2020-03-25 19:52:13 +01:00
|
|
|
{
|
|
|
|
description = "C3D2 NixOS configurations";
|
|
|
|
|
2020-06-11 07:50:42 +02:00
|
|
|
inputs = {
|
2020-10-26 16:06:42 +01:00
|
|
|
nixpkgs.url = "github:nixos/nixpkgs/release-20.09";
|
2021-02-24 11:52:19 +01:00
|
|
|
secrets.url = "git+ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git";
|
2021-03-06 01:13:27 +01:00
|
|
|
yammat.url = "git+https://gitea.c3d2.de/astro/yammat.git?ref=nix";
|
2021-03-10 01:54:28 +01:00
|
|
|
yammat.inputs.nixpkgs.follows = "nixpkgs";
|
2021-03-06 03:11:43 +01:00
|
|
|
scrapers.url = "git+https://gitea.c3d2.de/astro/scrapers.git";
|
|
|
|
scrapers.flake = false;
|
2021-03-22 16:22:57 +01:00
|
|
|
tigger.url = "github:astro/tigger";
|
|
|
|
tigger.flake = false;
|
2020-06-11 07:50:42 +02:00
|
|
|
};
|
2020-04-15 19:00:56 +02:00
|
|
|
|
2021-03-22 16:22:57 +01:00
|
|
|
outputs = { self, nixpkgs, secrets, nixos-hardware, yammat, scrapers, tigger }:
|
2021-02-22 12:31:58 +01:00
|
|
|
let
|
2021-03-03 16:20:17 +01:00
|
|
|
forAllSystems = nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ];
|
2021-02-24 11:52:19 +01:00
|
|
|
|
|
|
|
hostRegistry = import ./host-registry.nix;
|
2021-02-22 12:31:58 +01:00
|
|
|
in {
|
2020-04-14 08:42:13 +02:00
|
|
|
|
2021-02-26 20:22:15 +01:00
|
|
|
overlay = import ./overlay;
|
|
|
|
|
2021-03-26 09:39:57 +01:00
|
|
|
legacyPackages = forAllSystems
|
|
|
|
(system: nixpkgs.legacyPackages.${system}.extend self.overlay);
|
2020-04-21 13:44:42 +02:00
|
|
|
|
2021-02-22 12:31:58 +01:00
|
|
|
packages = forAllSystems (system:
|
|
|
|
let
|
|
|
|
pkgs = self.legacyPackages.${system};
|
|
|
|
mkDeploy =
|
|
|
|
# Generate a small script for copying this flake to the
|
|
|
|
# remote machine and bulding and switching there.
|
|
|
|
# Can be run with nix run c3d2#deploy-…
|
|
|
|
name: host:
|
|
|
|
let target = "root@${host}";
|
|
|
|
in pkgs.writeScriptBin "${name}-nixos-rebuild" ''
|
|
|
|
#!${pkgs.runtimeShell}
|
|
|
|
set -ev
|
2021-03-04 00:47:05 +01:00
|
|
|
nix-copy-closure --to ${target} ${secrets}
|
2021-02-22 12:31:58 +01:00
|
|
|
nix-copy-closure --to ${target} ${self}
|
2021-03-05 01:26:19 +01:00
|
|
|
if [ "$1" = "--flakify" ]; then
|
|
|
|
shift
|
2021-03-06 01:14:19 +01:00
|
|
|
exec ssh -t ${target} "nix-shell -p nixFlakes -p git --command \"_NIXOS_REBUILD_REEXEC=1 nixos-rebuild --flake ${self}#${name} \"$@"
|
2021-03-05 01:26:19 +01:00
|
|
|
else
|
|
|
|
exec ssh -t ${target} nixos-rebuild --flake ${self}#${name} $@
|
|
|
|
fi
|
2021-02-22 12:31:58 +01:00
|
|
|
'';
|
2021-02-22 13:21:31 +01:00
|
|
|
mkWake = name:
|
|
|
|
pkgs.writeScriptBin "${name}-wake" ''
|
|
|
|
#!${pkgs.runtimeShell}
|
|
|
|
exec ${pkgs.wol}/bin/wol ${hostRegistry.hosts.${name}.ether}
|
|
|
|
'';
|
2021-02-22 13:42:42 +01:00
|
|
|
# TODO: check if the ethernet address is reachable and if not,
|
|
|
|
# execute wol on a machine in HQ.
|
2021-02-22 12:31:58 +01:00
|
|
|
in {
|
2021-02-26 20:22:15 +01:00
|
|
|
inherit (pkgs) bmxd;
|
|
|
|
|
2021-02-24 11:52:19 +01:00
|
|
|
dhcp-nixos-rebuild = mkDeploy "dhcp" hostRegistry.hosts.dhcp.ip4;
|
|
|
|
|
2021-02-22 12:31:58 +01:00
|
|
|
glotzbert-nixos-rebuild = mkDeploy "glotzbert" "glotzbert.hq.c3d2.de";
|
2021-02-22 13:21:31 +01:00
|
|
|
glotzbert-wake = mkWake "glotzbert";
|
|
|
|
|
|
|
|
pulsebert-nixos-rebuild = mkDeploy "pulsebert" "pulsebert.hq.c3d2.de";
|
|
|
|
pulsebert-wake = mkWake "pulsebert";
|
2021-03-03 16:20:17 +01:00
|
|
|
|
|
|
|
yggdrasil-nixos-rebuild = mkDeploy "yggdrasil" "172.20.72.62";
|
2021-03-04 18:27:25 +01:00
|
|
|
|
2021-03-05 01:16:16 +01:00
|
|
|
freifunk-nixos-rebuild = mkDeploy "freifunk" "freifunk.core.zentralwerk.org";
|
2021-03-06 01:13:27 +01:00
|
|
|
|
|
|
|
matemat-nixos-rebuild = mkDeploy "matemat" hostRegistry.hosts.matemat.ip4;
|
2021-03-06 02:57:35 +01:00
|
|
|
|
|
|
|
scrape-nixos-rebuild = mkDeploy "scrape" hostRegistry.hosts.scrape.ip4;
|
2021-03-11 15:59:00 +01:00
|
|
|
|
|
|
|
dn42-nixos-rebuild = mkDeploy "dn42" hostRegistry.hosts.dn42.ip4;
|
2021-03-11 16:40:39 +01:00
|
|
|
|
|
|
|
grafana-nixos-rebuild = mkDeploy "grafana" "grafana.hq.c3d2.de";
|
2021-03-12 21:45:12 +01:00
|
|
|
|
|
|
|
hydra-nixos-rebuild = mkDeploy "hydra" hostRegistry.hosts.hydra.ip4;
|
2021-03-22 16:22:57 +01:00
|
|
|
|
|
|
|
mucbot-nixos-rebuild = mkDeploy "mucbot" hostRegistry.hosts.mucbot.ip4;
|
2021-02-22 12:31:58 +01:00
|
|
|
});
|
2020-08-04 17:15:07 +02:00
|
|
|
|
2021-02-22 12:31:58 +01:00
|
|
|
nixosConfigurations = let
|
|
|
|
nixosSystem' =
|
|
|
|
# Our custom NixOS builder
|
2021-03-06 03:11:43 +01:00
|
|
|
{ extraArgs ? {}, ... }@args:
|
2021-02-22 12:31:58 +01:00
|
|
|
nixpkgs.lib.nixosSystem (args // {
|
2021-03-06 03:11:43 +01:00
|
|
|
extraArgs = extraArgs // {
|
|
|
|
inherit hostRegistry;
|
|
|
|
};
|
2021-02-22 12:31:58 +01:00
|
|
|
extraModules = [
|
|
|
|
self.nixosModules.c3d2
|
|
|
|
({ pkgs, ... }: {
|
|
|
|
nix = {
|
|
|
|
package = pkgs.nixFlakes;
|
|
|
|
extraOptions = "experimental-features = nix-command flakes";
|
|
|
|
};
|
2021-02-26 20:22:15 +01:00
|
|
|
nixpkgs.overlays = [ self.overlay ];
|
2021-02-22 12:31:58 +01:00
|
|
|
})
|
|
|
|
];
|
|
|
|
});
|
|
|
|
in {
|
2020-08-04 17:15:07 +02:00
|
|
|
|
2021-02-24 11:52:19 +01:00
|
|
|
dhcp = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./hosts/containers/dhcp
|
|
|
|
secrets.nixosModules.admins
|
|
|
|
secrets.nixosModules.dhcp
|
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-02-26 20:22:15 +01:00
|
|
|
freifunk = nixosSystem' {
|
2021-03-05 01:16:57 +01:00
|
|
|
modules = [
|
|
|
|
./hosts/containers/freifunk
|
|
|
|
({ ... }: {
|
|
|
|
nixpkgs.overlays = with secrets.overlays; [
|
|
|
|
freifunk ospf
|
|
|
|
];
|
|
|
|
})
|
|
|
|
];
|
2021-02-26 20:22:15 +01:00
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-02-22 13:21:31 +01:00
|
|
|
glotzbert = nixosSystem' {
|
2021-02-22 14:16:25 +01:00
|
|
|
modules = [
|
|
|
|
./hosts/glotzbert
|
|
|
|
nixos-hardware.nixosModules.common-cpu-intel
|
|
|
|
nixos-hardware.nixosModules.common-pc-ssd
|
2021-03-12 17:06:37 +01:00
|
|
|
secrets.nixosModules.admins
|
2021-02-22 14:16:25 +01:00
|
|
|
];
|
2021-02-22 13:21:31 +01:00
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
|
|
|
pulsebert = nixosSystem' {
|
2021-02-24 14:16:42 +01:00
|
|
|
modules = [ ./hosts/pulsebert secrets.nixosModules.dhcp ];
|
2021-02-22 13:21:31 +01:00
|
|
|
system = "aarch64-linux";
|
|
|
|
};
|
2020-08-04 17:15:07 +02:00
|
|
|
|
2021-03-03 16:20:17 +01:00
|
|
|
yggdrasil = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./hosts/containers/yggdrasil
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./lib/users/emery.nix
|
2021-03-04 01:45:29 +01:00
|
|
|
({ ... }: {
|
|
|
|
nixpkgs.overlays = [ secrets.overlays.ospf ];
|
|
|
|
})
|
2021-03-03 16:20:17 +01:00
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-06 01:13:27 +01:00
|
|
|
matemat = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./hosts/containers/matemat
|
2021-03-10 01:54:28 +01:00
|
|
|
yammat.nixosModule
|
2021-03-06 16:57:47 +01:00
|
|
|
secrets.nixosModules.admins
|
2021-03-06 02:28:46 +01:00
|
|
|
({ ... }: {
|
|
|
|
nixpkgs.overlays = [ secrets.overlays.matemat ];
|
|
|
|
})
|
2021-03-06 01:13:27 +01:00
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-06 02:57:35 +01:00
|
|
|
scrape = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./hosts/containers/scrape
|
|
|
|
({ ... }: {
|
|
|
|
nixpkgs.overlays = [ secrets.overlays.scrape ];
|
|
|
|
})
|
|
|
|
];
|
2021-03-06 03:11:43 +01:00
|
|
|
extraArgs = { inherit scrapers; };
|
2021-03-06 02:57:35 +01:00
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-11 15:59:00 +01:00
|
|
|
dn42 = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./hosts/containers/dn42
|
|
|
|
({ ... }: {
|
|
|
|
nixpkgs.overlays = [ secrets.overlays.dn42 ];
|
|
|
|
})
|
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-11 16:40:39 +01:00
|
|
|
grafana = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./hosts/containers/grafana
|
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-12 21:45:12 +01:00
|
|
|
hydra = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
./hosts/containers/hydra
|
|
|
|
];
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2021-03-22 16:22:57 +01:00
|
|
|
mucbot = nixosSystem' {
|
|
|
|
modules = [
|
|
|
|
./lib/lxc-container.nix
|
|
|
|
"${tigger}/module.nix"
|
|
|
|
{ nixpkgs.overlays = [ secrets.overlays.mucbot ]; }
|
|
|
|
./hosts/containers/mucbot
|
|
|
|
];
|
|
|
|
extraArgs = { inherit tigger; };
|
|
|
|
system = "x86_64-linux";
|
|
|
|
};
|
|
|
|
|
2020-08-04 17:15:07 +02:00
|
|
|
};
|
|
|
|
|
2021-02-22 12:31:58 +01:00
|
|
|
nixosModules.c3d2 = import ./lib;
|
|
|
|
};
|
2020-03-25 19:52:13 +01:00
|
|
|
}
|