diff --git a/README.md b/README.md index b55e1f2..bd3a29a 100644 --- a/README.md +++ b/README.md @@ -62,3 +62,14 @@ This is exactly what we're doing to set the default deployment user to `colmena- }; ``` This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host. + +## Build NixOS Proxmox VE Template + +Build a new NixOS Proxmox VE Template for the thinkcccore's: +```shell +nix build .#proxmox-nixos-template +``` +Build a new NixOS Proxmox VE Template for the chaosknoten: +```shell +nix build .#proxmox-chaosknoten-nixos-template +``` diff --git a/config/common/users.nix b/config/common/users.nix index 59682c4..026929b 100644 --- a/config/common/users.nix +++ b/config/common/users.nix @@ -11,8 +11,8 @@ let authorizedKeysRepo = pkgs.fetchgit { url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys"; - rev = "b6a29dc7af0a45a8c0b4904290c7cb0c5bc51413"; - hash = "sha256-c0aH0wQeJtfXJG5wAbS6aO8yILLI1NNkFAHAeOm8RXA="; + rev = "686a6af22f6696f0c0595c56f463c078550049fc"; + hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc="; }; authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys")); in diff --git a/config/hosts/eh22-wiki/dokuwiki.nix b/config/hosts/eh22-wiki/dokuwiki.nix index c0eafaa..f9a7cbd 100644 --- a/config/hosts/eh22-wiki/dokuwiki.nix +++ b/config/hosts/eh22-wiki/dokuwiki.nix @@ -21,7 +21,8 @@ let app = "dokuwiki"; domain = "eh22.easterhegg.eu"; dataDir = "/srv/www/${domain}"; -in { +in +{ systemd.tmpfiles.rules = [ "d ${dataDir} 0755 ${app} ${app}" ]; @@ -76,7 +77,7 @@ in { default = true; enableACME = true; serverName = "${domain}"; - + listen = [ { addr = "0.0.0.0"; diff --git a/config/hosts/git/forgejo.nix b/config/hosts/git/forgejo.nix index bb7099f..a57a37f 100644 --- a/config/hosts/git/forgejo.nix +++ b/config/hosts/git/forgejo.nix @@ -45,6 +45,9 @@ DEFAULT_USER_VISIBILITY = "limited"; DEFAULT_KEEP_EMAIL_PRIVATE = true; ENABLE_BASIC_AUTHENTICATION = false; + ENABLE_NOTIFY_MAIL = true; + AUTO_WATCH_NEW_REPOS = false; + AUTO_WATCH_ON_CHANGES = false; }; repo = { DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls"; diff --git a/config/hosts/mqtt/configuration.nix b/config/hosts/mqtt/configuration.nix index 18d0184..793807d 100644 --- a/config/hosts/mqtt/configuration.nix +++ b/config/hosts/mqtt/configuration.nix @@ -1,10 +1,10 @@ { ... }: { - networking = { - hostName = "mqtt"; - domain = "z9.ccchh.net"; - }; + networking = { + hostName = "mqtt"; + domain = "z9.ccchh.net"; + }; - system.stateVersion = "23.11"; -} \ No newline at end of file + system.stateVersion = "23.11"; +} diff --git a/config/hosts/mqtt/default.nix b/config/hosts/mqtt/default.nix index bb61c12..bc91d9f 100644 --- a/config/hosts/mqtt/default.nix +++ b/config/hosts/mqtt/default.nix @@ -1,9 +1,9 @@ { pkgs, ... }: { - imports = [ - ./configuration.nix - ./networking.nix - ./mosquitto.nix - ]; -} \ No newline at end of file + imports = [ + ./configuration.nix + ./networking.nix + ./mosquitto.nix + ]; +} diff --git a/config/hosts/mqtt/mosquitto.nix b/config/hosts/mqtt/mosquitto.nix index 672c05d..d093bd8 100644 --- a/config/hosts/mqtt/mosquitto.nix +++ b/config/hosts/mqtt/mosquitto.nix @@ -5,29 +5,29 @@ { ... }: { - services.mosquitto = { - enable = true; - persistence = true; + services.mosquitto = { + enable = true; + persistence = true; - # set config for all listeners - listeners = [ { - settings.allow_anonymous = true; - omitPasswordAuth = true; - acl = ["topic readwrite #"]; - } ]; + # set config for all listeners + listeners = [{ + settings.allow_anonymous = true; + omitPasswordAuth = true; + acl = [ "topic readwrite #" ]; + }]; - bridges.winkekatz = { - addresses = [ - { address = "mqtt.winkekatze24.de"; } - ]; - topics = [ - "winkekatze/allcats/eye/set in 2" - "winkekatze/allcats in 2" - "+/status out 2 winkekatze/ \"\"" - "+/connected out 2 winkekatze/ \"\"" - ]; - }; + bridges.winkekatz = { + addresses = [ + { address = "mqtt.winkekatze24.de"; } + ]; + topics = [ + "winkekatze/allcats/eye/set in 2" + "winkekatze/allcats in 2" + "+/status out 2 winkekatze/ \"\"" + "+/connected out 2 winkekatze/ \"\"" + ]; }; + }; - networking.firewall.allowedTCPPorts = [ 1883 ]; -} \ No newline at end of file + networking.firewall.allowedTCPPorts = [ 1883 ]; +} diff --git a/config/hosts/nix-box-june/users.nix b/config/hosts/nix-box-june/users.nix index 9f1b217..dfb333e 100644 --- a/config/hosts/nix-box-june/users.nix +++ b/config/hosts/nix-box-june/users.nix @@ -26,7 +26,7 @@ }; yuri = { isNormalUser = true; - openssh.authorizedKeys.keys = [ + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdk3FLQRoCWxdOxg4kHcPqAu3QQOs/rY9na2Al2ilGl yuri@violet" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEvM35w+UaSpDTuaG5pGPgfHcfwscr+wSZN9Z5Jle82 yuri@kiara" ]; diff --git a/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix index 5f0792f..1836f25 100644 --- a/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix @@ -1,10 +1,10 @@ { pkgs, ... }: let - elementWebVersion = "1.11.80"; + elementWebVersion = "1.11.84"; element-web = pkgs.fetchzip { url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz"; - sha256 = "sha256-sudWmNehxGsbZTNirTkoWQ/Bln1DC1CI30wocw9VoH8="; + sha256 = "sha256-z2qaKKyUq2S/r3xUUU3ym0FgFbiQr6bcltuKvUMPbH4="; }; elementSecurityHeaders = '' # Configuration best practices diff --git a/config/hosts/public-web-static/virtualHosts/hacker.tours.nix b/config/hosts/public-web-static/virtualHosts/hacker.tours.nix index 7eaa086..1ee6180 100644 --- a/config/hosts/public-web-static/virtualHosts/hacker.tours.nix +++ b/config/hosts/public-web-static/virtualHosts/hacker.tours.nix @@ -4,7 +4,8 @@ let domain = "hacker.tours"; dataDir = "/var/www/${domain}"; deployUser = "hackertours-website-deploy"; -in { +in +{ services.nginx.virtualHosts = { "acme-${domain}" = { enableACME = true; diff --git a/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix index 2077ca7..b0104b6 100644 --- a/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix @@ -4,7 +4,8 @@ let domain = "hackertours.hamburg.ccc.de"; dataDir = "/var/www/${domain}"; deployUser = "ht-ccchh-website-deploy"; -in { +in +{ services.nginx.virtualHosts = { "acme-${domain}" = { enableACME = true; diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix index fe53d04..69d8855 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix @@ -1,4 +1,4 @@ -{...}: +{ ... }: { imports = [ @@ -9,4 +9,4 @@ ./eh11.nix ./eh20.nix ]; -} \ No newline at end of file +} diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix index 60d4f21..2c5dd86 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix @@ -6,7 +6,7 @@ let rev = "74977c56486cd060566bf06678a936e801952f9e"; hash = "sha256-ded/NO+Jex2Sa4yWAIRpqANsv8i0vKmJSkM5r9KxaVk="; }; -in +in { security.acme.certs."eh03.easterhegg.eu".extraDomainNames = [ "eh2003.hamburg.ccc.de" @@ -48,7 +48,7 @@ in }]; locations."/".return = "302 https://eh03.easterhegg.eu"; - + extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix index 7651666..37cb893 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix @@ -48,7 +48,7 @@ in }]; locations."/".return = "302 https://eh05.easterhegg.eu"; - + extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy @@ -60,7 +60,7 @@ in real_ip_header proxy_protocol; ''; }; - + "eh05.easterhegg.eu" = { forceSSL = true; useACMEHost = "eh05.easterhegg.eu"; @@ -71,7 +71,7 @@ in ssl = true; proxyProtocol = true; }]; - + locations."/" = { index = "index.shtml"; root = eh05; @@ -80,7 +80,7 @@ in default_type text/html; # Enable SSI ssi on; - ''; + ''; }; extraConfig = '' diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix index 40fe480..ebfa712 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix @@ -54,7 +54,7 @@ in }]; locations."/".return = "302 https://eh07.easterhegg.eu"; - + extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy @@ -86,7 +86,7 @@ in default_type text/html; # Enable SSI ssi on; - ''; + ''; }; extraConfig = '' diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix index f7416ed..ea274af 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix @@ -54,7 +54,7 @@ in }]; locations."/".return = "302 https://eh09.easterhegg.eu"; - + extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy @@ -86,7 +86,7 @@ in default_type text/html; # Enable SSI ssi on; - ''; + ''; }; extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix index c409641..39d7fad 100644 --- a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix @@ -54,7 +54,7 @@ in }]; locations."/".return = "302 https://eh11.easterhegg.eu"; - + extraConfig = '' # Make use of the ngx_http_realip_module to set the $remote_addr and # $remote_port to the client address and client port, when using proxy @@ -86,7 +86,7 @@ in default_type text/html; # Enable SSI ssi on; - ''; + ''; }; extraConfig = '' diff --git a/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix b/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix index 382f1b6..14ede9b 100644 --- a/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix +++ b/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix @@ -4,7 +4,8 @@ let domain = "staging.hacker.tours"; dataDir = "/var/www/${domain}"; deployUser = "hackertours-website-deploy"; -in { +in +{ services.nginx.virtualHosts = { "acme-${domain}" = { enableACME = true; diff --git a/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix index 4b71d53..79ca38c 100644 --- a/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix @@ -4,7 +4,8 @@ let domain = "staging.hackertours.hamburg.ccc.de"; dataDir = "/var/www/${domain}"; deployUser = "ht-ccchh-website-deploy"; -in { +in +{ services.nginx.virtualHosts = { "acme-${domain}" = { enableACME = true; diff --git a/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix b/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix index dc89021..8c6847b 100644 --- a/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix +++ b/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix @@ -3,13 +3,12 @@ # - https://woodpecker-ci.org/docs/administration/agent-config # - https://woodpecker-ci.org/docs/administration/backends/docker -{ config, pkgs, pkgs-unstable, ... }: +{ config, pkgs, ... }: { services.woodpecker-agents.agents."docker" = { enable = true; - # Since we use woodpecker-server from unstable, use the agent from unstable as well. - package = pkgs-unstable.woodpecker-agent; + package = pkgs.woodpecker-agent; extraGroups = [ "docker" ]; environment = { WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}"; diff --git a/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix b/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix index 464af13..2baafc5 100644 --- a/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix +++ b/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix @@ -5,14 +5,12 @@ # - https://woodpecker-ci.org/docs/administration/forges/forgejo # - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING -{ config, pkgs, pkgs-unstable, ... }: +{ config, pkgs, ... }: { services.woodpecker-server = { enable = true; - # Use package from unstable to get at least version 2.6.0 for native Forgejo support. - # https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.6.0 - package = pkgs-unstable.woodpecker-server; + package = pkgs.woodpecker-server; environment = { WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de"; WOODPECKER_SERVER_ADDR = ":8001"; diff --git a/config/hosts/yate/service.nix b/config/hosts/yate/service.nix index e426a31..e031d4d 100644 --- a/config/hosts/yate/service.nix +++ b/config/hosts/yate/service.nix @@ -6,16 +6,16 @@ description = "Yate telehony engine"; unitConfig = { Type = "simple"; - After="network.target"; + After = "network.target"; }; serviceConfig = { ExecStart = "${pkgs.yate}/bin/yate -c /yate -e /yate/share -Do"; - Type="simple"; - Restart="always"; + Type = "simple"; + Restart = "always"; # ... }; wantedBy = [ "default.target" ]; - requiredBy = [ "network.target" ]; + requiredBy = [ "network.target" ]; # ... }; } diff --git a/flake.lock b/flake.lock index 24f50dd..74a5396 100644 --- a/flake.lock +++ b/flake.lock @@ -38,11 +38,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730428893, - "narHash": "sha256-fLLUd2dO/Vnf96UDr8YPzerYi+n99l3S5yIUDnmcPBE=", + "lastModified": 1731133565, + "narHash": "sha256-tCErjTdCUWK06LzkcvwUM+3pyrrmdf8e0VDBBTgqznE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "38edd08881ce4dc24056eec173b43587a93c990f", + "rev": "11f65b4b0405cff5b54c813626bddcf5435d7ad2", "type": "github" }, "original": { @@ -54,11 +54,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -68,27 +68,10 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1730449684, - "narHash": "sha256-Hlv3rTPxnO+DpKRXw9yjzERLdk05h7+fEbZxWM2taCw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "ab464abbeb3a2833288c6e907488c49c2e599f88", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, "root": { "inputs": { "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs", - "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix" } }, @@ -100,11 +83,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1729999681, - "narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", + "lastModified": 1731213149, + "narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=", "owner": "Mic92", "repo": "sops-nix", - "rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", + "rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b787f78..f575ac6 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,6 @@ # https://nixos.org/manual/nixos/stable/#sec-upgrading # https://github.com/NixOS/nixpkgs nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small"; - nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; # Add nixos-generators as an input. # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake @@ -23,26 +22,32 @@ }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }: + outputs = { self, nixpkgs, nixos-generators, sops-nix, ... }: let system = "x86_64-linux"; - shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: { - shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: { - # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md - configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ]; - buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ]; - }); - }; - pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux"; in { + overlays = { + shairportSyncAirplay2 = final: prev: { + shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: { + # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md + configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ]; + buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ]; + }); + }; + }; + nixosModules = { + common = ./config/common; + proxmox-vm = ./config/proxmox-vm; + prometheus-exporter = ./config/extra/prometheus-exporter.nix; + }; nixosConfigurations = { audio-hauptraum-kueche = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm - { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } + self.nixosModules.common + self.nixosModules.proxmox-vm + { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; } ./config/hosts/audio-hauptraum-kueche ]; }; @@ -50,9 +55,9 @@ audio-hauptraum-tafel = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm - { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } + self.nixosModules.common + self.nixosModules.proxmox-vm + { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; } ./config/hosts/audio-hauptraum-tafel ]; }; @@ -60,8 +65,8 @@ esphome = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ./config/hosts/esphome ]; }; @@ -69,8 +74,8 @@ public-reverse-proxy = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ./config/hosts/public-reverse-proxy ]; }; @@ -78,10 +83,10 @@ netbox = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/netbox ]; }; @@ -89,10 +94,10 @@ matrix = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/matrix ]; }; @@ -100,10 +105,10 @@ public-web-static = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/public-web-static ]; }; @@ -111,10 +116,10 @@ git = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/git ]; }; @@ -122,10 +127,10 @@ forgejo-actions-runner = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/forgejo-actions-runner ]; }; @@ -133,8 +138,8 @@ ptouch-print-server = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ./config/hosts/ptouch-print-server ]; }; @@ -142,9 +147,9 @@ eh22-wiki = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm - ./config/extra/prometheus-exporter.nix + self.nixosModules.common + self.nixosModules.proxmox-vm + self.nixosModules.prometheus-exporter ./config/hosts/eh22-wiki ]; }; @@ -152,9 +157,9 @@ nix-box-june = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm - ./config/extra/prometheus-exporter.nix + self.nixosModules.common + self.nixosModules.proxmox-vm + self.nixosModules.prometheus-exporter ./config/hosts/nix-box-june ]; }; @@ -162,8 +167,8 @@ yate = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ./config/hosts/yate ]; }; @@ -171,8 +176,8 @@ mqtt = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ./config/hosts/mqtt ]; }; @@ -180,10 +185,10 @@ mjolnir = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/mjolnir ]; }; @@ -191,22 +196,19 @@ woodpecker = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/woodpecker ]; - specialArgs = { - inherit pkgs-unstable; - }; }; status = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops ./config/hosts/status ]; @@ -215,10 +217,10 @@ penpot = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm sops-nix.nixosModules.sops - ./config/extra/prometheus-exporter.nix + self.nixosModules.prometheus-exporter ./config/hosts/penpot ]; }; @@ -226,9 +228,9 @@ hydra = nixpkgs.lib.nixosSystem { inherit system; modules = [ - ./config/common - ./config/proxmox-vm - ./config/extra/prometheus-exporter.nix + self.nixosModules.common + self.nixosModules.proxmox-vm + self.nixosModules.prometheus-exporter ./config/hosts/hydra ]; }; @@ -239,8 +241,8 @@ system = "x86_64-linux"; modules = [ ./config/nixos-generators/proxmox.nix - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ]; format = "proxmox"; }; @@ -250,8 +252,8 @@ modules = [ ./config/nixos-generators/proxmox-chaosknoten.nix ./config/proxmox-chaosknoten-additional-initial-config.nix - ./config/common - ./config/proxmox-vm + self.nixosModules.common + self.nixosModules.proxmox-vm ]; format = "proxmox"; };