let mods = import ./modules; users = import ./users; sources = import ./npins; id_sylvain = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"; mkNixpkgsSrc = (import sources.nix-patches { patchFile = ./patches; }).mkNixpkgsSrc; in { meta = { nixpkgs = mkNixpkgsSrc { src = sources.nixpkgs; version = "unstable"; }; nodeNixpkgs."kat-mail-test" = mkNixpkgsSrc { src = sources.nixpkgs; version = "betamail"; }; specialArgs = { inherit mods users sources; }; }; defaults = { nodes, name, pkgs, lib, config, ... }: { imports = [ "${sources.home-manager}/nixos" "${sources.agenix}/modules/age.nix" "${sources.disko}/module.nix" ./domain-proxies-module.nix ./domain-proxies.nix ]; options.system.build.anywhere = lib.mkOption { type = lib.types.package; readOnly = true; }; config = { boot.tmp.useTmpfs = true; networking.hostName = name; nix = { nixPath = [ "nixpkgs=${builtins.storePath pkgs.path}" "nixos=${builtins.storePath pkgs.path}" ]; channel.enable = false; settings.nix-path = config.nix.nixPath; package = pkgs.lix; }; services = { resolved.enable = true; openssh.settings = { ClientAliveInterval = 60; ClientAliveCountMax = 1; }; }; system.build.anywhere = pkgs.writeShellApplication { name = "anywhere-deploy_${name}.sh"; runtimeInputs = [ pkgs.nixos-anywhere ]; # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz text = '' nixos-anywhere --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost} ''; }; }; }; kat-probook = { users, ... }: { deployment.allowLocalDeployment = true; imports = [ ./machines/kat-probook (users.root { ssh = false; }) users.catvayor ]; nix.settings.trusted-users = [ "root" "@wheel" ]; }; kat-manah = { users, ... }: { deployment.targetHost = "manah.kat"; imports = [ ./machines/kat-manah (users.root { ssh = true; }) ]; }; kat-watcher = { users, ... }: { deployment.targetHost = "watcher.kat"; imports = [ ./machines/kat-watcher (users.root { ssh = true; }) ]; }; kat-virt = { users, ... }: { deployment = { targetHost = "virt.kat"; tags = [ "kat-vms" ]; }; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-virt (users.root { ssh = true; }) ]; users.users.root.openssh.authorizedKeys.keys = [ id_sylvain ]; }; kat-mail-test = { users, ... }: { deployment = { targetHost = "mail-test.kat"; tags = [ "kat-vms" ]; }; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-mail-test (users.root { ssh = true; }) ]; users.users.root.openssh.authorizedKeys.keys = [ id_sylvain ]; }; kat-son = { users, ... }: { deployment = { targetHost = "son.kat"; tags = [ "kat-vms" ]; }; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-son (users.root { ssh = true; }) ]; }; kat-orchid = { users, ... }: { deployment = { targetHost = "orchid.kat"; tags = [ "kat-vms" ]; }; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-orchid (users.root { ssh = true; }) ]; }; kat-iso = { users, pkgs, modulesPath, lib, ... }: { deployment = { allowLocalDeployment = false; targetHost = null; }; imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix") (users.root { ssh = true; }) ]; networking = { networkmanager.enable = true; wireless.enable = false; }; console.keyMap = "fr"; environment.systemPackages = with pkgs; [ perl git ]; boot.supportedFilesystems = [ "bcachefs" ]; programs.zsh.enable = true; services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; services.getty.autologinUser = lib.mkForce "root"; }; kat-kexec = { users, pkgs, modulesPath, lib, ... }: { deployment = { allowLocalDeployment = false; targetHost = null; }; imports = [ ("${sources.nixos-images}/nix/kexec-installer/module.nix") (users.root { ssh = true; }) ]; networking = { networkmanager.enable = false; wireless.enable = false; }; console.keyMap = "fr"; environment.systemPackages = with pkgs; [ perl git ]; programs.zsh.enable = true; services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; boot.supportedFilesystems = { bcachefs = true; zfs = lib.mkForce false; }; services.getty.autologinUser = lib.mkForce "root"; }; }