forked from CCCHH/nix-infra
Run "nix fmt" to format this entire flake
This commit is contained in:
parent
71e1684f76
commit
1ad6ac9dc0
|
@ -16,24 +16,24 @@ let
|
|||
};
|
||||
authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
|
||||
in
|
||||
{
|
||||
users.mutableUsers = false;
|
||||
{
|
||||
users.mutableUsers = false;
|
||||
|
||||
users.users.chaos = {
|
||||
isNormalUser = true;
|
||||
description = "Chaos";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = authorizedKeys;
|
||||
};
|
||||
users.users.chaos = {
|
||||
isNormalUser = true;
|
||||
description = "Chaos";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = authorizedKeys;
|
||||
};
|
||||
|
||||
users.users.colmena-deploy = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = authorizedKeys;
|
||||
};
|
||||
users.users.colmena-deploy = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = authorizedKeys;
|
||||
};
|
||||
|
||||
nix.settings.trusted-users = [ "colmena-deploy" ];
|
||||
nix.settings.trusted-users = [ "colmena-deploy" ];
|
||||
|
||||
# Since our user doesn't have a password, allow passwordless sudo for wheel.
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
}
|
||||
# Since our user doesn't have a password, allow passwordless sudo for wheel.
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
}
|
||||
|
|
315
flake.nix
315
flake.nix
|
@ -58,169 +58,170 @@
|
|||
});
|
||||
};
|
||||
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
|
||||
in {
|
||||
colmena = {
|
||||
meta = {
|
||||
nixpkgs = nixpkgs.legacyPackages."x86_64-linux";
|
||||
nodeNixpkgs = {
|
||||
audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
|
||||
audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
|
||||
in
|
||||
{
|
||||
colmena = {
|
||||
meta = {
|
||||
nixpkgs = nixpkgs.legacyPackages."x86_64-linux";
|
||||
nodeNixpkgs = {
|
||||
audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
|
||||
audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
|
||||
};
|
||||
nodeSpecialArgs = {
|
||||
git = { inherit pkgs-unstable; };
|
||||
};
|
||||
};
|
||||
nodeSpecialArgs = {
|
||||
git = { inherit pkgs-unstable; };
|
||||
|
||||
audio-hauptraum-kueche = {
|
||||
deployment = {
|
||||
targetHost = "audio-hauptraum-kueche.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/audio-hauptraum-kueche
|
||||
];
|
||||
};
|
||||
|
||||
audio-hauptraum-tafel = {
|
||||
deployment = {
|
||||
targetHost = "audio-hauptraum-tafel.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/audio-hauptraum-tafel
|
||||
];
|
||||
};
|
||||
|
||||
esphome = {
|
||||
deployment = {
|
||||
targetHost = "esphome.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/esphome
|
||||
];
|
||||
};
|
||||
|
||||
public-reverse-proxy = {
|
||||
deployment = {
|
||||
targetHost = "public-reverse-proxy.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/public-reverse-proxy
|
||||
];
|
||||
};
|
||||
|
||||
netbox = {
|
||||
deployment = {
|
||||
targetHost = "netbox-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/netbox
|
||||
];
|
||||
};
|
||||
|
||||
matrix = {
|
||||
deployment = {
|
||||
targetHost = "matrix-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/matrix
|
||||
];
|
||||
};
|
||||
|
||||
public-web-static = {
|
||||
deployment = {
|
||||
targetHost = "public-web-static-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/public-web-static
|
||||
];
|
||||
};
|
||||
|
||||
git = {
|
||||
deployment = {
|
||||
targetHost = "git.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/git
|
||||
];
|
||||
};
|
||||
|
||||
forgejo-actions-runner = {
|
||||
deployment = {
|
||||
targetHost = "forgejo-actions-runner-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/forgejo-actions-runner
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
audio-hauptraum-kueche = {
|
||||
deployment = {
|
||||
targetHost = "audio-hauptraum-kueche.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
packages.x86_64-linux = {
|
||||
proxmox-nixos-template = nixos-generators.nixosGenerate {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./config/nixos-generators/proxmox.nix
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
];
|
||||
format = "proxmox";
|
||||
};
|
||||
|
||||
proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./config/nixos-generators/proxmox-chaosknoten.nix
|
||||
./config/proxmox-chaosknoten-additional-initial-config.nix
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
];
|
||||
format = "proxmox";
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/audio-hauptraum-kueche
|
||||
];
|
||||
};
|
||||
|
||||
audio-hauptraum-tafel = {
|
||||
deployment = {
|
||||
targetHost = "audio-hauptraum-tafel.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/audio-hauptraum-tafel
|
||||
];
|
||||
};
|
||||
|
||||
esphome = {
|
||||
deployment = {
|
||||
targetHost = "esphome.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/esphome
|
||||
];
|
||||
};
|
||||
|
||||
public-reverse-proxy = {
|
||||
deployment = {
|
||||
targetHost = "public-reverse-proxy.z9.ccchh.net";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "thinkcccluster" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/public-reverse-proxy
|
||||
];
|
||||
};
|
||||
|
||||
netbox = {
|
||||
deployment = {
|
||||
targetHost = "netbox-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/netbox
|
||||
];
|
||||
};
|
||||
|
||||
matrix = {
|
||||
deployment = {
|
||||
targetHost = "matrix-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/matrix
|
||||
];
|
||||
};
|
||||
|
||||
public-web-static = {
|
||||
deployment = {
|
||||
targetHost = "public-web-static-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/public-web-static
|
||||
];
|
||||
};
|
||||
|
||||
git = {
|
||||
deployment = {
|
||||
targetHost = "git.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/git
|
||||
];
|
||||
};
|
||||
|
||||
forgejo-actions-runner = {
|
||||
deployment = {
|
||||
targetHost = "forgejo-actions-runner-intern.hamburg.ccc.de";
|
||||
targetPort = 22;
|
||||
targetUser = "colmena-deploy";
|
||||
tags = [ "chaosknoten" ];
|
||||
};
|
||||
imports = [
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
./config/hosts/forgejo-actions-runner
|
||||
];
|
||||
};
|
||||
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
|
||||
};
|
||||
|
||||
packages.x86_64-linux = {
|
||||
proxmox-nixos-template = nixos-generators.nixosGenerate {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./config/nixos-generators/proxmox.nix
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
];
|
||||
format = "proxmox";
|
||||
};
|
||||
|
||||
proxmox-chaosknoten-nixos-template = nixos-generators.nixosGenerate {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./config/nixos-generators/proxmox-chaosknoten.nix
|
||||
./config/proxmox-chaosknoten-additional-initial-config.nix
|
||||
./config/common
|
||||
./config/proxmox-vm
|
||||
];
|
||||
format = "proxmox";
|
||||
};
|
||||
};
|
||||
|
||||
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue