nixos-config/nixos/krops.nix

136 lines
3.1 KiB
Nix
Raw Normal View History

2021-11-01 12:16:18 +01:00
{ pkgs, writeCommand, lib, secrets, nixosRebuildCommand ? "switch" }:
2021-09-25 20:28:25 +02:00
let
# command that ensures we use flake.nix during switch
command = targetPath:
let
2021-11-01 12:16:18 +01:00
commandLine = "TMPDIR=/tmp nixos-rebuild ${nixosRebuildCommand} --flake ${targetPath} -L --keep-going";
2021-11-01 09:20:42 +01:00
in
''
2021-09-25 20:28:25 +02:00
echo '${commandLine}'
nix-shell \
-E "with import <nixpkgs> {}; mkShell { buildInputs = [ git (nixos { nix.package = nixFlakes; }).nixos-rebuild ]; }" \
--run '${commandLine}'
'';
source = {
2021-10-26 07:54:50 +02:00
secrets.file = {
path = "${secrets}/secrets";
useChecksum = true;
};
2021-09-25 20:28:25 +02:00
private_assets.pass = {
dir = toString ~/.password-store;
name = "krops/private_assets";
};
2021-10-26 07:54:50 +02:00
assets.file = {
path = toString ./assets;
useChecksum = true;
};
configs.file = {
path = toString ./configs;
useChecksum = true;
};
library.file = {
path = toString ./library;
useChecksum = true;
};
modules.file = {
path = toString ./modules;
useChecksum = true;
};
pkgs.file = {
path = toString ./pkgs;
useChecksum = true;
};
system.file = {
path = toString ./system;
useChecksum = true;
};
"flake.nix".file = {
path = toString ./flake.nix;
useChecksum = true;
};
"flake.lock".file = {
path = toString ./flake.lock;
useChecksum = true;
};
2021-09-25 20:28:25 +02:00
};
2021-09-25 20:30:49 +02:00
server = { name, host }:
let
system = writeCommand "/bin/system" {
source = lib.evalSource [ source ];
force = true;
target = lib.mkTarget "root@${host}/var/krops";
inherit command;
};
2021-11-01 09:20:42 +01:00
in
{
2022-06-17 08:52:34 +02:00
"${name}" = {
type = "app";
program = toString (pkgs.writers.writeBash name
''
echo "deploy system"
${system}/bin/system
'');
};
2021-09-25 20:30:49 +02:00
};
2021-09-25 20:28:25 +02:00
desktop = { name, host }:
let
system = writeCommand "/bin/system" {
source = lib.evalSource [ source ];
force = true;
target = lib.mkTarget "root@${host}/var/krops";
inherit command;
};
network = writeCommand "/bin/secrets" {
source = lib.evalSource [{
system-connections.pass = {
dir = toString ~/.password-store;
name = "krops/desktop_secrets/network-manager/system-connections";
};
}];
force = true;
target = lib.mkTarget "root@${host}/etc/NetworkManager";
};
2021-11-01 09:20:42 +01:00
in
{
2022-06-17 08:52:34 +02:00
"${name}" = {
type = "app";
program = toString (pkgs.writers.writeBash "${name}-all"
''
echo "deploy network secerts"
${network}/bin/secrets
echo "deploy system"
${system}/bin/system
'');
};
2021-09-25 20:28:25 +02:00
};
2021-11-01 09:20:42 +01:00
in
(desktop {
2021-09-25 20:30:49 +02:00
name = "sterni";
host = "sterni.private";
2021-11-01 09:40:39 +01:00
}) //
(desktop {
2021-09-25 20:32:19 +02:00
name = "sternchen";
host = "sternchen.secret";
2021-11-01 09:40:39 +01:00
}) //
(server {
2021-09-25 20:30:49 +02:00
name = "pepe";
host = "pepe.private";
2021-11-01 09:40:39 +01:00
}) //
(server {
2021-09-25 20:30:49 +02:00
name = "workhorse";
host = "workhorse.private";
2021-11-01 09:40:39 +01:00
}) //
(server {
2021-09-25 20:30:49 +02:00
name = "sputnik";
host = "sputnik.private";
2021-12-28 16:19:29 +01:00
}) //
(server {
name = "robi";
host = "robi";
2021-09-25 20:30:49 +02:00
})