forked from DGNum/infrastructure
chore: Abstract machines and modules
This adds subdirectories for the different types of systems, for the modules and the machines
This commit is contained in:
parent
c3f4e7ade6
commit
ecbad0a638
264 changed files with 49 additions and 38 deletions
24
hive.nix
24
hive.nix
|
@ -14,10 +14,7 @@ let
|
|||
nodes = builtins.attrNames nodes';
|
||||
|
||||
mkNode = node: {
|
||||
# Import the base configuration for each node
|
||||
imports = [ ./machines/${node}/_configuration.nix ];
|
||||
|
||||
deployment.systemType = "nixos";
|
||||
deployment.systemType = system node;
|
||||
};
|
||||
|
||||
nixpkgs' = import ./meta/nixpkgs.nix;
|
||||
|
@ -28,6 +25,7 @@ let
|
|||
# defaulting to the one defined in meta/nixpkgs
|
||||
version = node: nodes'.${node}.nixpkgs.version;
|
||||
system = node: nodes'.${node}.nixpkgs.system;
|
||||
category = node: nixpkgs'.categories.${system node};
|
||||
|
||||
nodePkgs = node: nixpkgs.${system node}.${version node};
|
||||
|
||||
|
@ -77,6 +75,7 @@ let
|
|||
meta = (import ./meta) lib;
|
||||
|
||||
nodeMeta = meta.nodes.${node};
|
||||
nodePath = "machines/${category node}/${node}";
|
||||
};
|
||||
in
|
||||
|
||||
|
@ -97,23 +96,32 @@ in
|
|||
nixos = {
|
||||
evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args;
|
||||
defaults =
|
||||
{ name, nodeMeta, ... }:
|
||||
{
|
||||
name,
|
||||
nodeMeta,
|
||||
nodePath,
|
||||
sourcePkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
# Import the default modules
|
||||
imports = [
|
||||
./modules
|
||||
# Import the base configuration for each node
|
||||
./${nodePath}/_configuration.nix
|
||||
./modules/generic
|
||||
(import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
|
||||
./modules/${category name}
|
||||
];
|
||||
|
||||
# Include default secrets
|
||||
age-secrets.sources = [ ./machines/${name}/secrets ];
|
||||
age-secrets.sources = [ ./${nodePath}/secrets ];
|
||||
|
||||
# Deployment config is specified in meta.nodes.${node}.deployment
|
||||
inherit (nodeMeta) deployment;
|
||||
|
||||
nix = {
|
||||
# Set NIX_PATH to the patched version of nixpkgs
|
||||
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ];
|
||||
nixPath = [ "nixpkgs=${sourcePkgs.path}" ];
|
||||
optimise.automatic = true;
|
||||
|
||||
gc = {
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
(import ../../../keys).mkSecrets [ "bridg01" ] [
|
||||
# List of secrets for bridge01
|
||||
]
|
|
@ -1,3 +0,0 @@
|
|||
(import ../../../keys).mkSecrets [ "geo01" ] [
|
||||
# List of secrets for geo01
|
||||
]
|
|
@ -1,3 +0,0 @@
|
|||
(import ../../../keys).mkSecrets [ "geo02" ] [
|
||||
# List of secrets for geo02
|
||||
]
|
3
machines/nixos/bridge01/secrets/secrets.nix
Normal file
3
machines/nixos/bridge01/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
(import ../../../../keys).mkSecrets [ "bridg01" ] [
|
||||
# List of secrets for bridge01
|
||||
]
|
|
@ -1,4 +1,4 @@
|
|||
(import ../../../../keys).mkSecrets [ "compute01" ] [
|
||||
(import ../../../../../keys).mkSecrets [ "compute01" ] [
|
||||
"kanidm-password_admin"
|
||||
"kanidm-password_idm_admin"
|
||||
]
|
|
@ -1,4 +1,4 @@
|
|||
(import ../../../keys).mkSecrets [ "compute01" ] [
|
||||
(import ../../../../keys).mkSecrets [ "compute01" ] [
|
||||
# List of secrets for compute01
|
||||
"arkheon-env_file"
|
||||
"bupstash-put_key"
|
3
machines/nixos/geo01/secrets/secrets.nix
Normal file
3
machines/nixos/geo01/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
(import ../../../../keys).mkSecrets [ "geo01" ] [
|
||||
# List of secrets for geo01
|
||||
]
|
3
machines/nixos/geo02/secrets/secrets.nix
Normal file
3
machines/nixos/geo02/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
(import ../../../../keys).mkSecrets [ "geo02" ] [
|
||||
# List of secrets for geo02
|
||||
]
|
|
@ -1,4 +1,4 @@
|
|||
(import ../../../keys).mkSecrets [ "rescue01" ] [
|
||||
(import ../../../../keys).mkSecrets [ "rescue01" ] [
|
||||
# List of secrets for rescue01
|
||||
"stateless-uptime-kuma-password"
|
||||
]
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue