fix!: make all nixosConfigurations build

Specifically `homix`
- remove manual `home-manager` module definition
Import `(r)agenix` and `agenix-rekey` by default for all `NixOS` configurations
Move `machines.nix` flake module import to `configuration.nix` from `flake.nix`
This commit is contained in:
reo101 2024-07-21 16:46:12 +03:00
parent b48f29dab4
commit af91b1e76d
Signed by: reo101
GPG key ID: 675AA7EF13964ACB
7 changed files with 13 additions and 26 deletions

View file

@ -148,7 +148,6 @@
imports = [ imports = [
./nix/pkgs.nix ./nix/pkgs.nix
./nix/machines.nix
./nix/modules.nix ./nix/modules.nix
./nix/configurations.nix ./nix/configurations.nix
./nix/agenix.nix ./nix/agenix.nix

View file

@ -205,14 +205,6 @@
enable = true; enable = true;
}; };
home-manager = {
backupFileExtension = "hm-bak";
useUserPackages = true;
useGlobalPkgs = false;
extraSpecialArgs = { inherit inputs outputs; };
};
### Enable plymouth (bootscreen customizations) ### Enable plymouth (bootscreen customizations)
boot.plymouth = { boot.plymouth = {
enable = true; enable = true;

View file

@ -4,8 +4,6 @@
inputs.hardware.nixosModules.common-cpu-amd inputs.hardware.nixosModules.common-cpu-amd
inputs.hardware.nixosModules.common-gpu-amd inputs.hardware.nixosModules.common-gpu-amd
./disko.nix ./disko.nix
inputs.ragenix.nixosModules.default
inputs.agenix-rekey.nixosModules.default
./network.nix ./network.nix
./wireguard.nix ./wireguard.nix
./nginx.nix ./nginx.nix

View file

@ -1,11 +1,8 @@
{ inputs, outputs, lib, pkgs, config, options, ... }: { inputs, outputs, lib, pkgs, config, options, ... }:
let {
# NOTE: synced with <https://github.com/oddlama/agenix-rekey/blob/c071067f7d972552f5170cf8665643ed0ec19a6d/modules/agenix-rekey.nix#L38> config = {
dummyPubkey = "age1qyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs3290gq"; # NOTE: `(r)agenix` and `agenix-rekey` modules are imported by `../../../nix/configurations.nix`
in { age.rekey = {
# TODO: cleaner deep check
config = lib.mkIf (lib.all lib.id [(builtins.hasAttr "age" options) (builtins.hasAttr "rekey" options.age)]) {
age.rekey = lib.mkIf (config.age.rekey.hostPubkey != dummyPubkey) {
masterIdentities = lib.mkDefault [ "${inputs.self}/secrets/privkey.age" ]; masterIdentities = lib.mkDefault [ "${inputs.self}/secrets/privkey.age" ];
storageMode = lib.mkDefault "local"; storageMode = lib.mkDefault "local";
localStorageDir = lib.mkDefault "${inputs.self}/secrets/rekeyed/${config.networking.hostName}"; localStorageDir = lib.mkDefault "${inputs.self}/secrets/rekeyed/${config.networking.hostName}";

View file

@ -7,9 +7,7 @@
perSystem = { perSystem = {
agenix-rekey = { agenix-rekey = {
nodes = { nodes = self.nixosConfigurations;
inherit (self.nixosConfigurations) jeeves;
};
}; };
}; };
} }

View file

@ -1,7 +1,6 @@
{ lib, config, self, inputs, withSystem, ... }: { lib, config, self, inputs, withSystem, ... }:
let let
# TODO: works?
outputs = self; outputs = self;
inherit (import ./utils.nix { inherit lib self; }) inherit (import ./utils.nix { inherit lib self; })
and and
@ -45,6 +44,9 @@ let
# Home Manager # Home Manager
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
(homeManagerModule args) (homeManagerModule args)
# (r)agenix && agenix-rekey
inputs.ragenix.nixosModules.default
inputs.agenix-rekey.nixosModules.default
# nix-topology # nix-topology
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
# Sane default `networking.hostName` # Sane default `networking.hostName`
@ -134,6 +136,10 @@ let
machines)); machines));
in in
{ {
imports = [
./machines.nix
];
flake = { flake = {
# Configurations # Configurations
nixosConfigurations = nixosConfigurations =

View file

@ -50,10 +50,7 @@
}; };
in { in {
topology = { topology = {
nixosConfigurations = { nixosConfigurations = self.nixosConfigurations;
inherit (self.nixosConfigurations)
jeeves;
};
modules = [ modules = [
({ config, ... }: let ({ config, ... }: let
inherit (config.lib.topology) inherit (config.lib.topology)