgs, nodes, sources, + ssh-keys, ... }: let host = "catvayor.sh"; in { + deployment = { + targetHost = "mail-test.kat"; + tags = [ "kat-vms" ]; + }; imports = [ "${sources.nixos-mailserver}" ./hardware-configuration.nix @@ -17,26 +22,34 @@ in ./modo.nix ]; - kat.proxies = { - ip = "192.168.122.3"; - aliases = [ "catvayor.sh" ]; - open-tcp = [ - { - internal = 22; - external = 22002; - } - 25 - 465 - 993 - ]; + users.users.root.openssh.authorizedKeys.keys = ssh-keys.sylvain; + + kat = { + fqdn = "betamail.katvayor.net"; + wireguardPubKey = "Znj451+hGJcPV1zFgpRMA8hg8edmUInA5zBtYBUuL3k="; + proxies = { + ip = "192.168.122.3"; + aliases = [ "catvayor.sh" ]; + open-tcp = [ + { + internal = 22; + external = 22002; + } + 25 + 465 + 993 + ]; + }; }; - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelParams = [ "console=ttyS0" ]; }; - kat.wireguardPubKey = "Znj451+hGJcPV1zFgpRMA8hg8edmUInA5zBtYBUuL3k="; systemd.network = { networks = { "10-enp1s0" = { @@ -87,25 +100,28 @@ in }; }; - networking.useDHCP = false; - - services.openssh.enable = true; - - networking.firewall.enable = false; + networking = { + useDHCP = false; + firewall.enable = false; + }; security.acme = { acceptTerms = true; defaults.email = "root@katvayor.net"; }; - services.nginx = { - enable = true; - virtualHosts."catvayor.sh".enableACME = true; - virtualHosts."betamail.katvayor.net" = { - enableACME = true; - addSSL = true; - locations."/" = { - recommendedProxySettings = true; - proxyPass = "http://localhost:8000/"; + services = { + openssh.enable = true; + qemuGuest.enable = true; + nginx = { + enable = true; + virtualHosts."catvayor.sh".enableACME = true; + virtualHosts."betamail.katvayor.net" = { + enableACME = true; + addSSL = true; + locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://localhost:8000/"; + }; }; }; }; diff --git a/machines/kat-mail-test/disks.nix b/machines/kat-mail-test/disks.nix index 6c59a85..16a2ee4 100644 --- a/machines/kat-mail-test/disks.nix +++ b/machines/kat-mail-test/disks.nix @@ -22,7 +22,10 @@ type = "filesystem"; format = "bcachefs"; mountpoint = "/"; - mountOptions = [ "fsck" "fix_errors" ]; + mountOptions = [ + "fsck" + "fix_errors" + ]; }; }; }; diff --git a/machines/kat-manah/default.nix b/machines/kat-manah/default.nix index 2c3e38c..b6d66ac 100644 --- a/machines/kat-manah/default.nix +++ b/machines/kat-manah/default.nix @@ -6,6 +6,8 @@ ... }: { + deployment.targetHost = "manah.kat"; + imports = [ ./hardware-configuration.nix ]; @@ -22,7 +24,24 @@ ]; }; - kat.wireguardPubKey = "2rMQV5fyBhl7t/0j70iPOfEr/lAWQfLXQKMwtzaXxnM="; + kat = { + fqdn = "manah.katvayor.net"; + proxies = { + ip = "10.42.0.1"; + open-tcp = [ + 9000 + 9500 + ]; + redirects = [ + "kat-orchid" + "kat-son" + "kat-virt" + "kat-mail-test" + ]; + }; + wireguardPubKey = "2rMQV5fyBhl7t/0j70iPOfEr/lAWQfLXQKMwtzaXxnM="; + }; + systemd.network = { enable = true; networks = { @@ -60,8 +79,6 @@ tcpdump ]; - services.openssh.enable = true; - programs.virt-manager.enable = true; virtualisation.libvirtd.enable = true; @@ -69,23 +86,13 @@ acceptTerms = true; defaults.email = "root@katvayor.net"; }; - kat.proxies = { - ip = "10.42.0.1"; - open-tcp = [ - 9000 - 9500 - ]; - redirects = [ - "kat-orchid" - "kat-son" - "kat-virt" - "kat-mail-test" - ]; - }; - services.weechat = { - enable = true; - binary = "${pkgs.weechat}/bin/weechat-headless"; + services = { + openssh.enable = true; + weechat = { + enable = true; + binary = "${pkgs.weechat}/bin/weechat-headless"; + }; }; networking.firewall = { diff --git a/machines/kat-manah/hardware-configuration.nix b/machines/kat-manah/hardware-configuration.nix index 5d216b3..e33e332 100644 --- a/machines/kat-manah/hardware-configuration.nix +++ b/machines/kat-manah/hardware-configuration.nix @@ -26,7 +26,10 @@ fileSystems."/" = { device = "UUID=2d6f7d3a-936d-457c-86c7-f49d816ff5b7"; fsType = "bcachefs"; - options = [ "fsck" "fix_errors" ]; + options = [ + "fsck" + "fix_errors" + ]; }; fileSystems."/boot" = { @@ -37,7 +40,10 @@ fileSystems."/.ssd" = { device = "UUID=b4fc22f8-aecd-4cde-b77d-79825fae65eb"; fsType = "bcachefs"; - options = [ "fsck" "fix_errors" ]; + options = [ + "fsck" + "fix_errors" + ]; neededForBoot = true; }; diff --git a/machines/kat-orchid/default.nix b/machines/kat-orchid/default.nix index 0f3fd1c..197f9fe 100644 --- a/machines/kat-orchid/default.nix +++ b/machines/kat-orchid/default.nix @@ -9,33 +9,47 @@ ... }: { + deployment = { + targetHost = "orchid.kat"; + tags = [ "kat-vms" ]; + }; imports = [ ./hardware-configuration.nix ./disks.nix ]; - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelParams = [ "console=ttyS0" ]; }; - kat.proxies = { - ip = "192.168.122.6"; - aliases = [ - "simply-wise.fr" - "www.simply-wise.fr" - ]; - open-tcp = [ - { - internal = 22; - external = 22042; - } - ]; + kat = { + fqdn = "orchid.katvayor.net"; + proxies = { + ip = "192.168.122.6"; + aliases = [ + "simply-wise.fr" + "www.simply-wise.fr" + ]; + open-tcp = [ + { + internal = 22; + external = 22042; + } + ]; + }; }; systemd.network.enable = lib.mkForce false; networking = { useNetworkd = lib.mkForce false; + firewall.allowedTCPPorts = [ + 80 + 443 + ]; interfaces."enp1s0" = { useDHCP = false; ipv4.addresses = [ @@ -64,13 +78,6 @@ nixpkgs.config.allowUnfree = true; - services.openssh.enable = true; - - networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; - security.acme = { acceptTerms = true; defaults.email = "root@katvayor.net"; @@ -79,33 +86,37 @@ "www.simply-wise.fr" ]; }; - services.nginx = { - enable = true; - virtualHosts = { - "orchid.katvayor.net" = { - enableACME = true; - forceSSL = true; - locations = { - "/static/".alias = "/srv/orchid/"; - "/" = { - recommendedProxySettings = true; - proxyPass = "https://192.168.123.2/"; + services = { + openssh.enable = true; + qemuGuest.enable = true; + nginx = { + enable = true; + virtualHosts = { + "orchid.katvayor.net" = { + enableACME = true; + forceSSL = true; + locations = { + "/static/".alias = "/srv/orchid/"; + "/" = { + recommendedProxySettings = true; + proxyPass = "https://192.168.123.2/"; + }; }; }; - }; - "simply-wise.fr" = { - useACMEHost = "orchid.katvayor.net"; - forceSSL = true; - serverAliases = [ "www.simply-wise.fr" ]; - locations."/" = { - root = pkgs.runCommand "building" { } '' - mkdir -p $out - ln -nsf ${./building.html} $out/building.html - ''; - extraConfig = '' - internal; - error_page 404 =503 /building.html; - ''; + "simply-wise.fr" = { + useACMEHost = "orchid.katvayor.net"; + forceSSL = true; + serverAliases = [ "www.simply-wise.fr" ]; + locations."/" = { + root = pkgs.runCommand "building" { } '' + mkdir -p $out + ln -nsf ${./building.html} $out/building.html + ''; + extraConfig = '' + internal; + error_page 404 =503 /building.html; + ''; + }; }; }; }; diff --git a/machines/kat-orchid/disks.nix b/machines/kat-orchid/disks.nix index 6c59a85..16a2ee4 100644 --- a/machines/kat-orchid/disks.nix +++ b/machines/kat-orchid/disks.nix @@ -22,7 +22,10 @@ type = "filesystem"; format = "bcachefs"; mountpoint = "/"; - mountOptions = [ "fsck" "fix_errors" ]; + mountOptions = [ + "fsck" + "fix_errors" + ]; }; }; }; diff --git a/machines/kat-probook/default.nix b/machines/kat-probook/default.nix index 223da4f..aed3c82 100644 --- a/machines/kat-probook/default.nix +++ b/machines/kat-probook/default.nix @@ -5,12 +5,15 @@ mods, sources, nodes, + users, ... }: - { + deployment.allowLocalDeployment = true; + imports = [ ./hardware-configuration.nix + users.catvayor # ./router.nix ]; @@ -30,6 +33,10 @@ efi.canTouchEfiVariables = true; }; + nix.settings.trusted-users = [ + "root" + "@wheel" + ]; networking.networkmanager = { enable = true; unmanaged = [ diff --git a/machines/kat-son/default.nix b/machines/kat-son/default.nix index 89af011..fb45a37 100644 --- a/machines/kat-son/default.nix +++ b/machines/kat-son/default.nix @@ -5,17 +5,28 @@ ... }: { + deployment = { + targetHost = "son.kat"; + tags = [ "kat-vms" ]; + }; + imports = [ ./hardware-configuration.nix ./disks.nix ]; - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelParams = [ "console=ttyS0" ]; }; - kat.proxies.ip = "192.168.122.5"; + kat = { + fqdn = "son.katvayor.net"; + proxies.ip = "192.168.122.5"; + }; systemd.network.enable = lib.mkForce false; networking = { @@ -46,20 +57,22 @@ ]; }; - services.openssh.enable = true; - networking.firewall.enable = false; security.acme = { acceptTerms = true; defaults.email = "root@katvayor.net"; }; - services.nginx = { - enable = true; - virtualHosts = { - "son.katvayor.net" = { - enableACME = true; - addSSL = true; + services = { + openssh.enable = true; + qemuGuest.enable = true; + nginx = { + enable = true; + virtualHosts = { + "son.katvayor.net" = { + enableACME = true; + addSSL = true; + }; }; }; }; diff --git a/machines/kat-son/disks.nix b/machines/kat-son/disks.nix index 6c59a85..16a2ee4 100644 --- a/machines/kat-son/disks.nix +++ b/machines/kat-son/disks.nix @@ -22,7 +22,10 @@ type = "filesystem"; format = "bcachefs"; mountpoint = "/"; - mountOptions = [ "fsck" "fix_errors" ]; + mountOptions = [ + "fsck" + "fix_errors" + ]; }; }; }; diff --git a/machines/kat-virt/default.nix b/machines/kat-virt/default.nix index f777c15..0cf00d0 100644 --- a/machines/kat-virt/default.nix +++ b/machines/kat-virt/default.nix @@ -2,24 +2,36 @@ config, lib, pkgs, + ssh-keys, ... }: { - imports = [ ./hardware-configuration.nix ]; - - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; + deployment = { + targetHost = "virt.kat"; + tags = [ "kat-vms" ]; }; - kat.proxies = { - ip = "192.168.122.2"; - open-tcp = [ - { - internal = 22; - external = 22000; - } - ]; + imports = [ ./hardware-configuration.nix ]; + + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelParams = [ "console=ttyS0" ]; + }; + + kat = { + fqdn = "degette.katvayor.net"; + proxies = { + ip = "192.168.122.2"; + open-tcp = [ + { + internal = 22; + external = 22000; + } + ]; + }; }; systemd.network.enable = lib.mkForce false; @@ -51,23 +63,28 @@ ]; }; - services.openssh.enable = true; + services = { + openssh.enable = true; + qemuGuest.enable = true; + nginx = { + enable = true; + virtualHosts."degette.katvayor.net" = { + enableACME = true; + addSSL = true; + locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://localhost:8000/"; + }; + }; + }; + }; + + users.users.root.openssh.authorizedKeys.keys = with ssh-keys; sylvain ++ gaby; security.acme = { acceptTerms = true; defaults.email = "root@katvayor.net"; }; - services.nginx = { - enable = true; - virtualHosts."degette.katvayor.net" = { - enableACME = true; - addSSL = true; - locations."/" = { - recommendedProxySettings = true; - proxyPass = "http://localhost:8000/"; - }; - }; - }; networking.firewall.enable = false; diff --git a/machines/kat-virt/hardware-configuration.nix b/machines/kat-virt/hardware-configuration.nix index 2833b40..7fe8d25 100644 --- a/machines/kat-virt/hardware-configuration.nix +++ b/machines/kat-virt/hardware-configuration.nix @@ -26,7 +26,10 @@ fileSystems."/" = { device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa"; fsType = "bcachefs"; - options = [ "fsck" "fix_errors" ]; + options = [ + "fsck" + "fix_errors" + ]; }; fileSystems."/boot" = { diff --git a/machines/kat-watcher/default.nix b/machines/kat-watcher/default.nix index 329c564..91815a9 100644 --- a/machines/kat-watcher/default.nix +++ b/machines/kat-watcher/default.nix @@ -6,19 +6,27 @@ ... }: { + deployment.targetHost = "watcher.kat"; + imports = [ ./hardware-configuration.nix ./disks.nix ]; - boot.loader.grub = { - enable = true; - efiSupport = true; - efiInstallAsRemovable = true; + boot = { + loader.grub = { + enable = true; + efiSupport = true; + efiInstallAsRemovable = true; + }; + kernel.sysctl."net.ipv4.ip_forward" = true; }; - boot.kernel.sysctl."net.ipv4.ip_forward" = true; - kat.wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg="; + kat = { + wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg="; + fqdn = "watcher.katvayor.net"; + proxies.redirects = [ "kat-manah" ]; + }; networking = { useDHCP = false; @@ -100,7 +108,6 @@ acceptTerms = true; defaults.email = "root@katvayor.net"; }; - kat.proxies.redirects = [ "kat-manah" ]; environment.systemPackages = with pkgs; [ tcpdump ]; diff --git a/machines/kat-watcher/disks.nix b/machines/kat-watcher/disks.nix index 3c17db8..bcca3cf 100644 --- a/machines/kat-watcher/disks.nix +++ b/machines/kat-watcher/disks.nix @@ -28,7 +28,10 @@ format = "bcachefs"; mountpoint = "/"; extraArgs = [ "--compression=zstd" ]; - mountOptions = [ "fsck" "fix_errors" ]; + mountOptions = [ + "fsck" + "fix_errors" + ]; }; }; }; diff --git a/shell.nix b/shell.nix index 821bdac..44e073d 100644 --- a/shell.nix +++ b/shell.nix @@ -2,4 +2,9 @@ let sources = import ./npins; pkgs = import sources.nixpkgs { }; in -pkgs.mkShell { packages = with pkgs; [ npins colmena ]; } +pkgs.mkShell { + packages = with pkgs; [ + npins + colmena + ]; +}