let sources = import ./npins; pkgs = import sources.nixpkgs-unstable { }; inherit (pkgs) lib; inherit (lib) mapAttrs mapAttrs' filterAttrs mapAttrsToList removeSuffix evalModules flatten ; nodes = mapAttrs' (name: _: { name = removeSuffix ".nix" name; value = import ./machines/${name}; }) (builtins.readDir ./machines); meta' = evalModules { modules = [ ./kat/meta.nix { machines = mapAttrs (_: n: n.meta) nodes; } ]; specialArgs = { inherit pkgs sources; }; }; meta = meta'.config // { machines = mapAttrs (_: node: node.node_meta) meta'.config.machines; }; meta-lib = self: rec { self-meta = meta.machines.${self}; other-meta = filterAttrs (name: _: name != self) meta.machines; mkPeers = let hubs = filterAttrs (_: node: node.vpn-hub) other-meta; non-hubs = filterAttrs (_: node: node.wg-key != null && !node.vpn-hub) other-meta; all-subnets = [ "10.42.0.0/16" ] ++ flatten (map (mapAttrsToList (_: node: node.subnets)) [ hubs non-hubs ]); in if self-meta.vpn-hub then mapAttrsToList (_: node: { AllowedIPs = [ "${node.vpn-ip4}/32" ] ++ node.subnets; PublicKey = node.wg-key; }) non-hubs else mapAttrsToList (_: node: { AllowedIPs = all-subnets; PublicKey = node.wg-key; Endpoint = "${node.fqdn}:1194"; PersistentKeepalive = 25; }) hubs; }; in { meta = { nixpkgs = pkgs.path; specialArgs = { inherit sources; mods = import ./modules; users = import ./users; kat-path = ./kat; }; nodeNixpkgs = mapAttrs (_: node: node.nixpkgs-paths.nixpkgs-src) meta.machines; nodeSpecialArgs = mapAttrs (name: node: { self-meta = node; meta = meta // { lib = meta-lib name; }; }) meta.machines; }; defaults = { name, kat-path, ... }: { imports = [ kat-path ]; networking.hostName = name; }; } // mapAttrs (_: n: n.config) nodes