c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

Split "lib" into "config" and "modules" 

Separate modules that add options from modules that change
configuration.
This commit is contained in:
Ehmry - 2022-01-15 18:30:20 +01:00
parent 5f910a4630
commit f066f4cb82
42 changed files with 131 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -182,7 +182,7 @@ let
in {
imports = [
# ...
"${c3d2Config}/lib"
"${c3d2Config}/modules/c3d2.nix"
];
c3d2 = {

0
lib/admins.nix → config/admins.nix
View File

0
lib/audio-server/default.nix → config/audio-server/default.nix
View File

0
lib/audio-server/generate.sh → config/audio-server/generate.sh
View File

0
lib/audio-server/pipewire-pulse.conf.in.json → config/audio-server/pipewire-pulse.conf.in.json
View File

0
lib/audio-server/pipewire-pulse.conf.json → config/audio-server/pipewire-pulse.conf.json
View File

0
lib/autoupdate.nix → config/autoupdate.nix
View File

92
lib/default.nix → config/c3d2.nix
View File

@ -1,6 +1,4 @@
# This module is for use by all C3D2 machines.
# That includes physical servers, VMs, containers, and personal machines.
#
# This module sets configuration for all NixOS machines defined in this flake
{ config, options, lib, pkgs, ... }:
@ -21,94 +19,16 @@ let
# for the HQ networking using a seed string.
toHqPrivateAddress = toIpv6Address hqPrefix64;
# toHqPublicAddress = toIpv6Address publicPrefix64;
cfg = config.c3d2;
in {
imports = [
./users
./stats.nix
./audio-server
./pi-sensors.nix
./ceph-storage.nix
./cache.nix
./autoupdate.nix
];
options.c3d2 = with lib;
with lib.types; {
isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
enableMotd = mkOption {
type = bool;
default = cfg.isInHq;
defaultText = literalExample "config.c3d2.isInHq";
};
mapPublicHosts = mkOption {
type = bool;
default = false;
description = ''
Whether to add all external HQ host mappings to /etc/hosts.
'';
};
mapHqHosts = mkOption {
type = bool;
default = cfg.isInHq;
description = ''
Whether to add all internal HQ host mappings to /etc/hosts.
'';
};
acmeEmail = mkOption {
type = str;
default = "mail@c3d2.de";
description = ''
Admin email address to use for Letsencrypt
'';
};
hq = {
/* externalInterface = mkOption {
type = nullOr str;
default = null;
example = "eth0";
description = ''
Configure the given interface name with an external IP address.
'';
};
*/
interface = mkOption {
type = nullOr str;
default = null;
example = "eth0";
description = ''
Configure the given interface name with an internal IP address.
'';
};
enableBinaryCache = mkOption {
type = bool;
default = cfg.isInHq;
defaultText = literalExample "config.c3d2.isInHq";
description = "Whether to enable the local Nix binary cache";
};
enableMpdProxy = mkOption {
type = bool;
default = false;
description = "Whether to proxy the local MPD database";
};
};
};
config = let
cfg = config.c3d2;
@ -184,14 +104,6 @@ in {
networking.hosts = let
getHost = hostName: builtins.getAttr hostName hostRegistry.hosts;
mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list);
/* hqPublicHosts = mapHostsNamesToAttrs (hostName: {
name = toHqPublicAddress hostName;
value = [ "${hostName}.hq.c3d2.de" hostName ];
}) hostRegistry.hqPublic;
*/
hqLocalHosts = with builtins;
let
f = hostName:
@ -350,6 +262,4 @@ in {
email = cfg.acmeEmail;
};
};
meta.maintainers = with lib.maintainers; [ ehmry ];
}

0
lib/cache.nix → config/cache.nix
View File

0
lib/ceph-storage.nix → config/ceph-storage.nix
View File

0
lib/logging.nix → config/logging.nix
View File

0
lib/lxc-container.nix → config/lxc-container.nix
View File

0
lib/motd → config/motd
View File

0
lib/shared.nix → config/shared.nix
View File

0
lib/stats.nix → config/stats.nix
View File

0
lib/users/antrares.nix → config/users/antrares.nix
View File

0
lib/users/astro.nix → config/users/astro.nix
View File

0
lib/users/default.nix → config/users/default.nix
View File

0
lib/users/emery.nix → config/users/emery.nix
View File

0
lib/users/j03.nix → config/users/j03.nix
View File

0
lib/users/k-ot.nix → config/users/k-ot.nix
View File

0
lib/users/marenz.nix → config/users/marenz.nix
View File

0
lib/users/nek0.nix → config/users/nek0.nix
View File

0
lib/users/poelzi.nix → config/users/poelzi.nix
View File

0
lib/users/polygon.nix → config/users/polygon.nix
View File

0
lib/users/sandro.nix → config/users/sandro.nix
View File

0
lib/users/tboston.nix → config/users/tboston.nix
View File

0
lib/users/windsleep.nix → config/users/windsleep.nix
View File

61
flake.nix
View File

@ -203,7 +203,15 @@
nixpkgs.overlays = [ self.overlay ];
})
self.nixosModule
self.nixosModules.c3d2
./config/audio-server
./config/autoupdate.nix
./config/c3d2.nix
./config/cache.nix
./config/ceph-storage.nix
./config/stats.nix
./config/users
./modules/pi-sensors.nix
] ++ modules;
};
@ -223,7 +231,7 @@
gitea = nixosSystem' {
nixpkgs = inputs.nixpkgs-unstable;
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/gitea
];
};
@ -311,7 +319,7 @@
matemat = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/matemat
yammat.nixosModule
secrets.nixosModules.admins
@ -321,7 +329,7 @@
scrape = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/scrape
{ nixpkgs.overlays = [ secrets.overlays.scrape ]; }
];
@ -330,7 +338,7 @@
dn42 = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/dn42
{
nixpkgs.overlays = [ secrets.overlays.dn42 ];
@ -341,14 +349,14 @@
grafana = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/grafana
];
};
hydra = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/hydra
{
sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml";
@ -358,7 +366,7 @@
mucbot = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
"${tigger}/module.nix"
{ nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
./hosts/containers/mucbot
@ -368,14 +376,14 @@
kibana = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/kibana
];
};
public-access-proxy = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/public-access-proxy
];
extraArgs = {
@ -385,7 +393,7 @@
ticker = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
"${ticker}/nixos-module.nix"
./hosts/containers/ticker
];
@ -393,7 +401,7 @@
spaceapi = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
"${spacemsg}/spaceapi/module.nix"
./hosts/containers/spaceapi
];
@ -401,7 +409,7 @@
stream = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/stream
];
};
@ -410,28 +418,28 @@
# TODO: pending https://github.com/NixOS/nixpkgs/pull/119132
nixpkgs = inputs.nixpkgs-mobilizon;
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/mobilizon
];
};
mail = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/mail
];
};
logging = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/logging
];
};
keycloak = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/keycloak
{ nixpkgs.overlays = with secrets.overlays; [ keycloak ]; }
];
@ -439,7 +447,7 @@
c3d2-web = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/c3d2-web
{ nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; }
];
@ -450,7 +458,7 @@
sdrweb = nixosSystem' {
modules = [
./lib/lxc-container.nix
./config/lxc-container.nix
{ nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
heliwatch.nixosModules.heliwatch
./hosts/containers/sdrweb
@ -460,7 +468,7 @@
bind = nixosSystem' {
modules = [
{ nixpkgs.overlays = with secrets.overlays; [ bind ]; }
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/bind
];
};
@ -468,7 +476,7 @@
jabber = nixosSystem' {
modules = [
{ nixpkgs.overlays = with secrets.overlays; [ jabber ]; }
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/jabber
];
};
@ -484,7 +492,7 @@
blogs = nixosSystem' {
modules = [
self.nixosModules.plume
./lib/lxc-container.nix
./config/lxc-container.nix
./hosts/containers/blogs
{ sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; }
];
@ -492,11 +500,14 @@
};
nixosModule.imports = [ sops-nix.nixosModule ./lib ];
nixosModule = self.nixosModules.c3d2;
nixosModules = {
c3d2 = self.nixosModule;
c3d2.imports = [
sops-nix.nixosModule
./modules/c3d2.nix
];
plume = {
imports = [ ./lib/plume.nix ];
imports = [ ./modules/plume.nix ];
nixpkgs.overlays = [ fenix.overlay naersk.overlay ];
};
};

8
hosts/containers/deployer/configuration.nix
View File

@ -2,10 +2,10 @@
{
imports = [
../../../lib
../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
../../../config
../../../config/lxc-container.nix
../../../config/shared.nix
../../../config/admins.nix
];
environment.systemPackages = with pkgs; [

4
hosts/containers/freifunk/default.nix
View File

@ -16,8 +16,8 @@ let
in {
imports = [
"${modulesPath}/profiles/minimal.nix"
../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../config/lxc-container.nix
../../../config/shared.nix
];
boot.tmpOnTmpfs = true;

8
hosts/containers/ledstripes/configuration.nix
View File

@ -3,9 +3,9 @@
{
imports = [
(modulesPath + "/profiles/minimal.nix")
../../../lib
../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../config
../../../config/lxc-container.nix
../../../config/shared.nix
];
c3d2 = {
@ -20,7 +20,7 @@
services.openssh.enable = true;
systemd.services.ledball =
let pile = import ../../../lib/pkgs/pile.nix { inherit pkgs; };
let pile = import ../../../config/pkgs/pile.nix { inherit pkgs; };
in {
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];

6
hosts/containers/lxc-template.nix
View File

@ -2,9 +2,9 @@
{
imports = [
../../lib/lxc-container.nix
../../lib/shared.nix
../../lib/admins.nix
../../config/lxc-container.nix
../../config/shared.nix
../../config/admins.nix
(modulesPath + "/profiles/minimal.nix")
];

8
hosts/containers/prometheus/configuration.nix
View File

@ -2,10 +2,10 @@
{
imports = [
../../../lib
../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
../../../config
../../../config/lxc-container.nix
../../../config/shared.nix
../../../config/admins.nix
];
networking = {

8
hosts/containers/registry/configuration.nix
View File

@ -2,10 +2,10 @@
{
imports = [
../../../lib
../../../lib/lxc-container.nix
../../../lib/shared.nix
../../../lib/admins.nix
../../../config
../../../config/lxc-container.nix
../../../config/shared.nix
../../../config/admins.nix
];
networking = {

6
hosts/storage-ng/default.nix
View File

@ -7,9 +7,9 @@ in
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# ../../lib
# ../../lib/hq.nix
# ../../lib/shared.nix
# ../../config
# ../../config/hq.nix
# ../../config/shared.nix
];
c3d2 = {

22
lib/pkgs/pile.nix
View File

@ -1,22 +0,0 @@
{ pkgs ? import <nixpkgs> { } }:
with pkgs;
let pile = builtins.fetchGit "https://github.com/astro/pile.git";
in {
ledball = rustPlatform.buildRustPackage {
name = "ledball";
version = "0.0.0";
src = "${pile}/ledball";
cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy";
cargoBuildFlags = [ "--examples" ];
postInstall = ''
mkdir -p $out/bin
for f in target/*/release/examples/*; do
if [ -f $f ] && [ -x $f ]; then
cp $f $out/bin/
fi
done
'';
};
}

4
lib/server7-yggaddr.nix
View File

@ -1,4 +0,0 @@
{
address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2";
prefix64 = "310:5217:69c0:9afc";
}

69
modules/c3d2.nix Normal file
View File

@ -0,0 +1,69 @@
# This module defines options for use by all C3D2 machines.
{ config, lib, ... }:
let cfg = config.c3d2;
in {
options.c3d2 = with lib;
with lib.types; {
isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
enableMotd = mkOption {
type = bool;
default = cfg.isInHq;
defaultText = literalExample "config.c3d2.isInHq";
};
mapPublicHosts = mkOption {
type = bool;
default = false;
description = ''
Whether to add all external HQ host mappings to /etc/hosts.
'';
};
mapHqHosts = mkOption {
type = bool;
default = cfg.isInHq;
description = ''
Whether to add all internal HQ host mappings to /etc/hosts.
'';
};
acmeEmail = mkOption {
type = str;
default = "mail@c3d2.de";
description = ''
Admin email address to use for Letsencrypt
'';
};
hq = {
interface = mkOption {
type = nullOr str;
default = null;
example = "eth0";
description = ''
Configure the given interface name with an internal IP address.
'';
};
enableBinaryCache = mkOption {
type = bool;
default = cfg.isInHq;
defaultText = literalExample "config.c3d2.isInHq";
description = "Whether to enable the local Nix binary cache";
};
enableMpdProxy = mkOption {
type = bool;
default = false;
description = "Whether to proxy the local MPD database";
};
};
};
}

0
lib/lxc/default.nix → modules/default.nix
View File

0
lib/pi-sensors.nix → modules/pi-sensors.nix
View File

0
lib/plume.nix → modules/plume.nix
View File