fix!: make all nixosConfigurations
build
Specifically `homix` - remove manual `home-manager` module definition Import `(r)agenix` and `agenix-rekey` by default for all `NixOS` configurations Move `machines.nix` flake module import to `configuration.nix` from `flake.nix`
This commit is contained in:
parent
b48f29dab4
commit
af91b1e76d
7 changed files with 13 additions and 26 deletions
|
@ -148,7 +148,6 @@
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./nix/pkgs.nix
|
./nix/pkgs.nix
|
||||||
./nix/machines.nix
|
|
||||||
./nix/modules.nix
|
./nix/modules.nix
|
||||||
./nix/configurations.nix
|
./nix/configurations.nix
|
||||||
./nix/agenix.nix
|
./nix/agenix.nix
|
||||||
|
|
|
@ -205,14 +205,6 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
home-manager = {
|
|
||||||
backupFileExtension = "hm-bak";
|
|
||||||
useUserPackages = true;
|
|
||||||
useGlobalPkgs = false;
|
|
||||||
|
|
||||||
extraSpecialArgs = { inherit inputs outputs; };
|
|
||||||
};
|
|
||||||
|
|
||||||
### Enable plymouth (bootscreen customizations)
|
### Enable plymouth (bootscreen customizations)
|
||||||
boot.plymouth = {
|
boot.plymouth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -4,8 +4,6 @@
|
||||||
inputs.hardware.nixosModules.common-cpu-amd
|
inputs.hardware.nixosModules.common-cpu-amd
|
||||||
inputs.hardware.nixosModules.common-gpu-amd
|
inputs.hardware.nixosModules.common-gpu-amd
|
||||||
./disko.nix
|
./disko.nix
|
||||||
inputs.ragenix.nixosModules.default
|
|
||||||
inputs.agenix-rekey.nixosModules.default
|
|
||||||
./network.nix
|
./network.nix
|
||||||
./wireguard.nix
|
./wireguard.nix
|
||||||
./nginx.nix
|
./nginx.nix
|
||||||
|
|
|
@ -1,11 +1,8 @@
|
||||||
{ inputs, outputs, lib, pkgs, config, options, ... }:
|
{ inputs, outputs, lib, pkgs, config, options, ... }:
|
||||||
let
|
{
|
||||||
# NOTE: synced with <https://github.com/oddlama/agenix-rekey/blob/c071067f7d972552f5170cf8665643ed0ec19a6d/modules/agenix-rekey.nix#L38>
|
config = {
|
||||||
dummyPubkey = "age1qyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs3290gq";
|
# NOTE: `(r)agenix` and `agenix-rekey` modules are imported by `../../../nix/configurations.nix`
|
||||||
in {
|
age.rekey = {
|
||||||
# TODO: cleaner deep check
|
|
||||||
config = lib.mkIf (lib.all lib.id [(builtins.hasAttr "age" options) (builtins.hasAttr "rekey" options.age)]) {
|
|
||||||
age.rekey = lib.mkIf (config.age.rekey.hostPubkey != dummyPubkey) {
|
|
||||||
masterIdentities = lib.mkDefault [ "${inputs.self}/secrets/privkey.age" ];
|
masterIdentities = lib.mkDefault [ "${inputs.self}/secrets/privkey.age" ];
|
||||||
storageMode = lib.mkDefault "local";
|
storageMode = lib.mkDefault "local";
|
||||||
localStorageDir = lib.mkDefault "${inputs.self}/secrets/rekeyed/${config.networking.hostName}";
|
localStorageDir = lib.mkDefault "${inputs.self}/secrets/rekeyed/${config.networking.hostName}";
|
||||||
|
|
|
@ -7,9 +7,7 @@
|
||||||
|
|
||||||
perSystem = {
|
perSystem = {
|
||||||
agenix-rekey = {
|
agenix-rekey = {
|
||||||
nodes = {
|
nodes = self.nixosConfigurations;
|
||||||
inherit (self.nixosConfigurations) jeeves;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{ lib, config, self, inputs, withSystem, ... }:
|
{ lib, config, self, inputs, withSystem, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
# TODO: works?
|
|
||||||
outputs = self;
|
outputs = self;
|
||||||
inherit (import ./utils.nix { inherit lib self; })
|
inherit (import ./utils.nix { inherit lib self; })
|
||||||
and
|
and
|
||||||
|
@ -45,6 +44,9 @@ let
|
||||||
# Home Manager
|
# Home Manager
|
||||||
inputs.home-manager.nixosModules.home-manager
|
inputs.home-manager.nixosModules.home-manager
|
||||||
(homeManagerModule args)
|
(homeManagerModule args)
|
||||||
|
# (r)agenix && agenix-rekey
|
||||||
|
inputs.ragenix.nixosModules.default
|
||||||
|
inputs.agenix-rekey.nixosModules.default
|
||||||
# nix-topology
|
# nix-topology
|
||||||
inputs.nix-topology.nixosModules.default
|
inputs.nix-topology.nixosModules.default
|
||||||
# Sane default `networking.hostName`
|
# Sane default `networking.hostName`
|
||||||
|
@ -134,6 +136,10 @@ let
|
||||||
machines));
|
machines));
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
imports = [
|
||||||
|
./machines.nix
|
||||||
|
];
|
||||||
|
|
||||||
flake = {
|
flake = {
|
||||||
# Configurations
|
# Configurations
|
||||||
nixosConfigurations =
|
nixosConfigurations =
|
||||||
|
|
|
@ -50,10 +50,7 @@
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
topology = {
|
topology = {
|
||||||
nixosConfigurations = {
|
nixosConfigurations = self.nixosConfigurations;
|
||||||
inherit (self.nixosConfigurations)
|
|
||||||
jeeves;
|
|
||||||
};
|
|
||||||
modules = [
|
modules = [
|
||||||
({ config, ... }: let
|
({ config, ... }: let
|
||||||
inherit (config.lib.topology)
|
inherit (config.lib.topology)
|
||||||
|
|
Loading…
Reference in a new issue