diff --git a/README.md b/README.md index 3896b724..8ab826ef 100644 --- a/README.md +++ b/README.md @@ -182,7 +182,7 @@ let in { imports = [ # ... - "${c3d2Config}/lib" + "${c3d2Config}/modules/c3d2.nix" ]; c3d2 = { diff --git a/lib/admins.nix b/config/admins.nix similarity index 100% rename from lib/admins.nix rename to config/admins.nix diff --git a/lib/audio-server/default.nix b/config/audio-server/default.nix similarity index 100% rename from lib/audio-server/default.nix rename to config/audio-server/default.nix diff --git a/lib/audio-server/generate.sh b/config/audio-server/generate.sh similarity index 100% rename from lib/audio-server/generate.sh rename to config/audio-server/generate.sh diff --git a/lib/audio-server/pipewire-pulse.conf.in.json b/config/audio-server/pipewire-pulse.conf.in.json similarity index 100% rename from lib/audio-server/pipewire-pulse.conf.in.json rename to config/audio-server/pipewire-pulse.conf.in.json diff --git a/lib/audio-server/pipewire-pulse.conf.json b/config/audio-server/pipewire-pulse.conf.json similarity index 100% rename from lib/audio-server/pipewire-pulse.conf.json rename to config/audio-server/pipewire-pulse.conf.json diff --git a/lib/autoupdate.nix b/config/autoupdate.nix similarity index 100% rename from lib/autoupdate.nix rename to config/autoupdate.nix diff --git a/lib/default.nix b/config/c3d2.nix similarity index 75% rename from lib/default.nix rename to config/c3d2.nix index e8cd08c9..5c732439 100644 --- a/lib/default.nix +++ b/config/c3d2.nix @@ -1,6 +1,4 @@ -# This module is for use by all C3D2 machines. -# That includes physical servers, VMs, containers, and personal machines. -# +# This module sets configuration for all NixOS machines defined in this flake { config, options, lib, pkgs, ... }: @@ -21,94 +19,16 @@ let # for the HQ networking using a seed string. toHqPrivateAddress = toIpv6Address hqPrefix64; - # toHqPublicAddress = toIpv6Address publicPrefix64; - - cfg = config.c3d2; - in { imports = [ - ./users ./stats.nix ./audio-server - ./pi-sensors.nix ./ceph-storage.nix ./cache.nix ./autoupdate.nix ]; - options.c3d2 = with lib; - with lib.types; { - - isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)"; - - enableMotd = mkOption { - type = bool; - default = cfg.isInHq; - defaultText = literalExample "config.c3d2.isInHq"; - }; - - mapPublicHosts = mkOption { - type = bool; - default = false; - description = '' - Whether to add all external HQ host mappings to /etc/hosts. - ''; - }; - - mapHqHosts = mkOption { - type = bool; - default = cfg.isInHq; - description = '' - Whether to add all internal HQ host mappings to /etc/hosts. - ''; - }; - - acmeEmail = mkOption { - type = str; - default = "mail@c3d2.de"; - description = '' - Admin email address to use for Letsencrypt - ''; - }; - - hq = { - - /* externalInterface = mkOption { - type = nullOr str; - default = null; - example = "eth0"; - description = '' - Configure the given interface name with an external IP address. - ''; - }; - */ - - interface = mkOption { - type = nullOr str; - default = null; - example = "eth0"; - description = '' - Configure the given interface name with an internal IP address. - ''; - }; - - enableBinaryCache = mkOption { - type = bool; - default = cfg.isInHq; - defaultText = literalExample "config.c3d2.isInHq"; - description = "Whether to enable the local Nix binary cache"; - }; - - enableMpdProxy = mkOption { - type = bool; - default = false; - description = "Whether to proxy the local MPD database"; - }; - - }; - - }; config = let cfg = config.c3d2; @@ -184,14 +104,6 @@ in { networking.hosts = let getHost = hostName: builtins.getAttr hostName hostRegistry.hosts; - mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list); - - /* hqPublicHosts = mapHostsNamesToAttrs (hostName: { - name = toHqPublicAddress hostName; - value = [ "${hostName}.hq.c3d2.de" hostName ]; - }) hostRegistry.hqPublic; - */ - hqLocalHosts = with builtins; let f = hostName: @@ -350,6 +262,4 @@ in { email = cfg.acmeEmail; }; }; - - meta.maintainers = with lib.maintainers; [ ehmry ]; } diff --git a/lib/cache.nix b/config/cache.nix similarity index 100% rename from lib/cache.nix rename to config/cache.nix diff --git a/lib/ceph-storage.nix b/config/ceph-storage.nix similarity index 100% rename from lib/ceph-storage.nix rename to config/ceph-storage.nix diff --git a/lib/logging.nix b/config/logging.nix similarity index 100% rename from lib/logging.nix rename to config/logging.nix diff --git a/lib/lxc-container.nix b/config/lxc-container.nix similarity index 100% rename from lib/lxc-container.nix rename to config/lxc-container.nix diff --git a/lib/motd b/config/motd similarity index 100% rename from lib/motd rename to config/motd diff --git a/lib/shared.nix b/config/shared.nix similarity index 100% rename from lib/shared.nix rename to config/shared.nix diff --git a/lib/stats.nix b/config/stats.nix similarity index 100% rename from lib/stats.nix rename to config/stats.nix diff --git a/lib/users/antrares.nix b/config/users/antrares.nix similarity index 100% rename from lib/users/antrares.nix rename to config/users/antrares.nix diff --git a/lib/users/astro.nix b/config/users/astro.nix similarity index 100% rename from lib/users/astro.nix rename to config/users/astro.nix diff --git a/lib/users/default.nix b/config/users/default.nix similarity index 100% rename from lib/users/default.nix rename to config/users/default.nix diff --git a/lib/users/emery.nix b/config/users/emery.nix similarity index 100% rename from lib/users/emery.nix rename to config/users/emery.nix diff --git a/lib/users/j03.nix b/config/users/j03.nix similarity index 100% rename from lib/users/j03.nix rename to config/users/j03.nix diff --git a/lib/users/k-ot.nix b/config/users/k-ot.nix similarity index 100% rename from lib/users/k-ot.nix rename to config/users/k-ot.nix diff --git a/lib/users/marenz.nix b/config/users/marenz.nix similarity index 100% rename from lib/users/marenz.nix rename to config/users/marenz.nix diff --git a/lib/users/nek0.nix b/config/users/nek0.nix similarity index 100% rename from lib/users/nek0.nix rename to config/users/nek0.nix diff --git a/lib/users/poelzi.nix b/config/users/poelzi.nix similarity index 100% rename from lib/users/poelzi.nix rename to config/users/poelzi.nix diff --git a/lib/users/polygon.nix b/config/users/polygon.nix similarity index 100% rename from lib/users/polygon.nix rename to config/users/polygon.nix diff --git a/lib/users/sandro.nix b/config/users/sandro.nix similarity index 100% rename from lib/users/sandro.nix rename to config/users/sandro.nix diff --git a/lib/users/tboston.nix b/config/users/tboston.nix similarity index 100% rename from lib/users/tboston.nix rename to config/users/tboston.nix diff --git a/lib/users/windsleep.nix b/config/users/windsleep.nix similarity index 100% rename from lib/users/windsleep.nix rename to config/users/windsleep.nix diff --git a/flake.nix b/flake.nix index 04e018dd..efd108ff 100644 --- a/flake.nix +++ b/flake.nix @@ -203,7 +203,15 @@ nixpkgs.overlays = [ self.overlay ]; }) - self.nixosModule + self.nixosModules.c3d2 + ./config/audio-server + ./config/autoupdate.nix + ./config/c3d2.nix + ./config/cache.nix + ./config/ceph-storage.nix + ./config/stats.nix + ./config/users + ./modules/pi-sensors.nix ] ++ modules; }; @@ -223,7 +231,7 @@ gitea = nixosSystem' { nixpkgs = inputs.nixpkgs-unstable; modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/gitea ]; }; @@ -311,7 +319,7 @@ matemat = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/matemat yammat.nixosModule secrets.nixosModules.admins @@ -321,7 +329,7 @@ scrape = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/scrape { nixpkgs.overlays = [ secrets.overlays.scrape ]; } ]; @@ -330,7 +338,7 @@ dn42 = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/dn42 { nixpkgs.overlays = [ secrets.overlays.dn42 ]; @@ -341,14 +349,14 @@ grafana = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/grafana ]; }; hydra = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/hydra { sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml"; @@ -358,7 +366,7 @@ mucbot = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix "${tigger}/module.nix" { nixpkgs.overlays = [ secrets.overlays.mucbot ]; } ./hosts/containers/mucbot @@ -368,14 +376,14 @@ kibana = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/kibana ]; }; public-access-proxy = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/public-access-proxy ]; extraArgs = { @@ -385,7 +393,7 @@ ticker = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix "${ticker}/nixos-module.nix" ./hosts/containers/ticker ]; @@ -393,7 +401,7 @@ spaceapi = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix "${spacemsg}/spaceapi/module.nix" ./hosts/containers/spaceapi ]; @@ -401,7 +409,7 @@ stream = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/stream ]; }; @@ -410,28 +418,28 @@ # TODO: pending https://github.com/NixOS/nixpkgs/pull/119132 nixpkgs = inputs.nixpkgs-mobilizon; modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/mobilizon ]; }; mail = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/mail ]; }; logging = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/logging ]; }; keycloak = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/keycloak { nixpkgs.overlays = with secrets.overlays; [ keycloak ]; } ]; @@ -439,7 +447,7 @@ c3d2-web = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/c3d2-web { nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; } ]; @@ -450,7 +458,7 @@ sdrweb = nixosSystem' { modules = [ - ./lib/lxc-container.nix + ./config/lxc-container.nix { nixpkgs.overlays = [ secrets.overlays.mucbot ]; } heliwatch.nixosModules.heliwatch ./hosts/containers/sdrweb @@ -460,7 +468,7 @@ bind = nixosSystem' { modules = [ { nixpkgs.overlays = with secrets.overlays; [ bind ]; } - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/bind ]; }; @@ -468,7 +476,7 @@ jabber = nixosSystem' { modules = [ { nixpkgs.overlays = with secrets.overlays; [ jabber ]; } - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/jabber ]; }; @@ -484,7 +492,7 @@ blogs = nixosSystem' { modules = [ self.nixosModules.plume - ./lib/lxc-container.nix + ./config/lxc-container.nix ./hosts/containers/blogs { sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; } ]; @@ -492,11 +500,14 @@ }; - nixosModule.imports = [ sops-nix.nixosModule ./lib ]; + nixosModule = self.nixosModules.c3d2; nixosModules = { - c3d2 = self.nixosModule; + c3d2.imports = [ + sops-nix.nixosModule + ./modules/c3d2.nix + ]; plume = { - imports = [ ./lib/plume.nix ]; + imports = [ ./modules/plume.nix ]; nixpkgs.overlays = [ fenix.overlay naersk.overlay ]; }; }; diff --git a/hosts/containers/deployer/configuration.nix b/hosts/containers/deployer/configuration.nix index d6ef8873..d7339c8f 100644 --- a/hosts/containers/deployer/configuration.nix +++ b/hosts/containers/deployer/configuration.nix @@ -2,10 +2,10 @@ { imports = [ - ../../../lib - ../../../lib/lxc-container.nix - ../../../lib/shared.nix - ../../../lib/admins.nix + ../../../config + ../../../config/lxc-container.nix + ../../../config/shared.nix + ../../../config/admins.nix ]; environment.systemPackages = with pkgs; [ diff --git a/hosts/containers/freifunk/default.nix b/hosts/containers/freifunk/default.nix index bfb5a141..a1093a49 100644 --- a/hosts/containers/freifunk/default.nix +++ b/hosts/containers/freifunk/default.nix @@ -16,8 +16,8 @@ let in { imports = [ "${modulesPath}/profiles/minimal.nix" - ../../../lib/lxc-container.nix - ../../../lib/shared.nix + ../../../config/lxc-container.nix + ../../../config/shared.nix ]; boot.tmpOnTmpfs = true; diff --git a/hosts/containers/ledstripes/configuration.nix b/hosts/containers/ledstripes/configuration.nix index 35380b18..7bf89e65 100644 --- a/hosts/containers/ledstripes/configuration.nix +++ b/hosts/containers/ledstripes/configuration.nix @@ -3,9 +3,9 @@ { imports = [ (modulesPath + "/profiles/minimal.nix") - ../../../lib - ../../../lib/lxc-container.nix - ../../../lib/shared.nix + ../../../config + ../../../config/lxc-container.nix + ../../../config/shared.nix ]; c3d2 = { @@ -20,7 +20,7 @@ services.openssh.enable = true; systemd.services.ledball = - let pile = import ../../../lib/pkgs/pile.nix { inherit pkgs; }; + let pile = import ../../../config/pkgs/pile.nix { inherit pkgs; }; in { after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; diff --git a/hosts/containers/lxc-template.nix b/hosts/containers/lxc-template.nix index 180edd35..37e2500b 100644 --- a/hosts/containers/lxc-template.nix +++ b/hosts/containers/lxc-template.nix @@ -2,9 +2,9 @@ { imports = [ - ../../lib/lxc-container.nix - ../../lib/shared.nix - ../../lib/admins.nix + ../../config/lxc-container.nix + ../../config/shared.nix + ../../config/admins.nix (modulesPath + "/profiles/minimal.nix") ]; diff --git a/hosts/containers/prometheus/configuration.nix b/hosts/containers/prometheus/configuration.nix index 1c92e9ae..f3a7820f 100644 --- a/hosts/containers/prometheus/configuration.nix +++ b/hosts/containers/prometheus/configuration.nix @@ -2,10 +2,10 @@ { imports = [ - ../../../lib - ../../../lib/lxc-container.nix - ../../../lib/shared.nix - ../../../lib/admins.nix + ../../../config + ../../../config/lxc-container.nix + ../../../config/shared.nix + ../../../config/admins.nix ]; networking = { diff --git a/hosts/containers/registry/configuration.nix b/hosts/containers/registry/configuration.nix index f249ee81..eda0cb89 100644 --- a/hosts/containers/registry/configuration.nix +++ b/hosts/containers/registry/configuration.nix @@ -2,10 +2,10 @@ { imports = [ - ../../../lib - ../../../lib/lxc-container.nix - ../../../lib/shared.nix - ../../../lib/admins.nix + ../../../config + ../../../config/lxc-container.nix + ../../../config/shared.nix + ../../../config/admins.nix ]; networking = { diff --git a/hosts/storage-ng/default.nix b/hosts/storage-ng/default.nix index b03d1a23..6b970a6e 100644 --- a/hosts/storage-ng/default.nix +++ b/hosts/storage-ng/default.nix @@ -7,9 +7,9 @@ in imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - # ../../lib - # ../../lib/hq.nix - # ../../lib/shared.nix + # ../../config + # ../../config/hq.nix + # ../../config/shared.nix ]; c3d2 = { diff --git a/lib/pkgs/pile.nix b/lib/pkgs/pile.nix deleted file mode 100644 index 0611652d..00000000 --- a/lib/pkgs/pile.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs ? import { } }: - -with pkgs; -let pile = builtins.fetchGit "https://github.com/astro/pile.git"; -in { - ledball = rustPlatform.buildRustPackage { - name = "ledball"; - version = "0.0.0"; - src = "${pile}/ledball"; - cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy"; - cargoBuildFlags = [ "--examples" ]; - postInstall = '' - mkdir -p $out/bin - - for f in target/*/release/examples/*; do - if [ -f $f ] && [ -x $f ]; then - cp $f $out/bin/ - fi - done - ''; - }; -} diff --git a/lib/server7-yggaddr.nix b/lib/server7-yggaddr.nix deleted file mode 100644 index 22be5469..00000000 --- a/lib/server7-yggaddr.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2"; - prefix64 = "310:5217:69c0:9afc"; -} diff --git a/modules/c3d2.nix b/modules/c3d2.nix new file mode 100644 index 00000000..99d7cd53 --- /dev/null +++ b/modules/c3d2.nix @@ -0,0 +1,69 @@ +# This module defines options for use by all C3D2 machines. + +{ config, lib, ... }: + +let cfg = config.c3d2; +in { + options.c3d2 = with lib; + with lib.types; { + + isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)"; + + enableMotd = mkOption { + type = bool; + default = cfg.isInHq; + defaultText = literalExample "config.c3d2.isInHq"; + }; + + mapPublicHosts = mkOption { + type = bool; + default = false; + description = '' + Whether to add all external HQ host mappings to /etc/hosts. + ''; + }; + + mapHqHosts = mkOption { + type = bool; + default = cfg.isInHq; + description = '' + Whether to add all internal HQ host mappings to /etc/hosts. + ''; + }; + + acmeEmail = mkOption { + type = str; + default = "mail@c3d2.de"; + description = '' + Admin email address to use for Letsencrypt + ''; + }; + + hq = { + + interface = mkOption { + type = nullOr str; + default = null; + example = "eth0"; + description = '' + Configure the given interface name with an internal IP address. + ''; + }; + + enableBinaryCache = mkOption { + type = bool; + default = cfg.isInHq; + defaultText = literalExample "config.c3d2.isInHq"; + description = "Whether to enable the local Nix binary cache"; + }; + + enableMpdProxy = mkOption { + type = bool; + default = false; + description = "Whether to proxy the local MPD database"; + }; + + }; + + }; +} diff --git a/lib/lxc/default.nix b/modules/default.nix similarity index 100% rename from lib/lxc/default.nix rename to modules/default.nix diff --git a/lib/pi-sensors.nix b/modules/pi-sensors.nix similarity index 100% rename from lib/pi-sensors.nix rename to modules/pi-sensors.nix diff --git a/lib/plume.nix b/modules/plume.nix similarity index 100% rename from lib/plume.nix rename to modules/plume.nix