diff --git a/flake.lock b/flake.lock index 4c143ac..92fd4e3 100644 --- a/flake.lock +++ b/flake.lock @@ -151,11 +151,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1717742737, - "narHash": "sha256-PApHCrcFq7s9AXQDiCeMl/5w0IYqkjIeASZtmBkx9C8=", + "lastModified": 1717880569, + "narHash": "sha256-wZqWMCtoht7WjAKE/93Js1OM5MoAsl9SgKHZxEz6kmg=", "owner": "mrvandalo", "repo": "clan-fact-generators", - "rev": "631b3981260e18a54cf0e03f4a7bdf5c1c4bac1a", + "rev": "35b6d92f16d9fdd169a74e4b4324e02a368ebe81", "type": "github" }, "original": { diff --git a/machines/cherry/facts/zfs.hostId b/machines/cherry/facts/zfs.hostId index 78046b5..7e4786d 100644 --- a/machines/cherry/facts/zfs.hostId +++ b/machines/cherry/facts/zfs.hostId @@ -1 +1 @@ -94f34f19 \ No newline at end of file +59e38471 \ No newline at end of file diff --git a/machines/cherry/hardware-configuration/default.nix b/machines/cherry/hardware-configuration/default.nix index ffe7de7..2568ccd 100644 --- a/machines/cherry/hardware-configuration/default.nix +++ b/machines/cherry/hardware-configuration/default.nix @@ -1,4 +1,4 @@ -{ lib, config, ... }: +{ lib, config, factsGenerator, ... }: { imports = [ ./disko-config.nix @@ -12,8 +12,8 @@ # ZFS stuff # --------- boot.supportedFilesystems = [ "zfs" ]; - # head -c4 /dev/urandom | od -A none -t x4 - networking.hostId = "59e38471"; + clanCore.facts.services.zfs = factsGenerator.zfs { }; + networking.hostId = config.clanCore.facts.services.zfs.public."zfs.hostId".value; services.zfs.autoSnapshot.enable = true; # todo not needed anymore if srvos is used diff --git a/machines/chungus/facts/zfs.hostId b/machines/chungus/facts/zfs.hostId index 35d846e..2950f78 100644 --- a/machines/chungus/facts/zfs.hostId +++ b/machines/chungus/facts/zfs.hostId @@ -1 +1 @@ - 8a4ed3c4 \ No newline at end of file +e439b116 \ No newline at end of file diff --git a/machines/chungus/hardware-configuration/default.nix b/machines/chungus/hardware-configuration/default.nix index d6e867a..7fbcf86 100644 --- a/machines/chungus/hardware-configuration/default.nix +++ b/machines/chungus/hardware-configuration/default.nix @@ -1,24 +1,17 @@ -{ ... }: +{ config, factsGenerator, clanLib, ... }: { imports = [ ./disko-config.nix ./hardware-configuration.nix ]; - # todo : rename to component.init.ssh - # todo : make tor optional - configuration.init-ssh = { - #enable = "enabled"; - kernelModules = [ "e1000e" ]; - }; - boot.loader.efi.canTouchEfiVariables = true; boot.loader.systemd-boot.enable = true; boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!) boot.supportedFilesystems = [ "zfs" ]; - # head -c4 /dev/urandom | od -A none -t x4 - networking.hostId = "e439b116"; + clanCore.facts.services.zfs = factsGenerator.zfs { }; + networking.hostId = toString config.clanCore.facts.services.zfs.public."zfs.hostId".value; services.zfs = { autoSnapshot.enable = true; autoScrub.enable = true; diff --git a/machines/orbi/facts/zfs.hostId b/machines/orbi/facts/zfs.hostId index 2566be7..dcd480a 100644 --- a/machines/orbi/facts/zfs.hostId +++ b/machines/orbi/facts/zfs.hostId @@ -1 +1 @@ - 78103cbd \ No newline at end of file +5bb982a6 \ No newline at end of file diff --git a/machines/orbi/hardware-configuration/default.nix b/machines/orbi/hardware-configuration/default.nix index 17c46b8..d994a8c 100644 --- a/machines/orbi/hardware-configuration/default.nix +++ b/machines/orbi/hardware-configuration/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, modulesPath, lib, ... }: +{ config, pkgs, modulesPath, lib, factsGenerator, ... }: let @@ -48,19 +48,16 @@ in services.openssh.settings.PermitRootLogin = "prohibit-password"; services.openssh.settings.PasswordAuthentication = false; - # todo : move this to the flake, this is always true - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==" - ]; - boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!) boot.supportedFilesystems = [ "zfs" ]; - # head -c4 /dev/urandom | od -A none -t x4 - networking.hostId = "5bb982a6"; + clanCore.facts.services.zfs = factsGenerator.zfs { }; + networking.hostId = config.clanCore.facts.services.zfs.public."zfs.hostId".value; systemd.network.networks."10-uplink".networkConfig.Address = ipv6.address; + boot.initrd.systemd.network.networks."10-uplink" = config.systemd.network.networks."10-uplink"; + # todo: use ssh component boot.initrd.kernelModules = [ networkInterfaceModule ]; boot.initrd.network = { enable = true; @@ -78,27 +75,4 @@ in }; }; - # enable ssh on init - # ================== - - - # No SystemD at boot - # ------------------ - #boot.kernelParams = [ - # # See for docs on this - # # ip=::::::::: - # # The server ip refers to the NFS server -- we don't need it. - # "ip=${ipv4.address}::${ipv4.gateway}:${ipv4.netmask}:${hostName}-initrd:${networkInterface}:off:8.8.8.8" - #]; - #boot.initrd.systemd.enable = false; - #boot.kernelParams = [ "ip=dhcp" ]; - #boot.initrd.network.ssh.shell = "/bin/cryptsetup-askpass"; - #boot.initrd.luks.reusePassphrases = true; - - # SystemD at boot - # --------------- - boot.initrd.systemd.enable = true; - #boot.initrd.systemd.services.openssh.enable = true; - boot.initrd.systemd.network.networks."10-uplink" = config.systemd.network.networks."10-uplink"; - }