nixos-config/krops.nix

{ writeCommand, lib, secrets }:
let

  # command that ensures we use flake.nix during switch
  command = targetPath: ''
    echo 'nixos-rebuild build --flake ${targetPath} -L --keep-going'
    nix-shell \
     -E "with import <nixpkgs> {}; mkShell { buildInputs = [ git (nixos { nix.package = nixFlakes; }).nixos-rebuild ]; }" \
     --run 'nixos-rebuild build --flake ${targetPath} -L --keep-going'
  '';

  #secrets = name: {
  #  secrets.pass = {
  #    dir = toString ~/.password-store;
  #    name = "krops/${name}/secrets";
  #  };
  #  common_secrets.pass = {
  #    dir = toString ~/.password-store;
  #    name = "krops/common_secrets";
  #  };
  #};

  #desktopSecrets = {
  #  desktop_secrets.pass = {
  #    dir = toString ~/.password-store;
  #    name = "krops/desktop_secrets";
  #  };
  #};

  source = {

    secrets.file = "${secrets}/secrets";
    assets.file = toString ./assets;
    configs.file = toString ./configs;
    library.file = toString ./library;
    modules.file = toString ./modules;
    pkgs.file = toString ./pkgs;
    system.file = toString ./system;
    "flake.nix".file = toString ./flake.nix;
    "flake.lock".file = toString ./flake.lock;
    "configurations.nix".file = toString ./configurations.nix;
    #mqtt.file = toString ./mqtt;

    #backup-module.file = toString ~/dev/backup;
    backup-module.git = {
      url = "https://git.ingolf-wagner.de/nix-modules/backup.git";
      ref = "1.3.3";
    };

    #kops-lib.file = toString ~/dev/krops-lib;
    krops-lib.git = {
      url = "https://git.ingolf-wagner.de/nix-modules/krops.git";
      ref = "1.0.3";
    };

    #cluster-module.file = toString ~/dev/cluster-module;
    cluster-module.git = {
      url = "https://git.ingolf-wagner.de/nix-modules/cluster.git";
      ref = "1.2.0";
    };

  };

in {
  sterni = writeCommand "/bin/sterni" {
    #source = lib.evalSource [ source (secrets "sterni") desktopSecrets ];
    source = lib.evalSource [ source ];
    target = lib.mkTarget "root@sterni.private";
    inherit command;
  };
}
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`{ writeCommand, lib, secrets }:`
wip 2021-09-24 06:09:20 +02:00			`let`

seem to work 2021-09-24 06:47:46 +02:00			`# command that ensures we use flake.nix during switch`
			`command = targetPath: ''`
it works 2021-09-24 07:02:16 +02:00			`echo 'nixos-rebuild build --flake ${targetPath} -L --keep-going'`
seem to work 2021-09-24 06:47:46 +02:00			`nix-shell \`
			`-E "with import <nixpkgs> {}; mkShell { buildInputs = [ git (nixos { nix.package = nixFlakes; }).nixos-rebuild ]; }" \`
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`--run 'nixos-rebuild build --flake ${targetPath} -L --keep-going'`
			`'';`
seem to work 2021-09-24 06:47:46 +02:00
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`#secrets = name: {`
			`# secrets.pass = {`
			`# dir = toString ~/.password-store;`
			`# name = "krops/${name}/secrets";`
			`# };`
			`# common_secrets.pass = {`
			`# dir = toString ~/.password-store;`
			`# name = "krops/common_secrets";`
			`# };`
			`#};`
wip 2021-09-24 06:09:20 +02:00
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`#desktopSecrets = {`
			`# desktop_secrets.pass = {`
			`# dir = toString ~/.password-store;`
			`# name = "krops/desktop_secrets";`
			`# };`
			`#};`
wip 2021-09-24 06:09:20 +02:00
			`source = {`

krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`secrets.file = "${secrets}/secrets";`
wip 2021-09-24 06:09:20 +02:00			`assets.file = toString ./assets;`
			`configs.file = toString ./configs;`
			`library.file = toString ./library;`
			`modules.file = toString ./modules;`
			`pkgs.file = toString ./pkgs;`
			`system.file = toString ./system;`
seem to work 2021-09-24 06:47:46 +02:00			`"flake.nix".file = toString ./flake.nix;`
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`"flake.lock".file = toString ./flake.lock;`
it works 2021-09-24 07:02:16 +02:00			`"configurations.nix".file = toString ./configurations.nix;`
krops works, but secrets are not 2021-09-25 11:07:09 +02:00			`#mqtt.file = toString ./mqtt;`
wip 2021-09-24 06:09:20 +02:00
			`#backup-module.file = toString ~/dev/backup;`
			`backup-module.git = {`
			`url = "https://git.ingolf-wagner.de/nix-modules/backup.git";`
			`ref = "1.3.3";`
			`};`

			`#kops-lib.file = toString ~/dev/krops-lib;`
			`krops-lib.git = {`
			`url = "https://git.ingolf-wagner.de/nix-modules/krops.git";`
			`ref = "1.0.3";`
			`};`

			`#cluster-module.file = toString ~/dev/cluster-module;`
			`cluster-module.git = {`
			`url = "https://git.ingolf-wagner.de/nix-modules/cluster.git";`
			`ref = "1.2.0";`
			`};`

			`};`

			`in {`
stupid version works 2021-09-24 06:23:07 +02:00			`sterni = writeCommand "/bin/sterni" {`
			`#source = lib.evalSource [ source (secrets "sterni") desktopSecrets ];`
			`source = lib.evalSource [ source ];`
wip 2021-09-24 06:09:20 +02:00			`target = lib.mkTarget "root@sterni.private";`
seem to work 2021-09-24 06:47:46 +02:00			`inherit command;`
wip 2021-09-24 06:09:20 +02:00			`};`
			`}`