config-perso/hive.nix

let
  mods = import ./modules;
  users = import ./users;
  sources = import ./npins;
  id_sylvain = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix";
  mkNixpkgsSrc = (import sources.nix-patches { patchFile = ./patches; }).mkNixpkgsSrc;
in
{
  meta = {
    nixpkgs = mkNixpkgsSrc {
      src = sources.nixpkgs;
      version = "unstable";
    };
    nodeNixpkgs."kat-mail-test" = mkNixpkgsSrc {
      src = sources.nixpkgs;
      version = "betamail";
    };
    specialArgs = {
      inherit mods users sources;
    };
  };
  defaults =
    {
      nodes,
      name,
      pkgs,
      lib,
      config,
      ...
    }:
    {
      imports = [
        ./kat
        "${sources.home-manager}/nixos"
        "${sources.disko}/module.nix"
        ./domain-proxies-module.nix
        ./domain-proxies.nix
      ];
      networking.hostName = name;
    };

  kat-probook =
    { users, ... }:
    {
      deployment.allowLocalDeployment = true;

      imports = [
        ./machines/kat-probook
        users.catvayor
      ];
      nix.settings.trusted-users = [
        "root"
        "@wheel"
      ];
    };

  kat-manah =
    { users, ... }:
    {
      deployment.targetHost = "manah.kat";
      services.openssh.enable = true;
      imports = [
        ./machines/kat-manah
      ];
    };

  kat-watcher =
    { users, ... }:
    {
      deployment.targetHost = "watcher.kat";
      services.openssh.enable = true;
      imports = [
        ./machines/kat-watcher
      ];
    };

  kat-virt =
    { users, ... }:
    {
      deployment = {
        targetHost = "virt.kat";
        tags = [ "kat-vms" ];
      };
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.kernelParams = [ "console=ttyS0" ];

      imports = [
        ./machines/kat-virt
      ];
      users.users.root.openssh.authorizedKeys.keys = [
        id_sylvain
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGoQZ/77uiai4rBHYwL55IweUOdR9svxDxlP/o7sulRT gdesfrene@clipper.ens.fr"
      ];
    };

  kat-mail-test =
    { users, ... }:
    {
      deployment = {
        targetHost = "mail-test.kat";
        tags = [ "kat-vms" ];
      };
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.kernelParams = [ "console=ttyS0" ];

      imports = [
        ./machines/kat-mail-test
      ];
      users.users.root.openssh.authorizedKeys.keys = [ id_sylvain ];
    };

  kat-son =
    { users, ... }:
    {
      deployment = {
        targetHost = "son.kat";
        tags = [ "kat-vms" ];
      };
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.kernelParams = [ "console=ttyS0" ];
      imports = [
        ./machines/kat-son
      ];
    };

  kat-orchid =
    { users, ... }:
    {
      deployment = {
        targetHost = "orchid.kat";
        tags = [ "kat-vms" ];
      };
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.kernelParams = [ "console=ttyS0" ];
      imports = [
        ./machines/kat-orchid
      ];
    };

  kat-iso =
    {
      users,
      pkgs,
      modulesPath,
      lib,
      ...
    }:
    {
      deployment = {
        allowLocalDeployment = false;
        targetHost = null;
      };

      imports = [
        (modulesPath + "/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix")
      ];

      networking = {
        networkmanager.enable = true;
        wireless.enable = false;
      };
      console.keyMap = "fr";

      environment.systemPackages = with pkgs; [
        perl
        git
      ];
      programs.zsh.enable = true;
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.supportedFilesystems = {
        bcachefs = true;
        zfs = lib.mkForce false;
      };
      boot.kernelParams = [ "console=ttyS0" ];
      boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
      services.getty.autologinUser = lib.mkForce "root";
      system.stateVersion = lib.mkForce "24.11";
    };

  kat-kexec =
    {
      users,
      pkgs,
      modulesPath,
      lib,
      ...
    }:
    {
      deployment = {
        allowLocalDeployment = false;
        targetHost = null;
      };

      imports = [
        ("${sources.nixos-images}/nix/kexec-installer/module.nix")
      ];

      networking = {
        networkmanager.enable = false;
        wireless.enable = false;
      };
      console.keyMap = "fr";

      environment.systemPackages = with pkgs; [
        perl
        git
      ];
      programs.zsh.enable = true;
      services.openssh.enable = true;
      services.qemuGuest.enable = true;
      boot.kernelParams = [ "console=ttyS0" ];
      boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
      boot.supportedFilesystems = {
        bcachefs = true;
        zfs = lib.mkForce false;
      };
      services.getty.autologinUser = lib.mkForce "root";
      system.stateVersion = lib.mkForce "24.11";
    };
}