lbailly/infrastructure
1
0
Fork 0
forked from DGNum/infrastructure
Code Pull requests Activity

chore: Abstract machines and modules

Browse source 
This adds subdirectories for the different types of systems, for the
modules and the machines
This commit is contained in:
Tom Hubrecht 2024-12-08 13:22:07 +01:00
parent c3f4e7ade6
commit ecbad0a638
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
264 changed files with 49 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
hive.nix
View file

@ -14,10 +14,7 @@ let
nodes = builtins.attrNames nodes'; nodes = builtins.attrNames nodes';
mkNode = node: { mkNode = node: {
# Import the base configuration for each node deployment.systemType = system node;
imports = [ ./machines/${node}/_configuration.nix ];
deployment.systemType = "nixos";
}; };
nixpkgs' = import ./meta/nixpkgs.nix; nixpkgs' = import ./meta/nixpkgs.nix;
@ -28,6 +25,7 @@ let
# defaulting to the one defined in meta/nixpkgs # defaulting to the one defined in meta/nixpkgs
version = node: nodes'.${node}.nixpkgs.version; version = node: nodes'.${node}.nixpkgs.version;
system = node: nodes'.${node}.nixpkgs.system; system = node: nodes'.${node}.nixpkgs.system;
category = node: nixpkgs'.categories.${system node};
nodePkgs = node: nixpkgs.${system node}.${version node}; nodePkgs = node: nixpkgs.${system node}.${version node};
@ -77,6 +75,7 @@ let
meta = (import ./meta) lib; meta = (import ./meta) lib;
nodeMeta = meta.nodes.${node}; nodeMeta = meta.nodes.${node};
nodePath = "machines/${category node}/${node}";
}; };
in in
@ -97,23 +96,32 @@ in
nixos = { nixos = {
evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args; evalConfig = args: import "${args.specialArgs.sourcePkgs.path}/nixos/lib/eval-config.nix" args;
defaults = defaults =
{ name, nodeMeta, ... }: {
name,
nodeMeta,
nodePath,
sourcePkgs,
...
}:
{ {
# Import the default modules # Import the default modules
imports = [ imports = [
./modules # Import the base configuration for each node
./${nodePath}/_configuration.nix
./modules/generic
(import "${sources.lix-module}/module.nix" { inherit (sources) lix; }) (import "${sources.lix-module}/module.nix" { inherit (sources) lix; })
./modules/${category name}
]; ];
# Include default secrets # Include default secrets
age-secrets.sources = [ ./machines/${name}/secrets ]; age-secrets.sources = [ ./${nodePath}/secrets ];
# Deployment config is specified in meta.nodes.${node}.deployment # Deployment config is specified in meta.nodes.${node}.deployment
inherit (nodeMeta) deployment; inherit (nodeMeta) deployment;
nix = { nix = {
# Set NIX_PATH to the patched version of nixpkgs # Set NIX_PATH to the patched version of nixpkgs
nixPath = [ "nixpkgs=${mkNixpkgs' (version name)}" ]; nixPath = [ "nixpkgs=${sourcePkgs.path}" ];
optimise.automatic = true; optimise.automatic = true;
gc = { gc = {

3
machines/bridge01/secrets/secrets.nix
View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "bridg01" ] [
# List of secrets for bridge01
]

3
machines/geo01/secrets/secrets.nix
View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "geo01" ] [
# List of secrets for geo01
]

3
machines/geo02/secrets/secrets.nix
View file

@ -1,3 +0,0 @@
(import ../../../keys).mkSecrets [ "geo02" ] [
# List of secrets for geo02
]

0
machines/bridge01/_configuration.nix → machines/nixos/bridge01/_configuration.nix
View file

0
machines/bridge01/_hardware-configuration.nix → machines/nixos/bridge01/_hardware-configuration.nix
View file

0
machines/bridge01/network.nix → machines/nixos/bridge01/network.nix
View file

3
machines/nixos/bridge01/secrets/secrets.nix Normal file
View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "bridg01" ] [
# List of secrets for bridge01
]

0
machines/compute01/_configuration.nix → machines/nixos/compute01/_configuration.nix
View file

0
machines/compute01/_hardware-configuration.nix → machines/nixos/compute01/_hardware-configuration.nix
View file

0
machines/compute01/arkheon.nix → machines/nixos/compute01/arkheon.nix
View file

0
machines/compute01/dgsi/default.nix → machines/nixos/compute01/dgsi/default.nix
View file

0
machines/compute01/ds-fr/default.nix → machines/nixos/compute01/ds-fr/default.nix
View file

0
machines/compute01/ds-fr/module.nix → machines/nixos/compute01/ds-fr/module.nix
View file

0
machines/compute01/grafana.nix → machines/nixos/compute01/grafana.nix
View file

0
machines/compute01/hedgedoc.nix → machines/nixos/compute01/hedgedoc.nix
View file

0
machines/compute01/kanidm/default.nix → machines/nixos/compute01/kanidm/default.nix
View file

0
machines/compute01/kanidm/secrets/kanidm-password_admin → machines/nixos/compute01/kanidm/secrets/kanidm-password_admin
View file

2
machines/compute01/kanidm/secrets/secrets.nix → machines/nixos/compute01/kanidm/secrets/secrets.nix
View file

@ -1,4 +1,4 @@
(import ../../../../keys).mkSecrets [ "compute01" ] [ (import ../../../../../keys).mkSecrets [ "compute01" ] [
"kanidm-password_admin" "kanidm-password_admin"
"kanidm-password_idm_admin" "kanidm-password_idm_admin"
] ]

0
machines/compute01/librenms/default.nix → machines/nixos/compute01/librenms/default.nix
View file

0
machines/compute01/librenms/kanidm.patch → machines/nixos/compute01/librenms/kanidm.patch
View file

0
machines/compute01/librenms/module.nix → machines/nixos/compute01/librenms/module.nix
View file

0
machines/compute01/mastodon.nix → machines/nixos/compute01/mastodon.nix
View file

0
machines/compute01/nextcloud.nix → machines/nixos/compute01/nextcloud.nix
View file

0
machines/compute01/ollama-proxy.nix → machines/nixos/compute01/ollama-proxy.nix
View file

0
machines/compute01/outline.nix → machines/nixos/compute01/outline.nix
View file

0
machines/compute01/plausible.nix → machines/nixos/compute01/plausible.nix
View file

0
machines/compute01/postgresql.nix → machines/nixos/compute01/postgresql.nix
View file

0
machines/compute01/rstudio-server.nix → machines/nixos/compute01/rstudio-server.nix
View file

0
machines/compute01/satosa/default.nix → machines/nixos/compute01/satosa/default.nix
View file

0
machines/compute01/satosa/module.nix → machines/nixos/compute01/satosa/module.nix
View file

0
machines/compute01/satosa/package/cookies-samesite-compat.nix → machines/nixos/compute01/satosa/package/cookies-samesite-compat.nix
View file

0
machines/compute01/satosa/package/default.nix → machines/nixos/compute01/satosa/package/default.nix
View file

0
machines/compute01/satosa/package/oic.nix → machines/nixos/compute01/satosa/package/oic.nix
View file

0
machines/compute01/satosa/package/pydantic-core.nix → machines/nixos/compute01/satosa/package/pydantic-core.nix
View file

0
machines/compute01/satosa/package/pydantic-settings.nix → machines/nixos/compute01/satosa/package/pydantic-settings.nix
View file

0
machines/compute01/satosa/package/pydantic.nix → machines/nixos/compute01/satosa/package/pydantic.nix
View file

0
machines/compute01/satosa/package/pyop.nix → machines/nixos/compute01/satosa/package/pyop.nix
View file

0
machines/compute01/satosa/package/satosa.nix → machines/nixos/compute01/satosa/package/satosa.nix
View file

0
machines/compute01/secrets/arkheon-env_file → machines/nixos/compute01/secrets/arkheon-env_file
View file

0
machines/compute01/secrets/bupstash-put_key → machines/nixos/compute01/secrets/bupstash-put_key
View file

0
machines/compute01/secrets/dgsi-email_host_password_file → machines/nixos/compute01/secrets/dgsi-email_host_password_file
View file

0
machines/compute01/secrets/dgsi-kanidm_auth_token_file → machines/nixos/compute01/secrets/dgsi-kanidm_auth_token_file
View file

0
machines/compute01/secrets/dgsi-kanidm_secret_file → machines/nixos/compute01/secrets/dgsi-kanidm_secret_file
View file

0
machines/compute01/secrets/dgsi-secret_key_file → machines/nixos/compute01/secrets/dgsi-secret_key_file
View file

0
machines/compute01/secrets/dgsi-x509_cert_file → machines/nixos/compute01/secrets/dgsi-x509_cert_file
View file

0
machines/compute01/secrets/dgsi-x509_key_file → machines/nixos/compute01/secrets/dgsi-x509_key_file
View file

0
machines/compute01/secrets/ds-fr-secret_file → machines/nixos/compute01/secrets/ds-fr-secret_file
View file

0
machines/compute01/secrets/grafana-oauth_client_secret_file → machines/nixos/compute01/secrets/grafana-oauth_client_secret_file
View file

0
machines/compute01/secrets/grafana-smtp_password_file → machines/nixos/compute01/secrets/grafana-smtp_password_file
View file

0
machines/compute01/secrets/hedgedoc-environment_file → machines/nixos/compute01/secrets/hedgedoc-environment_file
View file

0
machines/compute01/secrets/librenms-database_password_file → machines/nixos/compute01/secrets/librenms-database_password_file
View file

0
machines/compute01/secrets/librenms-environment_file → machines/nixos/compute01/secrets/librenms-environment_file
View file

0
machines/compute01/secrets/mastodon-extra_env_file → machines/nixos/compute01/secrets/mastodon-extra_env_file
View file

0
machines/compute01/secrets/mastodon-smtp-password → machines/nixos/compute01/secrets/mastodon-smtp-password
View file

0
machines/compute01/secrets/nextcloud-adminpass_file → machines/nixos/compute01/secrets/nextcloud-adminpass_file
View file

0
machines/compute01/secrets/nextcloud-s3_secret_file → machines/nixos/compute01/secrets/nextcloud-s3_secret_file
View file

0
machines/compute01/secrets/outline-oidc_client_secret_file → machines/nixos/compute01/secrets/outline-oidc_client_secret_file
View file

0
machines/compute01/secrets/outline-smtp_password_file → machines/nixos/compute01/secrets/outline-smtp_password_file
View file

0
machines/compute01/secrets/outline-storage_secret_key_file → machines/nixos/compute01/secrets/outline-storage_secret_key_file
View file

0
machines/compute01/secrets/plausible-admin_user_password_file → machines/nixos/compute01/secrets/plausible-admin_user_password_file
View file

0
machines/compute01/secrets/plausible-secret_key_base_file → machines/nixos/compute01/secrets/plausible-secret_key_base_file
View file

0
machines/compute01/secrets/plausible-smtp_password_file → machines/nixos/compute01/secrets/plausible-smtp_password_file
View file

0
machines/compute01/secrets/satosa-env_file → machines/nixos/compute01/secrets/satosa-env_file
View file

2
machines/compute01/secrets/secrets.nix → machines/nixos/compute01/secrets/secrets.nix
View file

@ -1,4 +1,4 @@
(import ../../../keys).mkSecrets [ "compute01" ] [ (import ../../../../keys).mkSecrets [ "compute01" ] [
# List of secrets for compute01 # List of secrets for compute01
"arkheon-env_file" "arkheon-env_file"
"bupstash-put_key" "bupstash-put_key"

0
machines/compute01/secrets/signal-irc-bridge-config → machines/nixos/compute01/secrets/signal-irc-bridge-config
View file

0
machines/compute01/secrets/telegraf-environment_file → machines/nixos/compute01/secrets/telegraf-environment_file
View file

0
machines/compute01/secrets/vaultwarden-environment_file → machines/nixos/compute01/secrets/vaultwarden-environment_file
View file

0
machines/compute01/secrets/zammad-secret_key_base_file → machines/nixos/compute01/secrets/zammad-secret_key_base_file
View file

0
machines/compute01/signal-irc-bridge.nix → machines/nixos/compute01/signal-irc-bridge.nix
View file

0
machines/compute01/signald.nix → machines/nixos/compute01/signald.nix
View file

0
machines/compute01/stirling-pdf/01-spotless.patch → machines/nixos/compute01/stirling-pdf/01-spotless.patch
View file

0
machines/compute01/stirling-pdf/02-propsfile.patch → machines/nixos/compute01/stirling-pdf/02-propsfile.patch
View file

0
machines/compute01/stirling-pdf/03-jar-timestamps.patch → machines/nixos/compute01/stirling-pdf/03-jar-timestamps.patch
View file

0
machines/compute01/stirling-pdf/04-local-maven-deps.patch → machines/nixos/compute01/stirling-pdf/04-local-maven-deps.patch
View file

0
machines/compute01/stirling-pdf/05-java-output-test.patch → machines/nixos/compute01/stirling-pdf/05-java-output-test.patch
View file

0
machines/compute01/stirling-pdf/default.nix → machines/nixos/compute01/stirling-pdf/default.nix
View file

0
machines/compute01/takumi.nix → machines/nixos/compute01/takumi.nix
View file

0
machines/compute01/telegraf.nix → machines/nixos/compute01/telegraf.nix
View file

0
machines/compute01/vaultwarden.nix → machines/nixos/compute01/vaultwarden.nix
View file

0
machines/compute01/zammad.nix → machines/nixos/compute01/zammad.nix
View file

0
machines/geo01/_configuration.nix → machines/nixos/geo01/_configuration.nix
View file

0
machines/geo01/_hardware-configuration.nix → machines/nixos/geo01/_hardware-configuration.nix
View file

3
machines/nixos/geo01/secrets/secrets.nix Normal file
View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "geo01" ] [
# List of secrets for geo01
]

0
machines/geo02/_configuration.nix → machines/nixos/geo02/_configuration.nix
View file

0
machines/geo02/_hardware-configuration.nix → machines/nixos/geo02/_hardware-configuration.nix
View file

3
machines/nixos/geo02/secrets/secrets.nix Normal file
View file

@ -0,0 +1,3 @@
(import ../../../../keys).mkSecrets [ "geo02" ] [
# List of secrets for geo02
]

0
machines/rescue01/_configuration.nix → machines/nixos/rescue01/_configuration.nix
View file

0
machines/rescue01/_hardware-configuration.nix → machines/nixos/rescue01/_hardware-configuration.nix
View file

2
machines/rescue01/secrets/secrets.nix → machines/nixos/rescue01/secrets/secrets.nix
View file

@ -1,4 +1,4 @@
(import ../../../keys).mkSecrets [ "rescue01" ] [ (import ../../../../keys).mkSecrets [ "rescue01" ] [
# List of secrets for rescue01 # List of secrets for rescue01
"stateless-uptime-kuma-password" "stateless-uptime-kuma-password"
] ]

0
machines/rescue01/secrets/stateless-uptime-kuma-password → machines/nixos/rescue01/secrets/stateless-uptime-kuma-password
View file

0
machines/rescue01/uptime-kuma.nix → machines/nixos/rescue01/uptime-kuma.nix
View file

0
machines/storage01/_configuration.nix → machines/nixos/storage01/_configuration.nix
View file

0
machines/storage01/_hardware-configuration.nix → machines/nixos/storage01/_hardware-configuration.nix
View file

0
machines/storage01/forgejo-runners.nix → machines/nixos/storage01/forgejo-runners.nix
View file

0
machines/storage01/forgejo.nix → machines/nixos/storage01/forgejo.nix
View file

0
machines/storage01/garage.nix → machines/nixos/storage01/garage.nix
View file

0
machines/storage01/influxdb.nix → machines/nixos/storage01/influxdb.nix
View file

0
machines/storage01/netbird.nix → machines/nixos/storage01/netbird.nix
View file

0
machines/storage01/peertube.nix → machines/nixos/storage01/peertube.nix
View file

Some files were not shown because too many files have changed in this diff Show more