CCCHH/nix-infra
CCCHH/nix-infra
2
3
Fork 2
Code Issues 1 Pull requests 2 Wiki Activity

Compare commits

base: CCCHH:281ad152d6d88f854e35a086704bb2fb0a78c090
Branches Tags
CCCHH:main
CCCHH:ci-check
CCCHH:ci-check-lix
CCCHH:yate
CCCHH:simple-clean-up
CCCHH:nixOptions
CCCHH:spaceapi
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid
...
compare: CCCHH:e404d4740f4e2c365db07d754e34cc5c8dfd61f0
Branches Tags
CCCHH:main
CCCHH:ci-check
CCCHH:ci-check-lix
CCCHH:yate
CCCHH:simple-clean-up
CCCHH:nixOptions
CCCHH:spaceapi
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid

7 commits
281ad152d6 ... e404d4740f

Author SHA1 Message Date
jopejoe1
e404d4740f
remove nixpkgs-unstable 
the current version of woodpecker-server in stable now has the features this was original used for, not other usages of unstable are in tree left so removing it.
 2024-11-17 19:33:00 +01:00
jopejoe1
f7ebe660fe
format files with nix fmt 2024-11-17 19:33:00 +01:00
jopejoe1
6c85b91efb
make use of nixosModules output 2024-11-17 19:33:00 +01:00
jopejoe1
7d58a3db4a
move overlay to overlays output 2024-11-17 19:32:59 +01:00
c6ristian
c25d6c6326
revert: useing pkgs.fetchGit for authorized keys 
reverts the changes from ec64eebfd6
it brakes some of the flake process we use,
setting 'allow-import-from-derivation' doesn't seem like a good fix to me and doesn't work in all cases.
I couldn't find any other solution to fix it for now,
so we will revert it for now, until we have a better solution.
 2024-11-17 19:24:25 +01:00
June
d98aa099e1
license this repo under the MIT license 
All previous contributors are asked to sign off on licensing this repo
under the MIT license in PR 12
(#12). Once all
contributors signed-off, this commit will be merged into the main
branch and this repo will be licensed under the MIT license.

Don't track copyright years in the license, as that is cumbersome and
also not done in other projects anymore:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
https://github.com/rails/rails/pull/47467

MIT License:
https://opensource.org/license/MIT
https://choosealicense.com/licenses/mit/
 2024-11-14 22:56:50 +01:00
June
cf46da9df7
public-web-static: make c3cat.de and www work as well as staging 2024-11-12 23:06:01 +01:00
26 changed files with 282 additions and 160 deletions
Show stats Expand all files Collapse all files

21
LICENSE Normal file
View file

@ -0,0 +1,21 @@
MIT License
Copyright (c) CCCHH
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

4
README.md
View file

@ -73,3 +73,7 @@ Build a new NixOS Proxmox VE Template for the chaosknoten:
```shell ```shell
nix build .#proxmox-chaosknoten-nixos-template nix build .#proxmox-chaosknoten-nixos-template
``` ```
## License
This CCCHH nix-infra repository is licensed under the [MIT License](./LICENSE).

6
config/common/users.nix
View file

@ -9,10 +9,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
authorizedKeysRepo = pkgs.fetchgit { authorizedKeysRepo = builtins.fetchGit {
url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys"; url = "forgejo@git.hamburg.ccc.de:CCCHH/infrastructure-authorized-keys.git";
ref = "trunk";
rev = "686a6af22f6696f0c0595c56f463c078550049fc"; rev = "686a6af22f6696f0c0595c56f463c078550049fc";
hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc=";
}; };
authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys")); authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
in in

3
config/hosts/eh22-wiki/dokuwiki.nix
View file

@ -21,7 +21,8 @@ let
app = "dokuwiki"; app = "dokuwiki";
domain = "eh22.easterhegg.eu"; domain = "eh22.easterhegg.eu";
dataDir = "/srv/www/${domain}"; dataDir = "/srv/www/${domain}";
in { in
{
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d ${dataDir} 0755 ${app} ${app}" "d ${dataDir} 0755 ${app} ${app}"
]; ];

6
config/hosts/mqtt/mosquitto.nix
View file

@ -10,11 +10,11 @@
persistence = true; persistence = true;
# set config for all listeners # set config for all listeners
listeners = [ { listeners = [{
settings.allow_anonymous = true; settings.allow_anonymous = true;
omitPasswordAuth = true; omitPasswordAuth = true;
acl = ["topic readwrite #"]; acl = [ "topic readwrite #" ];
} ]; }];
bridges.winkekatz = { bridges.winkekatz = {
addresses = [ addresses = [

61
config/hosts/public-web-static/virtualHosts/c3cat.de.nix
View file

@ -1,10 +1,19 @@
{ pkgs, ... }: { pkgs, ... }:
{ let
domain = "c3cat.de";
dataDir = "/var/www/${domain}";
deployUser = "c3cat-website-deploy";
in {
security.acme.certs."${domain}".extraDomainNames = [ "www.${domain}" ];
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-c3cat.de" = { "acme-${domain}" = {
enableACME = true; enableACME = true;
serverName = "c3cat.de"; serverName = "${domain}";
serverAliases = [
"www.${domain}"
];
listen = [ listen = [
{ {
@ -14,9 +23,9 @@
]; ];
}; };
"c3cat.de" = { "$www.${domain}" = {
forceSSL = true; forceSSL = true;
useACMEHost = "c3cat.de"; useACMEHost = "${domain}";
listen = [ listen = [
{ {
@ -28,7 +37,7 @@
]; ];
locations."/" = { locations."/" = {
return = "302 https://wiki.hamburg.ccc.de/club:c3cat:start"; return = "302 https://c3cat.de$request_uri";
}; };
extraConfig = '' extraConfig = ''
@ -42,5 +51,45 @@
real_ip_header proxy_protocol; real_ip_header proxy_protocol;
''; '';
}; };
"${domain}" = {
forceSSL = true;
useACMEHost = "${domain}";
listen = [
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
proxyProtocol = true;
}
];
root = "${dataDir}";
extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
# First set our proxy protocol proxy as trusted.
set_real_ip_from 172.31.17.140;
# Then tell the realip_module to get the addreses from the proxy protocol
# header.
real_ip_header proxy_protocol;
'';
}; };
};
systemd.tmpfiles.rules = [
"d ${dataDir} 0755 ${deployUser} ${deployUser}"
];
users.users."${deployUser}" = {
isNormalUser = true;
group = "${deployUser}";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcZJzQO4RYinJm6YDUgCELe8OJA/DYOss+8xp7TtxM0 deploy key for c3cat.de"
];
};
users.groups."${deployUser}" = { };
} }

1
config/hosts/public-web-static/virtualHosts/default.nix
View file

@ -9,6 +9,7 @@
./hackertours.hamburg.ccc.de.nix ./hackertours.hamburg.ccc.de.nix
./hamburg.ccc.de.nix ./hamburg.ccc.de.nix
./spaceapi.hamburg.ccc.de.nix ./spaceapi.hamburg.ccc.de.nix
./staging.c3cat.de.nix
./staging.hacker.tours.nix ./staging.hacker.tours.nix
./staging.hackertours.hamburg.ccc.de.nix ./staging.hackertours.hamburg.ccc.de.nix
./staging.hamburg.ccc.de.nix ./staging.hamburg.ccc.de.nix

3
config/hosts/public-web-static/virtualHosts/hacker.tours.nix
View file

@ -4,7 +4,8 @@ let
domain = "hacker.tours"; domain = "hacker.tours";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "hackertours-website-deploy"; deployUser = "hackertours-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

3
config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix
View file

@ -4,7 +4,8 @@ let
domain = "hackertours.hamburg.ccc.de"; domain = "hackertours.hamburg.ccc.de";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "ht-ccchh-website-deploy"; deployUser = "ht-ccchh-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

2
config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix
View file

@ -1,4 +1,4 @@
{...}: { ... }:
{ {
imports = [ imports = [

60
config/hosts/public-web-static/virtualHosts/staging.c3cat.de.nix Normal file
View file

@ -0,0 +1,60 @@
{ pkgs, ... }:
let
domain = "staging.c3cat.de";
dataDir = "/var/www/${domain}";
deployUser = "c3cat-website-deploy";
in {
services.nginx.virtualHosts = {
"acme-${domain}" = {
enableACME = true;
serverName = "${domain}";
listen = [
{
addr = "0.0.0.0";
port = 31820;
}
];
};
"${domain}" = {
forceSSL = true;
useACMEHost = "${domain}";
listen = [
{
addr = "0.0.0.0";
port = 8443;
ssl = true;
proxyProtocol = true;
}
];
root = "${dataDir}";
# Disallow *, since this is staging and doesn't need to be in any search
# results.
locations."/robots.txt" = {
return = "200 \"User-agent: *\\nDisallow: *\\n\"";
};
extraConfig = ''
# Make use of the ngx_http_realip_module to set the $remote_addr and
# $remote_port to the client address and client port, when using proxy
# protocol.
# First set our proxy protocol proxy as trusted.
set_real_ip_from 172.31.17.140;
# Then tell the realip_module to get the addreses from the proxy protocol
# header.
real_ip_header proxy_protocol;
'';
};
};
systemd.tmpfiles.rules = [
"d ${dataDir} 0755 ${deployUser} ${deployUser}"
];
# c3cat deploy user already defined in c3cat.de.nix.
}

3
config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix
View file

@ -4,7 +4,8 @@ let
domain = "staging.hacker.tours"; domain = "staging.hacker.tours";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "hackertours-website-deploy"; deployUser = "hackertours-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

3
config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix
View file

@ -4,7 +4,8 @@ let
domain = "staging.hackertours.hamburg.ccc.de"; domain = "staging.hackertours.hamburg.ccc.de";
dataDir = "/var/www/${domain}"; dataDir = "/var/www/${domain}";
deployUser = "ht-ccchh-website-deploy"; deployUser = "ht-ccchh-website-deploy";
in { in
{
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"acme-${domain}" = { "acme-${domain}" = {
enableACME = true; enableACME = true;

5
config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix
View file

@ -3,13 +3,12 @@
# - https://woodpecker-ci.org/docs/administration/agent-config # - https://woodpecker-ci.org/docs/administration/agent-config
# - https://woodpecker-ci.org/docs/administration/backends/docker # - https://woodpecker-ci.org/docs/administration/backends/docker
{ config, pkgs, pkgs-unstable, ... }: { config, pkgs, ... }:
{ {
services.woodpecker-agents.agents."docker" = { services.woodpecker-agents.agents."docker" = {
enable = true; enable = true;
# Since we use woodpecker-server from unstable, use the agent from unstable as well. package = pkgs.woodpecker-agent;
package = pkgs-unstable.woodpecker-agent;
extraGroups = [ "docker" ]; extraGroups = [ "docker" ];
environment = { environment = {
WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}"; WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}";

6
config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix
View file

@ -5,14 +5,12 @@
# - https://woodpecker-ci.org/docs/administration/forges/forgejo # - https://woodpecker-ci.org/docs/administration/forges/forgejo
# - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING # - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
{ config, pkgs, pkgs-unstable, ... }: { config, pkgs, ... }:
{ {
services.woodpecker-server = { services.woodpecker-server = {
enable = true; enable = true;
# Use package from unstable to get at least version 2.6.0 for native Forgejo support. package = pkgs.woodpecker-server;
# https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.6.0
package = pkgs-unstable.woodpecker-server;
environment = { environment = {
WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de"; WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de";
WOODPECKER_SERVER_ADDR = ":8001"; WOODPECKER_SERVER_ADDR = ":8001";

6
config/hosts/yate/service.nix
View file

@ -6,12 +6,12 @@
description = "Yate telehony engine"; description = "Yate telehony engine";
unitConfig = { unitConfig = {
Type = "simple"; Type = "simple";
After="network.target"; After = "network.target";
}; };
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.yate}/bin/yate -c /yate -e /yate/share -Do"; ExecStart = "${pkgs.yate}/bin/yate -c /yate -e /yate/share -Do";
Type="simple"; Type = "simple";
Restart="always"; Restart = "always";
# ... # ...
}; };
wantedBy = [ "default.target" ]; wantedBy = [ "default.target" ];

17
flake.lock
View file

@ -68,27 +68,10 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": {
"locked": {
"lastModified": 1731265036,
"narHash": "sha256-e5I+glVZwQvLT6WIeMFi0Mk+N/jkYauZ31ir2NRZcf8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8aed22ecd71e5b67e5299efae8b9dc580dec711c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
}, },

130
flake.nix
View file

@ -6,7 +6,6 @@
# https://nixos.org/manual/nixos/stable/#sec-upgrading # https://nixos.org/manual/nixos/stable/#sec-upgrading
# https://github.com/NixOS/nixpkgs # https://github.com/NixOS/nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
# Add nixos-generators as an input. # Add nixos-generators as an input.
# See here: https://github.com/nix-community/nixos-generators#using-in-a-flake # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake
@ -23,26 +22,32 @@
}; };
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }: outputs = { self, nixpkgs, nixos-generators, sops-nix, ... }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: { in
{
overlays = {
shairportSyncAirplay2 = final: prev: {
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: { shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ]; configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ]; buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
}); });
}; };
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux"; };
in nixosModules = {
{ common = ./config/common;
proxmox-vm = ./config/proxmox-vm;
prometheus-exporter = ./config/extra/prometheus-exporter.nix;
};
nixosConfigurations = { nixosConfigurations = {
audio-hauptraum-kueche = nixpkgs.lib.nixosSystem { audio-hauptraum-kueche = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
./config/hosts/audio-hauptraum-kueche ./config/hosts/audio-hauptraum-kueche
]; ];
}; };
@ -50,9 +55,9 @@
audio-hauptraum-tafel = nixpkgs.lib.nixosSystem { audio-hauptraum-tafel = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
./config/hosts/audio-hauptraum-tafel ./config/hosts/audio-hauptraum-tafel
]; ];
}; };
@ -60,8 +65,8 @@
esphome = nixpkgs.lib.nixosSystem { esphome = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/esphome ./config/hosts/esphome
]; ];
}; };
@ -69,8 +74,8 @@
public-reverse-proxy = nixpkgs.lib.nixosSystem { public-reverse-proxy = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/public-reverse-proxy ./config/hosts/public-reverse-proxy
]; ];
}; };
@ -78,10 +83,10 @@
netbox = nixpkgs.lib.nixosSystem { netbox = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/netbox ./config/hosts/netbox
]; ];
}; };
@ -89,10 +94,10 @@
matrix = nixpkgs.lib.nixosSystem { matrix = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/matrix ./config/hosts/matrix
]; ];
}; };
@ -100,10 +105,10 @@
public-web-static = nixpkgs.lib.nixosSystem { public-web-static = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/public-web-static ./config/hosts/public-web-static
]; ];
}; };
@ -111,10 +116,10 @@
git = nixpkgs.lib.nixosSystem { git = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/git ./config/hosts/git
]; ];
}; };
@ -122,10 +127,10 @@
forgejo-actions-runner = nixpkgs.lib.nixosSystem { forgejo-actions-runner = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/forgejo-actions-runner ./config/hosts/forgejo-actions-runner
]; ];
}; };
@ -133,8 +138,8 @@
ptouch-print-server = nixpkgs.lib.nixosSystem { ptouch-print-server = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/ptouch-print-server ./config/hosts/ptouch-print-server
]; ];
}; };
@ -142,9 +147,9 @@
eh22-wiki = nixpkgs.lib.nixosSystem { eh22-wiki = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/eh22-wiki ./config/hosts/eh22-wiki
]; ];
}; };
@ -152,9 +157,9 @@
nix-box-june = nixpkgs.lib.nixosSystem { nix-box-june = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/nix-box-june ./config/hosts/nix-box-june
]; ];
}; };
@ -162,8 +167,8 @@
yate = nixpkgs.lib.nixosSystem { yate = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/yate ./config/hosts/yate
]; ];
}; };
@ -171,8 +176,8 @@
mqtt = nixpkgs.lib.nixosSystem { mqtt = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/hosts/mqtt ./config/hosts/mqtt
]; ];
}; };
@ -180,10 +185,10 @@
mjolnir = nixpkgs.lib.nixosSystem { mjolnir = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/mjolnir ./config/hosts/mjolnir
]; ];
}; };
@ -191,22 +196,19 @@
woodpecker = nixpkgs.lib.nixosSystem { woodpecker = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/woodpecker ./config/hosts/woodpecker
]; ];
specialArgs = {
inherit pkgs-unstable;
};
}; };
status = nixpkgs.lib.nixosSystem { status = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/hosts/status ./config/hosts/status
]; ];
@ -215,10 +217,10 @@
penpot = nixpkgs.lib.nixosSystem { penpot = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/penpot ./config/hosts/penpot
]; ];
}; };
@ -226,9 +228,9 @@
hydra = nixpkgs.lib.nixosSystem { hydra = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
./config/extra/prometheus-exporter.nix self.nixosModules.prometheus-exporter
./config/hosts/hydra ./config/hosts/hydra
]; ];
}; };
@ -239,8 +241,8 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./config/nixos-generators/proxmox.nix ./config/nixos-generators/proxmox.nix
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
]; ];
format = "proxmox"; format = "proxmox";
}; };
@ -250,8 +252,8 @@
modules = [ modules = [
./config/nixos-generators/proxmox-chaosknoten.nix ./config/nixos-generators/proxmox-chaosknoten.nix
./config/proxmox-chaosknoten-additional-initial-config.nix ./config/proxmox-chaosknoten-additional-initial-config.nix
./config/common self.nixosModules.common
./config/proxmox-vm self.nixosModules.proxmox-vm
]; ];
format = "proxmox"; format = "proxmox";
}; };