Split "lib" into "config" and "modules"
Separate modules that add options from modules that change configuration.
This commit is contained in:
parent
5f910a4630
commit
f066f4cb82
|
@ -182,7 +182,7 @@ let
|
|||
in {
|
||||
imports = [
|
||||
# ...
|
||||
"${c3d2Config}/lib"
|
||||
"${c3d2Config}/modules/c3d2.nix"
|
||||
];
|
||||
|
||||
c3d2 = {
|
||||
|
|
|
@ -1,6 +1,4 @@
|
|||
# This module is for use by all C3D2 machines.
|
||||
# That includes physical servers, VMs, containers, and personal machines.
|
||||
#
|
||||
# This module sets configuration for all NixOS machines defined in this flake
|
||||
|
||||
{ config, options, lib, pkgs, ... }:
|
||||
|
||||
|
@ -21,94 +19,16 @@ let
|
|||
# for the HQ networking using a seed string.
|
||||
toHqPrivateAddress = toIpv6Address hqPrefix64;
|
||||
|
||||
# toHqPublicAddress = toIpv6Address publicPrefix64;
|
||||
|
||||
cfg = config.c3d2;
|
||||
|
||||
in {
|
||||
|
||||
imports = [
|
||||
./users
|
||||
./stats.nix
|
||||
./audio-server
|
||||
./pi-sensors.nix
|
||||
./ceph-storage.nix
|
||||
./cache.nix
|
||||
./autoupdate.nix
|
||||
];
|
||||
|
||||
options.c3d2 = with lib;
|
||||
with lib.types; {
|
||||
|
||||
isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
|
||||
|
||||
enableMotd = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
defaultText = literalExample "config.c3d2.isInHq";
|
||||
};
|
||||
|
||||
mapPublicHosts = mkOption {
|
||||
type = bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to add all external HQ host mappings to /etc/hosts.
|
||||
'';
|
||||
};
|
||||
|
||||
mapHqHosts = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
description = ''
|
||||
Whether to add all internal HQ host mappings to /etc/hosts.
|
||||
'';
|
||||
};
|
||||
|
||||
acmeEmail = mkOption {
|
||||
type = str;
|
||||
default = "mail@c3d2.de";
|
||||
description = ''
|
||||
Admin email address to use for Letsencrypt
|
||||
'';
|
||||
};
|
||||
|
||||
hq = {
|
||||
|
||||
/* externalInterface = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
example = "eth0";
|
||||
description = ''
|
||||
Configure the given interface name with an external IP address.
|
||||
'';
|
||||
};
|
||||
*/
|
||||
|
||||
interface = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
example = "eth0";
|
||||
description = ''
|
||||
Configure the given interface name with an internal IP address.
|
||||
'';
|
||||
};
|
||||
|
||||
enableBinaryCache = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
defaultText = literalExample "config.c3d2.isInHq";
|
||||
description = "Whether to enable the local Nix binary cache";
|
||||
};
|
||||
|
||||
enableMpdProxy = mkOption {
|
||||
type = bool;
|
||||
default = false;
|
||||
description = "Whether to proxy the local MPD database";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = let
|
||||
cfg = config.c3d2;
|
||||
|
@ -184,14 +104,6 @@ in {
|
|||
networking.hosts = let
|
||||
getHost = hostName: builtins.getAttr hostName hostRegistry.hosts;
|
||||
|
||||
mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list);
|
||||
|
||||
/* hqPublicHosts = mapHostsNamesToAttrs (hostName: {
|
||||
name = toHqPublicAddress hostName;
|
||||
value = [ "${hostName}.hq.c3d2.de" hostName ];
|
||||
}) hostRegistry.hqPublic;
|
||||
*/
|
||||
|
||||
hqLocalHosts = with builtins;
|
||||
let
|
||||
f = hostName:
|
||||
|
@ -350,6 +262,4 @@ in {
|
|||
email = cfg.acmeEmail;
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ehmry ];
|
||||
}
|
61
flake.nix
61
flake.nix
|
@ -203,7 +203,15 @@
|
|||
nixpkgs.overlays = [ self.overlay ];
|
||||
})
|
||||
|
||||
self.nixosModule
|
||||
self.nixosModules.c3d2
|
||||
./config/audio-server
|
||||
./config/autoupdate.nix
|
||||
./config/c3d2.nix
|
||||
./config/cache.nix
|
||||
./config/ceph-storage.nix
|
||||
./config/stats.nix
|
||||
./config/users
|
||||
./modules/pi-sensors.nix
|
||||
] ++ modules;
|
||||
|
||||
};
|
||||
|
@ -223,7 +231,7 @@
|
|||
gitea = nixosSystem' {
|
||||
nixpkgs = inputs.nixpkgs-unstable;
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/gitea
|
||||
];
|
||||
};
|
||||
|
@ -311,7 +319,7 @@
|
|||
|
||||
matemat = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/matemat
|
||||
yammat.nixosModule
|
||||
secrets.nixosModules.admins
|
||||
|
@ -321,7 +329,7 @@
|
|||
|
||||
scrape = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/scrape
|
||||
{ nixpkgs.overlays = [ secrets.overlays.scrape ]; }
|
||||
];
|
||||
|
@ -330,7 +338,7 @@
|
|||
|
||||
dn42 = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/dn42
|
||||
{
|
||||
nixpkgs.overlays = [ secrets.overlays.dn42 ];
|
||||
|
@ -341,14 +349,14 @@
|
|||
|
||||
grafana = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/grafana
|
||||
];
|
||||
};
|
||||
|
||||
hydra = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/hydra
|
||||
{
|
||||
sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml";
|
||||
|
@ -358,7 +366,7 @@
|
|||
|
||||
mucbot = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
"${tigger}/module.nix"
|
||||
{ nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
|
||||
./hosts/containers/mucbot
|
||||
|
@ -368,14 +376,14 @@
|
|||
|
||||
kibana = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/kibana
|
||||
];
|
||||
};
|
||||
|
||||
public-access-proxy = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/public-access-proxy
|
||||
];
|
||||
extraArgs = {
|
||||
|
@ -385,7 +393,7 @@
|
|||
|
||||
ticker = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
"${ticker}/nixos-module.nix"
|
||||
./hosts/containers/ticker
|
||||
];
|
||||
|
@ -393,7 +401,7 @@
|
|||
|
||||
spaceapi = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
"${spacemsg}/spaceapi/module.nix"
|
||||
./hosts/containers/spaceapi
|
||||
];
|
||||
|
@ -401,7 +409,7 @@
|
|||
|
||||
stream = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/stream
|
||||
];
|
||||
};
|
||||
|
@ -410,28 +418,28 @@
|
|||
# TODO: pending https://github.com/NixOS/nixpkgs/pull/119132
|
||||
nixpkgs = inputs.nixpkgs-mobilizon;
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/mobilizon
|
||||
];
|
||||
};
|
||||
|
||||
mail = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/mail
|
||||
];
|
||||
};
|
||||
|
||||
logging = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/logging
|
||||
];
|
||||
};
|
||||
|
||||
keycloak = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/keycloak
|
||||
{ nixpkgs.overlays = with secrets.overlays; [ keycloak ]; }
|
||||
];
|
||||
|
@ -439,7 +447,7 @@
|
|||
|
||||
c3d2-web = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/c3d2-web
|
||||
{ nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; }
|
||||
];
|
||||
|
@ -450,7 +458,7 @@
|
|||
|
||||
sdrweb = nixosSystem' {
|
||||
modules = [
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
{ nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
|
||||
heliwatch.nixosModules.heliwatch
|
||||
./hosts/containers/sdrweb
|
||||
|
@ -460,7 +468,7 @@
|
|||
bind = nixosSystem' {
|
||||
modules = [
|
||||
{ nixpkgs.overlays = with secrets.overlays; [ bind ]; }
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/bind
|
||||
];
|
||||
};
|
||||
|
@ -468,7 +476,7 @@
|
|||
jabber = nixosSystem' {
|
||||
modules = [
|
||||
{ nixpkgs.overlays = with secrets.overlays; [ jabber ]; }
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/jabber
|
||||
];
|
||||
};
|
||||
|
@ -484,7 +492,7 @@
|
|||
blogs = nixosSystem' {
|
||||
modules = [
|
||||
self.nixosModules.plume
|
||||
./lib/lxc-container.nix
|
||||
./config/lxc-container.nix
|
||||
./hosts/containers/blogs
|
||||
{ sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; }
|
||||
];
|
||||
|
@ -492,11 +500,14 @@
|
|||
|
||||
};
|
||||
|
||||
nixosModule.imports = [ sops-nix.nixosModule ./lib ];
|
||||
nixosModule = self.nixosModules.c3d2;
|
||||
nixosModules = {
|
||||
c3d2 = self.nixosModule;
|
||||
c3d2.imports = [
|
||||
sops-nix.nixosModule
|
||||
./modules/c3d2.nix
|
||||
];
|
||||
plume = {
|
||||
imports = [ ./lib/plume.nix ];
|
||||
imports = [ ./modules/plume.nix ];
|
||||
nixpkgs.overlays = [ fenix.overlay naersk.overlay ];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
{
|
||||
imports = [
|
||||
../../../lib
|
||||
../../../lib/lxc-container.nix
|
||||
../../../lib/shared.nix
|
||||
../../../lib/admins.nix
|
||||
../../../config
|
||||
../../../config/lxc-container.nix
|
||||
../../../config/shared.nix
|
||||
../../../config/admins.nix
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
|
|
@ -16,8 +16,8 @@ let
|
|||
in {
|
||||
imports = [
|
||||
"${modulesPath}/profiles/minimal.nix"
|
||||
../../../lib/lxc-container.nix
|
||||
../../../lib/shared.nix
|
||||
../../../config/lxc-container.nix
|
||||
../../../config/shared.nix
|
||||
];
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
|
|
@ -3,9 +3,9 @@
|
|||
{
|
||||
imports = [
|
||||
(modulesPath + "/profiles/minimal.nix")
|
||||
../../../lib
|
||||
../../../lib/lxc-container.nix
|
||||
../../../lib/shared.nix
|
||||
../../../config
|
||||
../../../config/lxc-container.nix
|
||||
../../../config/shared.nix
|
||||
];
|
||||
|
||||
c3d2 = {
|
||||
|
@ -20,7 +20,7 @@
|
|||
services.openssh.enable = true;
|
||||
|
||||
systemd.services.ledball =
|
||||
let pile = import ../../../lib/pkgs/pile.nix { inherit pkgs; };
|
||||
let pile = import ../../../config/pkgs/pile.nix { inherit pkgs; };
|
||||
in {
|
||||
after = [ "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
|
|
@ -2,9 +2,9 @@
|
|||
|
||||
{
|
||||
imports = [
|
||||
../../lib/lxc-container.nix
|
||||
../../lib/shared.nix
|
||||
../../lib/admins.nix
|
||||
../../config/lxc-container.nix
|
||||
../../config/shared.nix
|
||||
../../config/admins.nix
|
||||
(modulesPath + "/profiles/minimal.nix")
|
||||
];
|
||||
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
{
|
||||
imports = [
|
||||
../../../lib
|
||||
../../../lib/lxc-container.nix
|
||||
../../../lib/shared.nix
|
||||
../../../lib/admins.nix
|
||||
../../../config
|
||||
../../../config/lxc-container.nix
|
||||
../../../config/shared.nix
|
||||
../../../config/admins.nix
|
||||
];
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
{
|
||||
imports = [
|
||||
../../../lib
|
||||
../../../lib/lxc-container.nix
|
||||
../../../lib/shared.nix
|
||||
../../../lib/admins.nix
|
||||
../../../config
|
||||
../../../config/lxc-container.nix
|
||||
../../../config/shared.nix
|
||||
../../../config/admins.nix
|
||||
];
|
||||
|
||||
networking = {
|
||||
|
|
|
@ -7,9 +7,9 @@ in
|
|||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
# ../../lib
|
||||
# ../../lib/hq.nix
|
||||
# ../../lib/shared.nix
|
||||
# ../../config
|
||||
# ../../config/hq.nix
|
||||
# ../../config/shared.nix
|
||||
];
|
||||
|
||||
c3d2 = {
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
{ pkgs ? import <nixpkgs> { } }:
|
||||
|
||||
with pkgs;
|
||||
let pile = builtins.fetchGit "https://github.com/astro/pile.git";
|
||||
in {
|
||||
ledball = rustPlatform.buildRustPackage {
|
||||
name = "ledball";
|
||||
version = "0.0.0";
|
||||
src = "${pile}/ledball";
|
||||
cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy";
|
||||
cargoBuildFlags = [ "--examples" ];
|
||||
postInstall = ''
|
||||
mkdir -p $out/bin
|
||||
|
||||
for f in target/*/release/examples/*; do
|
||||
if [ -f $f ] && [ -x $f ]; then
|
||||
cp $f $out/bin/
|
||||
fi
|
||||
done
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
{
|
||||
address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2";
|
||||
prefix64 = "310:5217:69c0:9afc";
|
||||
}
|
|
@ -0,0 +1,69 @@
|
|||
# This module defines options for use by all C3D2 machines.
|
||||
|
||||
{ config, lib, ... }:
|
||||
|
||||
let cfg = config.c3d2;
|
||||
in {
|
||||
options.c3d2 = with lib;
|
||||
with lib.types; {
|
||||
|
||||
isInHq = mkEnableOption "HQ presence (TODO: what is this? association to VLAN 5?)";
|
||||
|
||||
enableMotd = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
defaultText = literalExample "config.c3d2.isInHq";
|
||||
};
|
||||
|
||||
mapPublicHosts = mkOption {
|
||||
type = bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to add all external HQ host mappings to /etc/hosts.
|
||||
'';
|
||||
};
|
||||
|
||||
mapHqHosts = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
description = ''
|
||||
Whether to add all internal HQ host mappings to /etc/hosts.
|
||||
'';
|
||||
};
|
||||
|
||||
acmeEmail = mkOption {
|
||||
type = str;
|
||||
default = "mail@c3d2.de";
|
||||
description = ''
|
||||
Admin email address to use for Letsencrypt
|
||||
'';
|
||||
};
|
||||
|
||||
hq = {
|
||||
|
||||
interface = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
example = "eth0";
|
||||
description = ''
|
||||
Configure the given interface name with an internal IP address.
|
||||
'';
|
||||
};
|
||||
|
||||
enableBinaryCache = mkOption {
|
||||
type = bool;
|
||||
default = cfg.isInHq;
|
||||
defaultText = literalExample "config.c3d2.isInHq";
|
||||
description = "Whether to enable the local Nix binary cache";
|
||||
};
|
||||
|
||||
enableMpdProxy = mkOption {
|
||||
type = bool;
|
||||
default = false;
|
||||
description = "Whether to proxy the local MPD database";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue