Split "lib" into "config" and "modules"

Separate modules that add options from modules that change
configuration.

README.md

@@ -182,7 +182,7 @@ let
 in {
   imports = [
     # ...
-    "${c3d2Config}/lib"
+    "${c3d2Config}/modules/c3d2.nix"
   ];
 
   c3d2 = {

config/c3d2.nix

@@ -1,6 +1,4 @@
-# This module is for use by all C3D2 machines.
+# This module sets configuration for all NixOS machines defined in this flake
-# That includes physical servers, VMs, containers, and personal machines.
-#
 
 { config, options, lib, pkgs, ... }:
 
@@ -21,94 +19,16 @@ let
   # for the HQ networking using a seed string.
   toHqPrivateAddress = toIpv6Address hqPrefix64;
 
-  # toHqPublicAddress = toIpv6Address publicPrefix64;
-
-  cfg = config.c3d2;
-
 in {
 
   imports = [
-    ./users
     ./stats.nix
     ./audio-server
-    ./pi-sensors.nix
     ./ceph-storage.nix
     ./cache.nix
     ./autoupdate.nix
   ];
 
-  options.c3d2 = with lib;
-    with lib.types; {
-
-      isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
-
-      enableMotd = mkOption {
-        type = bool;
-        default = cfg.isInHq;
-        defaultText = literalExample "config.c3d2.isInHq";
-      };
-
-      mapPublicHosts = mkOption {
-        type = bool;
-        default = false;
-        description = ''
-          Whether to add all external HQ host mappings to /etc/hosts.
-        '';
-      };
-
-      mapHqHosts = mkOption {
-        type = bool;
-        default = cfg.isInHq;
-        description = ''
-          Whether to add all internal HQ host mappings to /etc/hosts.
-        '';
-      };
-
-      acmeEmail = mkOption {
-        type = str;
-        default = "mail@c3d2.de";
-        description = ''
-          Admin email address to use for Letsencrypt
-        '';
-      };
-
-      hq = {
-
-        /* externalInterface = mkOption {
-             type = nullOr str;
-             default = null;
-             example = "eth0";
-             description = ''
-               Configure the given interface name with an external IP address.
-             '';
-           };
-        */
-
-        interface = mkOption {
-          type = nullOr str;
-          default = null;
-          example = "eth0";
-          description = ''
-            Configure the given interface name with an internal IP address.
-          '';
-        };
-
-        enableBinaryCache = mkOption {
-          type = bool;
-          default = cfg.isInHq;
-          defaultText = literalExample "config.c3d2.isInHq";
-          description = "Whether to enable the local Nix binary cache";
-        };
-
-        enableMpdProxy = mkOption {
-          type = bool;
-          default = false;
-          description = "Whether to proxy the local MPD database";
-        };
-
-      };
-
-    };
 
   config = let
     cfg = config.c3d2;
@@ -184,14 +104,6 @@ in {
     networking.hosts = let
       getHost = hostName: builtins.getAttr hostName hostRegistry.hosts;
 
-      mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list);
-
-      /* hqPublicHosts = mapHostsNamesToAttrs (hostName: {
-           name = toHqPublicAddress hostName;
-           value = [ "${hostName}.hq.c3d2.de" hostName ];
-         }) hostRegistry.hqPublic;
-      */
-
       hqLocalHosts = with builtins;
         let
           f = hostName:
@@ -350,6 +262,4 @@ in {
         email = cfg.acmeEmail;
       };
   };
-
-  meta.maintainers = with lib.maintainers; [ ehmry ];
 }

flake.nix

@@ -203,7 +203,15 @@
                 nixpkgs.overlays = [ self.overlay ];
               })
 
-              self.nixosModule
+              self.nixosModules.c3d2
+              ./config/audio-server
+              ./config/autoupdate.nix
+              ./config/c3d2.nix
+              ./config/cache.nix
+              ./config/ceph-storage.nix
+              ./config/stats.nix
+              ./config/users
+              ./modules/pi-sensors.nix
             ] ++ modules;
 
           };
@@ -223,7 +231,7 @@
         gitea = nixosSystem' {
           nixpkgs = inputs.nixpkgs-unstable;
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/gitea
           ];
         };
@@ -311,7 +319,7 @@
 
         matemat = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/matemat
             yammat.nixosModule
             secrets.nixosModules.admins
@@ -321,7 +329,7 @@
 
         scrape = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/scrape
             { nixpkgs.overlays = [ secrets.overlays.scrape ]; }
           ];
@@ -330,7 +338,7 @@
 
         dn42 = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/dn42
             {
               nixpkgs.overlays = [ secrets.overlays.dn42 ];
@@ -341,14 +349,14 @@
 
         grafana = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/grafana
           ];
         };
 
         hydra = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/hydra
             {
               sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml";
@@ -358,7 +366,7 @@
 
         mucbot = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             "${tigger}/module.nix"
             { nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
             ./hosts/containers/mucbot
@@ -368,14 +376,14 @@
 
         kibana = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/kibana
           ];
         };
 
         public-access-proxy = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/public-access-proxy
           ];
           extraArgs = {
@@ -385,7 +393,7 @@
 
         ticker = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             "${ticker}/nixos-module.nix"
             ./hosts/containers/ticker
           ];
@@ -393,7 +401,7 @@
 
         spaceapi = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             "${spacemsg}/spaceapi/module.nix"
             ./hosts/containers/spaceapi
           ];
@@ -401,7 +409,7 @@
 
         stream = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/stream
           ];
         };
@@ -410,28 +418,28 @@
           # TODO: pending https://github.com/NixOS/nixpkgs/pull/119132
           nixpkgs = inputs.nixpkgs-mobilizon;
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/mobilizon
           ];
         };
 
         mail = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/mail
           ];
         };
 
         logging = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/logging
           ];
         };
 
         keycloak = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/keycloak
             { nixpkgs.overlays = with secrets.overlays; [ keycloak ]; }
           ];
@@ -439,7 +447,7 @@
 
         c3d2-web = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/c3d2-web
             { nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; }
           ];
@@ -450,7 +458,7 @@
 
         sdrweb = nixosSystem' {
           modules = [
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             { nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
             heliwatch.nixosModules.heliwatch
             ./hosts/containers/sdrweb
@@ -460,7 +468,7 @@
         bind = nixosSystem' {
           modules = [
             { nixpkgs.overlays = with secrets.overlays; [ bind ]; }
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/bind
           ];
         };
@@ -468,7 +476,7 @@
         jabber = nixosSystem' {
           modules = [
             { nixpkgs.overlays = with secrets.overlays; [ jabber ]; }
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/jabber
           ];
         };
@@ -484,7 +492,7 @@
         blogs = nixosSystem' {
           modules = [
             self.nixosModules.plume
-            ./lib/lxc-container.nix
+            ./config/lxc-container.nix
             ./hosts/containers/blogs
             { sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; }
           ];
@@ -492,11 +500,14 @@
 
       };
 
-      nixosModule.imports = [ sops-nix.nixosModule ./lib ];
+      nixosModule = self.nixosModules.c3d2;
       nixosModules = {
-        c3d2 = self.nixosModule;
+        c3d2.imports = [
+          sops-nix.nixosModule
+          ./modules/c3d2.nix
+        ];
         plume = {
-          imports = [ ./lib/plume.nix ];
+          imports = [ ./modules/plume.nix ];
           nixpkgs.overlays = [ fenix.overlay naersk.overlay ];
         };
       };

hosts/containers/deployer/configuration.nix

@@ -2,10 +2,10 @@
 
 {
   imports = [
-    ../../../lib
+    ../../../config
-    ../../../lib/lxc-container.nix
+    ../../../config/lxc-container.nix
-    ../../../lib/shared.nix
+    ../../../config/shared.nix
-    ../../../lib/admins.nix
+    ../../../config/admins.nix
   ];
 
   environment.systemPackages = with pkgs; [

hosts/containers/freifunk/default.nix

@@ -16,8 +16,8 @@ let
 in {
   imports = [
     "${modulesPath}/profiles/minimal.nix"
-    ../../../lib/lxc-container.nix
+    ../../../config/lxc-container.nix
-    ../../../lib/shared.nix
+    ../../../config/shared.nix
   ];
 
   boot.tmpOnTmpfs = true;

hosts/containers/ledstripes/configuration.nix

@@ -3,9 +3,9 @@
 {
   imports = [
     (modulesPath + "/profiles/minimal.nix")
-    ../../../lib
+    ../../../config
-    ../../../lib/lxc-container.nix
+    ../../../config/lxc-container.nix
-    ../../../lib/shared.nix
+    ../../../config/shared.nix
   ];
 
   c3d2 = {
@@ -20,7 +20,7 @@
   services.openssh.enable = true;
 
   systemd.services.ledball =
-    let pile = import ../../../lib/pkgs/pile.nix { inherit pkgs; };
+    let pile = import ../../../config/pkgs/pile.nix { inherit pkgs; };
     in {
       after = [ "network-online.target" ];
       wantedBy = [ "multi-user.target" ];

hosts/containers/lxc-template.nix

@@ -2,9 +2,9 @@
 
 {
   imports = [
-    ../../lib/lxc-container.nix
+    ../../config/lxc-container.nix
-    ../../lib/shared.nix
+    ../../config/shared.nix
-    ../../lib/admins.nix
+    ../../config/admins.nix
     (modulesPath + "/profiles/minimal.nix")
   ];
 

hosts/containers/prometheus/configuration.nix

@@ -2,10 +2,10 @@
 
 {
   imports = [
-    ../../../lib
+    ../../../config
-    ../../../lib/lxc-container.nix
+    ../../../config/lxc-container.nix
-    ../../../lib/shared.nix
+    ../../../config/shared.nix
-    ../../../lib/admins.nix
+    ../../../config/admins.nix
   ];
 
   networking = {

hosts/containers/registry/configuration.nix

@@ -2,10 +2,10 @@
 
 {
   imports = [
-    ../../../lib
+    ../../../config
-    ../../../lib/lxc-container.nix
+    ../../../config/lxc-container.nix
-    ../../../lib/shared.nix
+    ../../../config/shared.nix
-    ../../../lib/admins.nix
+    ../../../config/admins.nix
   ];
 
   networking = {

hosts/storage-ng/default.nix

@@ -7,9 +7,9 @@ in
   imports = [
     # Include the results of the hardware scan.
     ./hardware-configuration.nix
-    # ../../lib
+    # ../../config
-    # ../../lib/hq.nix
+    # ../../config/hq.nix
-    # ../../lib/shared.nix
+    # ../../config/shared.nix
   ];
 
   c3d2 = {

lib/pkgs/pile.nix

@@ -1,22 +0,0 @@
-{ pkgs ? import <nixpkgs> { } }:
-
-with pkgs;
-let pile = builtins.fetchGit "https://github.com/astro/pile.git";
-in {
-  ledball = rustPlatform.buildRustPackage {
-    name = "ledball";
-    version = "0.0.0";
-    src = "${pile}/ledball";
-    cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy";
-    cargoBuildFlags = [ "--examples" ];
-    postInstall = ''
-      mkdir -p $out/bin
-
-      for f in target/*/release/examples/*; do
-        if [ -f $f ] && [ -x $f ]; then
-          cp $f $out/bin/
-        fi
-      done
-    '';
-  };
-}

lib/server7-yggaddr.nix

@@ -1,4 +0,0 @@
-{
-  address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2";
-  prefix64 = "310:5217:69c0:9afc";
-}

modules/c3d2.nix

@@ -0,0 +1,69 @@
+# This module defines options for use by all C3D2 machines.
+
+{ config, lib, ... }:
+
+let cfg = config.c3d2;
+in {
+  options.c3d2 = with lib;
+    with lib.types; {
+
+      isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
+
+      enableMotd = mkOption {
+        type = bool;
+        default = cfg.isInHq;
+        defaultText = literalExample "config.c3d2.isInHq";
+      };
+
+      mapPublicHosts = mkOption {
+        type = bool;
+        default = false;
+        description = ''
+          Whether to add all external HQ host mappings to /etc/hosts.
+        '';
+      };
+
+      mapHqHosts = mkOption {
+        type = bool;
+        default = cfg.isInHq;
+        description = ''
+          Whether to add all internal HQ host mappings to /etc/hosts.
+        '';
+      };
+
+      acmeEmail = mkOption {
+        type = str;
+        default = "mail@c3d2.de";
+        description = ''
+          Admin email address to use for Letsencrypt
+        '';
+      };
+
+      hq = {
+
+        interface = mkOption {
+          type = nullOr str;
+          default = null;
+          example = "eth0";
+          description = ''
+            Configure the given interface name with an internal IP address.
+          '';
+        };
+
+        enableBinaryCache = mkOption {
+          type = bool;
+          default = cfg.isInHq;
+          defaultText = literalExample "config.c3d2.isInHq";
+          description = "Whether to enable the local Nix binary cache";
+        };
+
+        enableMpdProxy = mkOption {
+          type = bool;
+          default = false;
+          description = "Whether to proxy the local MPD database";
+        };
+
+      };
+
+    };
+}