refactor: remove host.toml

This commit is contained in:
Patrick 2024-06-09 20:59:23 +02:00
parent 3072389561
commit 8c418616d8
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
12 changed files with 119 additions and 152 deletions

View file

@ -12,11 +12,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1715290355,
"narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=",
"lastModified": 1716561646,
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
"owner": "ryantm",
"repo": "agenix",
"rev": "8d37c5bdeade12b6479c85acd133063ab53187a0",
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
"type": "github"
},
"original": {
@ -37,11 +37,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1713903302,
"narHash": "sha256-qPy0BYFTenmyG4EU+oXej0V/i4jSsVvWbGGrv9Sb0kQ=",
"lastModified": 1717947583,
"narHash": "sha256-vN/pfiAzYH4i3cUb5pLqkXgPoAPtaxjUXv5aRpbKShU=",
"owner": "oddlama",
"repo": "agenix-rekey",
"rev": "8da0392e75373711604a07907de25ec9d5277384",
"rev": "4551006c2807ab361ea4db5e171afb4798da4fc2",
"type": "github"
},
"original": {
@ -270,11 +270,11 @@
]
},
"locked": {
"lastModified": 1713532798,
"narHash": "sha256-wtBhsdMJA3Wa32Wtm1eeo84GejtI43pMrFrmwLXrsEc=",
"lastModified": 1717408969,
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
"owner": "numtide",
"repo": "devshell",
"rev": "12e914740a25ea1891ec619bb53cf5e6ca922e40",
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
"type": "github"
},
"original": {
@ -336,11 +336,11 @@
]
},
"locked": {
"lastModified": 1713532798,
"narHash": "sha256-wtBhsdMJA3Wa32Wtm1eeo84GejtI43pMrFrmwLXrsEc=",
"lastModified": 1717408969,
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
"owner": "numtide",
"repo": "devshell",
"rev": "12e914740a25ea1891ec619bb53cf5e6ca922e40",
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
"type": "github"
},
"original": {
@ -356,11 +356,11 @@
]
},
"locked": {
"lastModified": 1716291492,
"narHash": "sha256-Qvfoa99WdYIneGrrLFIKQCevLgB5vnxvwJe5aWbGYZY=",
"lastModified": 1717915259,
"narHash": "sha256-VsGPboaleIlPELHY5cNTrXK4jHVmgUra8uC6h7KVC5c=",
"owner": "nix-community",
"repo": "disko",
"rev": "f1654e07728008d354c704d265fc710e3f5f42ee",
"rev": "1bbdb06f14e2621290b250e631cf3d8948e4d19b",
"type": "github"
},
"original": {
@ -435,11 +435,11 @@
},
"flake-compat_5": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"lastModified": 1717312683,
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea",
"type": "github"
},
"original": {
@ -561,11 +561,11 @@
]
},
"locked": {
"lastModified": 1715865404,
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -574,21 +574,6 @@
"type": "github"
}
},
"flake-root": {
"locked": {
"lastModified": 1713493429,
"narHash": "sha256-ztz8JQkI08tjKnsTpfLqzWoKFQF4JGu2LRz8bkdnYUk=",
"owner": "srid",
"repo": "flake-root",
"rev": "bc748b93b86ee76e2032eecda33440ceb2532fcd",
"type": "github"
},
"original": {
"owner": "srid",
"repo": "flake-root",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_3"
@ -769,6 +754,33 @@
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_7",
"gitignore": "gitignore_5",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717664902,
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
@ -861,7 +873,7 @@
"inputs": {
"nixpkgs": [
"nixvim",
"pre-commit-hooks",
"git-hooks",
"nixpkgs"
]
},
@ -924,11 +936,11 @@
]
},
"locked": {
"lastModified": 1715930644,
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
"lastModified": 1717931644,
"narHash": "sha256-Sz8Wh9cAiD5FhL8UWvZxBfnvxETSCVZlqWSYWaCPyu0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
"rev": "3d65009effd77cb0d6e7520b68b039836a7606cf",
"type": "github"
},
"original": {
@ -945,11 +957,11 @@
]
},
"locked": {
"lastModified": 1715930644,
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
"lastModified": 1717525419,
"narHash": "sha256-5z2422pzWnPXHgq2ms8lcCfttM0dz+hg+x1pCcNkAws=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
"rev": "a7117efb3725e6197dd95424136f79147aa35e5b",
"type": "github"
},
"original": {
@ -981,11 +993,11 @@
},
"impermanence": {
"locked": {
"lastModified": 1708968331,
"narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=",
"lastModified": 1717932370,
"narHash": "sha256-7C5lCpiWiyPoIACOcu2mukn/1JRtz6HC/1aEMhUdcw0=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30",
"rev": "27979f1c3a0d3b9617a3563e2839114ba7d48d3f",
"type": "github"
},
"original": {
@ -1027,11 +1039,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1716120557,
"narHash": "sha256-rvNq9YolMY1DRMgwdAti8qwNDjkhTsotSWa15/Ch7+A=",
"lastModified": 1717935050,
"narHash": "sha256-UWi8G3J+pS+9LVMdjrpLJwncdiMQWrnuUd5ygxCHeNc=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "5fa64b174daa22fe0d20ebbcc0ec2c7905b503f1",
"rev": "1b6ea3be6ba37d4d3ba6e5041e2f152bb684ba2c",
"type": "github"
},
"original": {
@ -1064,11 +1076,11 @@
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1715787097,
"narHash": "sha256-TPp2j0ttvBvkk4oXidvo8Y071zEab0BtcNsC3ZEkluI=",
"lastModified": 1717441449,
"narHash": "sha256-juxjgmLnFbl+/hhIO2cVtIa6caCO4pLKlZWUMwAOznM=",
"owner": "astro",
"repo": "microvm.nix",
"rev": "fa673bf8656fe6f28253b83971a36999bc9995d2",
"rev": "e3a4dd5b381fb580804105594cc9c71dc45abdb5",
"type": "github"
},
"original": {
@ -1085,11 +1097,11 @@
]
},
"locked": {
"lastModified": 1715901937,
"narHash": "sha256-eMyvWP56ZOdraC2IOvZo0/RTDcrrsqJ0oJWDC76JTak=",
"lastModified": 1716993688,
"narHash": "sha256-vo5k2wQekfeoq/2aleQkBN41dQiQHNTniZeVONWiWLs=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "ffc01182f90118119930bdfc528c1ee9a39ecef8",
"rev": "c0d5b8c54d6828516c97f6be9f2d00c63a363df4",
"type": "github"
},
"original": {
@ -1106,11 +1118,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1715804156,
"narHash": "sha256-GtIHP86Cz1kD9xZO/cKbNQACHKdoT9WFbLJAq6W2EDY=",
"lastModified": 1717698186,
"narHash": "sha256-e3/cvm7bAn0RsTBcPfHwuYOi2lwoO4jpTn4nmMSvHfU=",
"owner": "nix-community",
"repo": "nix-eval-jobs",
"rev": "bb95091f6c6f38f6cfc215a1797a2dd466312c8b",
"rev": "b6169e08e76e10b673d1b54f944cddb1e7cbea97",
"type": "github"
},
"original": {
@ -1148,11 +1160,11 @@
]
},
"locked": {
"lastModified": 1716170277,
"narHash": "sha256-fCAiox/TuzWGVaAz16PxrR4Jtf9lN5dwWL2W74DS0yI=",
"lastModified": 1717919703,
"narHash": "sha256-4i/c31+dnpv6KdUA3BhbMDS9Lvg/CDin78caYJlq0bY=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "e0638db3db43b582512a7de8c0f8363a162842b9",
"rev": "a157a81d0a4bc909b2b6666dd71909bcdc8cd0d6",
"type": "github"
},
"original": {
@ -1244,11 +1256,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1716173274,
"narHash": "sha256-FC21Bn4m6ctajMjiUof30awPBH/7WjD0M5yqrWepZbY=",
"lastModified": 1717828156,
"narHash": "sha256-YvstO0lobf3JWQuAfZCLYRTROC2ZDEgtWeQtWbO49p4=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "d9e0b26202fd500cf3e79f73653cce7f7d541191",
"rev": "057a7996d012f342a38a26261ee529cebb1755ef",
"type": "github"
},
"original": {
@ -1296,11 +1308,11 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1716079763,
"narHash": "sha256-DGRfb7fO7c3XDS3twmuaV5NAGPPdU3W7Q35fjIZc8iY=",
"lastModified": 1717894324,
"narHash": "sha256-4q6ZO3BqHgdd3Aacb/xiQXB4g9TQKpQg/praTpD9vbI=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "0df131b5ee4d928a4b664b6d0cd99cf134d6ab6b",
"rev": "13eac98dc5233fe7e52f0cd0e2cba7dcd77feca5",
"type": "github"
},
"original": {
@ -1399,11 +1411,11 @@
]
},
"locked": {
"lastModified": 1716308443,
"narHash": "sha256-vPJ4VnR1EyW4ft6XlwHst3BMVMqsjXmCtV8ze0+Ox9k=",
"lastModified": 1717946219,
"narHash": "sha256-FtVXsRY/El4TAVUuM9BnJH2F5tSxd0UMK/AvVzZRsZA=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "112d54c8a35e974ec03581e44f35d973a89446aa",
"rev": "8c7518a4167eb65ca62da3ab49578e728ee9a769",
"type": "github"
},
"original": {
@ -1414,11 +1426,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1716137900,
"narHash": "sha256-sowPU+tLQv8GlqtVtsXioTKeaQvlMz/pefcdwg8MvfM=",
"lastModified": 1717786204,
"narHash": "sha256-4q0s6m0GUcN7q+Y2DqD27iLvbcd1G50T2lv08kKxkSI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6c0b7a92c30122196a761b440ac0d46d3d9954f1",
"rev": "051f920625ab5aabe37c920346e3e69d7d34400e",
"type": "github"
},
"original": {
@ -1481,21 +1493,20 @@
"devshell": "devshell_5",
"flake-compat": "flake-compat_6",
"flake-parts": "flake-parts_3",
"flake-root": "flake-root",
"git-hooks": "git-hooks",
"home-manager": "home-manager_2",
"nix-darwin": "nix-darwin",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks": "pre-commit-hooks_4",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1716294469,
"narHash": "sha256-1RdJkVa+axdzLhbeoWJoC3BPODxfx+/Rv7HE+e4CK/Y=",
"lastModified": 1717922156,
"narHash": "sha256-C/TgTnKY4iWXnBmKocV9KeV+OtZGCh+1Pcw26Elx7JM=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "1c9f2a23a6cb9406c35980f4af1a4356f56771e9",
"rev": "8a462dc9570bce1de5a7dd1beabd83f95958315b",
"type": "github"
},
"original": {
@ -1620,33 +1631,6 @@
}
},
"pre-commit-hooks_4": {
"inputs": {
"flake-compat": "flake-compat_7",
"gitignore": "gitignore_5",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1715870890,
"narHash": "sha256-nacSOeXtUEM77Gn0G4bTdEOeFIrkCBXiyyFZtdGwuH0=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "fa606cccd7b0ccebe2880051208e4a0f61bfc8c1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"pre-commit-hooks_5": {
"inputs": {
"flake-compat": "flake-compat_8",
"gitignore": "gitignore_6",
@ -1656,11 +1640,11 @@
"nixpkgs-stable": "nixpkgs-stable_5"
},
"locked": {
"lastModified": 1716213921,
"narHash": "sha256-xrsYFST8ij4QWaV6HEokCUNIZLjjLP1bYC60K8XiBVA=",
"lastModified": 1717664902,
"narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "0e8fcc54b842ad8428c9e705cb5994eaf05c26a0",
"rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
"type": "github"
},
"original": {
@ -1689,7 +1673,7 @@
"nixpkgs": "nixpkgs_2",
"nixpkgs-wayland": "nixpkgs-wayland",
"nixvim": "nixvim",
"pre-commit-hooks": "pre-commit-hooks_5",
"pre-commit-hooks": "pre-commit-hooks_4",
"spicetify-nix": "spicetify-nix",
"stylix": "stylix",
"systems": "systems_12",
@ -1771,11 +1755,11 @@
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1716206302,
"narHash": "sha256-5Qc3aQGVyPEOuN82zVamStaV81HebHvLjk3fGfpyCPY=",
"lastModified": 1717866166,
"narHash": "sha256-iOeRZXIhFpQJdxzNJ3nUAANyDfLqCslRhjGhLD2RstM=",
"owner": "danth",
"repo": "stylix",
"rev": "81df8443556335016d6f0bc22630a95776a56d8b",
"rev": "ca3247ed8cfbf369f3fe1b7a421579812a95c101",
"type": "github"
},
"original": {
@ -2009,11 +1993,11 @@
]
},
"locked": {
"lastModified": 1715940852,
"narHash": "sha256-wJqHMg/K6X3JGAE9YLM0LsuKrKb4XiBeVaoeMNlReZg=",
"lastModified": 1717850719,
"narHash": "sha256-npYqVg+Wk4oxnWrnVG7416fpfrlRhp/lQ6wQ4DHI8YE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "2fba33a182602b9d49f0b2440513e5ee091d838b",
"rev": "4fc1c45a5f50169f9f29f6a98a438fb910b834ed",
"type": "github"
},
"original": {

View file

@ -117,7 +117,7 @@
{
secretsConfig = {
# This should be a link to one of the age public keys is './keys'
masterIdentities = [./keys/PatC.key];
masterIdentities = [./keys/PatC.pub];
extraEncryptionPubkeys = [./secrets/recipients.txt];
};
agenix-rekey = agenix-rekey.configure {

View file

@ -1,19 +0,0 @@
[patricknix]
type = "nixos"
system = "x86_64-linux"
[desktopnix]
type = "nixos"
system = "x86_64-linux"
[gojo]
type = "nixos"
system = "x86_64-linux"
[maddy]
type = "nixos"
system = "x86_64-linux"
[elisabeth]
type = "nixos"
system = "x86_64-linux"

View file

@ -60,4 +60,5 @@
services.netbird.enable = true;
# Do not cleanup nix store to prevent having to rebuild packages onca a month
nix.gc.automatic = lib.mkForce false;
nixpkgs.hostPlatform = "x86_64-linux";
}

View file

@ -33,4 +33,5 @@
variant = "bone";
};
};
nixpkgs.hostPlatform = "x86_64-linux";
}

View file

@ -13,7 +13,7 @@
forgejo = "forge";
immich = "immich";
nextcloud = "nc";
ollama = "ollama";
ollama = "ai";
paperless = "ppl";
ttrss = "rss";
vaultwarden = "pw";
@ -72,7 +72,8 @@ in {
# pass information via X-User and X-Email headers to backend,
# requires running with --set-xauthrequest flag
auth_request_set $user $upstream_http_x_auth_request_preferred_username;
auth_request_set $email $upstream_http_x_auth_request_email;
# Set the email to our own domain in case user change their mail
auth_request_set $email "''${upstream_http_x_auth_request_preferred_username}@${config.secrets.secrets.global.domains.web}";
proxy_set_header X-User $user;
proxy_set_header X-Email $email;
@ -162,9 +163,8 @@ in {
(proxyProtect "ttrss" {port = 80;} true)
(blockOf "yourspotify" {port = 80;})
(blockOf "homebox" {})
((proxyProtect "firefly" {port = 80;} true)
// {
})
(proxyProtect "ollama" {} true)
(proxyProtect "firefly" {port = 80;} true)
(blockOf "apispotify" {
port = 3000;
upstream = "yourspotify";

View file

@ -14,4 +14,5 @@
};
boot.mode = "bios";
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_net" "virtio_scsi" "virtio_blk"];
nixpkgs.hostPlatform = "x86_64-linux";
}

View file

@ -51,4 +51,5 @@
};
};
};
nixpkgs.hostPlatform = "x86_64-linux";
}

View file

@ -1,5 +1,6 @@
{self, ...}: nodeName: nodeAttrs: let
inherit (self.hosts.${nodeName}) system;
#FIXME inherit nodeAttrs. system;
system = "x86_64-linux";
pkgs = self.pkgs.${system};
disko-script = pkgs.writeShellScriptBin "disko-script" "${nodeAttrs.config.system.build.diskoScript}";

View file

@ -5,15 +5,15 @@ inputs: let
concatMapAttrs
filterAttrs
flip
mapAttrs
genAttrs
mapAttrs'
nameValuePair
nixosSystem
;
# Creates a new nixosSystem with the correct specialArgs, pkgs and name definition
mkHost = {minimal}: name: hostCfg: let
pkgs = self.pkgs.${hostCfg.system};
mkHost = {minimal}: name: let
pkgs = self.pkgs.x86_64-linux;
in
nixosSystem {
specialArgs = {
@ -28,7 +28,6 @@ inputs: let
# inputs.nixpkgs.nixosModules.readOnlyPkgs, since some nixosModules
# like nixseparatedebuginfod depend on adding packages via nixpkgs.overlays.
# So we just mimic the options and overlays defined by the passed pkgs set.
nixpkgs.hostPlatform = hostCfg.system;
nixpkgs.overlays = pkgs.overlays;
nixpkgs.config = pkgs.config;
node.name = name;
@ -41,12 +40,10 @@ inputs: let
# Load the list of hosts that this flake defines, which
# associates the minimum amount of metadata that is necessary
# to instanciate hosts correctly.
hosts = builtins.fromTOML (builtins.readFile ../hosts.toml);
# Get all hosts of type "nixos"
nixosHosts = filterAttrs (_: x: x.type == "nixos") hosts;
hosts = builtins.attrNames (filterAttrs (_: type: type == "directory") (builtins.readDir ../hosts));
# Process each nixosHosts declaration and generatea nixosSystem definitions
nixosConfigurations = flip mapAttrs nixosHosts (mkHost {minimal = false;});
minimalConfigurations = flip mapAttrs nixosHosts (mkHost {minimal = true;});
nixosConfigurations = genAttrs hosts (mkHost {minimal = false;});
minimalConfigurations = genAttrs hosts (mkHost {minimal = true;});
# True NixOS nodes can define additional guest nodes that are built
# together with it. We collect all defined guests from each node here

View file

@ -30,8 +30,8 @@
patches =
old.patches
++ [
"${provisionSrc}/patches/${old.version}-oauth2-basic-secret-modify.patch"
"${provisionSrc}/patches/${old.version}-recover-account.patch"
"${provisionSrc}/patches/1.2.0-oauth2-basic-secret-modify.patch"
"${provisionSrc}/patches/1.2.0-recover-account.patch"
];
passthru.enableSecretProvisioning = true;
doCheck = false;