moved all to subfolder nixos

.channelStable.json

@@ -1,10 +0,0 @@
-{
-  "url": "https://github.com/NixOS/nixpkgs.git",
-  "rev": "6bfe71f2a4e2e425dee26b25d2309f341ff1600d",
-  "date": "2021-09-02T17:55:10+02:00",
-  "path": "/nix/store/wmg7a97b7ql8kj413wkvh2pmvl5m4nkd-nixpkgs",
-  "sha256": "1mpf700fqlzyj6vsy2c329zlgbk9g6giwiyb2g0yhc0a78h72g8l",
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.channelUnstable.json

@@ -1,10 +0,0 @@
-{
-  "url": "https://github.com/NixOS/nixpkgs.git",
-  "rev": "a51aa6523bd8ee985bc70987909eff235900197a",
-  "date": "2021-09-04T10:19:48-03:00",
-  "path": "/nix/store/qylkdn96ah6r3mhh5m0p3yv236nxdbsa-nixpkgs",
-  "sha256": "1rpikl60v179gsshqfrr4xwz42db5g87scm2v2hk3v3jys9dqrgc",
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.krops.json

@@ -1,7 +0,0 @@
-{
-  "url": "https://git.ingolf-wagner.de/krebs/krops.git",
-  "rev": "2e93a93ac264a480b427acc2684993476732539d",
-  "date": "2018-09-19T19:57:26+02:00",
-  "sha256": "1s6b2cs60xa270ynhr32qj1rcy3prvf9pidap0qbbvgg008iafxk",
-  "fetchSubmodules": false
-}

.nix-writers.json

@@ -1,10 +0,0 @@
-{
-  "url": "https://cgit.krebsco.de/nix-writers/",
-  "rev": "fc8a3802a0777a5f43a9a2fe0f5848ecaeb555a1",
-  "date": "2018-10-27T14:45:48+02:00",
-  "path": "/nix/store/81f2li00frwb29kzk7wjw7b87l65s8bg-nix-writers",
-  "sha256": "1iy207rcbz9nv9bf64025ypy38x8mwzl6snbmbrq347h6vvs0ksc",
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.nixos-generators.json

@@ -1,10 +0,0 @@
-{
-  "url": "https://github.com/nix-community/nixos-generators.git",
-  "rev": "ef1e4480cf8af45cfdeac597b2f1b1af33923e93",
-  "date": "2019-01-18T10:41:01+01:00",
-  "path": "/nix/store/61wmz4fvlyxnxhw9smkl897rhavj06ry-nixos-generators-ef1e448",
-  "sha256": "0ymzp4pmpkjjjg5h8d45gv8avy4wh1dj0v238i2cz3jp3j489ik9",
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

configs/workhorse/mattermost.nix

@@ -1,135 +0,0 @@
-{ pkgs, lib, ... }:
-let
-
-  hostAddress = "192.168.100.20";
-  containerAddress = "192.168.100.21";
-
-in {
-
-  # backup mattermost
-  backup.dirs = [ "/home/mattermost" ];
-
-  containers.mattermost = {
-
-    # mount host folders
-    bindMounts = {
-      home = {
-        # make sure this folder exist on the host
-        hostPath = toString "/home/mattermost/home";
-        mountPoint = "/var/lib/mattermost";
-        isReadOnly = false;
-      };
-      db = {
-        # make sure this folder exist on the host
-        hostPath = toString "/home/mattermost/db";
-        mountPoint = "/var/lib/postgresql";
-        isReadOnly = false;
-      };
-    };
-
-    # container network setup
-    # see also nating on host system.
-    privateNetwork = true;
-    hostAddress = hostAddress;
-    localAddress = containerAddress;
-
-    autoStart = true;
-
-    config = { config, pkgs, lib, ... }: {
-
-      imports = [ <modules> <krops-lib> ];
-
-      services.nginx = {
-
-        # Use recommended settings
-        recommendedGzipSettings = lib.mkDefault true;
-        recommendedOptimisation = lib.mkDefault true;
-        recommendedProxySettings = lib.mkDefault true;
-        recommendedTlsSettings = lib.mkDefault true;
-
-        # for graylog logging
-        commonHttpConfig = let
-          access_log_sink = "${hostAddress}:12304";
-          error_log_sink = "${hostAddress}:12305";
-        in ''
-          log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
-            '"facility": "nginx", '
-            '"src_addr": "$remote_addr", '
-            '"body_bytes_sent": $body_bytes_sent, '
-            '"request_time": $request_time, '
-            '"response_status": $status, '
-            '"request": "$request", '
-            '"request_method": "$request_method", '
-            '"host": "$host",'
-            '"upstream_cache_status": "$upstream_cache_status",'
-            '"upstream_addr": "$upstream_addr",'
-            '"http_x_forwarded_for": "$http_x_forwarded_for",'
-            '"http_referrer": "$http_referer", '
-            '"http_user_agent": "$http_user_agent" }';
-
-          access_log syslog:server=${access_log_sink} graylog2_json;
-          error_log syslog:server=${error_log_sink};
-        '';
-      };
-
-      networking.firewall.allowedTCPPorts = [ 8065 6667 ];
-      networking.firewall.allowedUDPPorts = [ 8065 ];
-
-      # setup matter most
-      services.mattermost = {
-        enable = true;
-        siteUrl = "https://chat.ingolf-wagner.de";
-        localDatabaseName = "chat";
-        localDatabaseUser = "chatty";
-        listenAddress = ":8065";
-
-        matterircd = {
-          enable = true;
-          parameters = [
-            "-mmserver chat.ingolf-wagner.de"
-            "-restrict chat.ingolf-wagner.de"
-            "-bind [::]:6667"
-          ];
-        };
-      };
-
-      # send log to host systems graylog (use tinc or wireguard if host is not graylog)
-      services.SystemdJournal2Gelf.enable = true;
-      services.SystemdJournal2Gelf.graylogServer = "${hostAddress}:11201";
-
-      services.journald.extraConfig = "SystemMaxUse=1G";
-
-    };
-  };
-
-  # give containers internet access
-  networking.nat.enable = true;
-  networking.nat.internalInterfaces = [ "ve-mattermost" ];
-  networking.nat.externalInterface = "enp2s0f1";
-
-  # don't let networkmanager manger container network
-  networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
-
-  # open ports for logging
-  networking.firewall.interfaces."ve-mattermost".allowedTCPPorts =
-    [ 11201 12304 12305 ];
-  networking.firewall.interfaces."ve-mattermost".allowedUDPPorts =
-    [ 11201 12304 12305 ];
-
-  # host nginx setup
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    virtualHosts = {
-      "chat.workhorse.private" = {
-        serverAliases = [ "chat.ingolf-wagner.de" ];
-        locations."/" = {
-          proxyWebsockets = true;
-          proxyPass = "http://${containerAddress}:8065";
-        };
-      };
-    };
-  };
-
-}
-

configurations.nix

@@ -1,36 +0,0 @@
-{ nixpkgs, home-manager, nixpkgs-unstable, sops-nix, doom-emacs-nix }:
-let nixosSystem = nixpkgs.lib.nixosSystem;
-in {
-
-  sterni = nixosSystem {
-    system = "x86_64-linux";
-    modules = [
-      ./configs/sterni/configuration.nix
-      home-manager.nixosModules.home-manager
-      {
-        home-manager.users.mainUser = {
-          imports = [ doom-emacs-nix.hmModule ];
-        };
-        home-manager.useGlobalPkgs = true;
-        home-manager.useUserPackages = true;
-      }
-      sops-nix.nixosModules.sops
-      { sops.defaultSopsFile = ./secrets/sterni.yaml; }
-      ({ pkgs, ... }: {
-        # defined overlays injected by the nixflake
-        nixpkgs.overlays = [
-          (_self: _super: {
-            # we assign the overlay created before to the overlays of nixpkgs.
-            unstable = nixpkgs-unstable.legacyPackages.${pkgs.system};
-          })
-        ];
-
-        # overlay included (todo?)
-        # nixpkgs.overlays = [ (import <mozilla-overlay/rust-overlay.nix>) ];
-
-        # imports of modules
-        # imports = [ <backup-module> <krops-lib> <cluster-module> <modules> ];
-      })
-    ];
-  };
-}

flake.lock

@@ -1,179 +1,12 @@
 {
   "nodes": {
-    "doom-emacs": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1626604817,
-        "narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=",
-        "owner": "hlissner",
-        "repo": "doom-emacs",
-        "rev": "46732c0adaef147144418f9f284ca6b1183ab96f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hlissner",
-        "ref": "develop",
-        "repo": "doom-emacs",
-        "type": "github"
-      }
-    },
-    "doom-emacs-nix": {
-      "inputs": {
-        "doom-emacs": "doom-emacs",
-        "doom-snippets": "doom-snippets",
-        "emacs-overlay": "emacs-overlay",
-        "emacs-so-long": "emacs-so-long",
-        "evil-markdown": "evil-markdown",
-        "evil-org-mode": "evil-org-mode",
-        "evil-quick-diff": "evil-quick-diff",
-        "explain-pause-mode": "explain-pause-mode",
-        "flake-utils": "flake-utils",
-        "nix-straight": "nix-straight",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "nose": "nose",
-        "ob-racket": "ob-racket",
-        "org": "org",
-        "org-contrib": "org-contrib",
-        "org-yt": "org-yt",
-        "php-extras": "php-extras",
-        "revealjs": "revealjs",
-        "rotate-text": "rotate-text"
-      },
-      "locked": {
-        "lastModified": 1627398156,
-        "narHash": "sha256-Ru1aV3NuIFXAsvUE3de8KR7xDZOo1GCBJdsWKJn+Ebw=",
-        "owner": "vlaci",
-        "repo": "nix-doom-emacs",
-        "rev": "fee14d217b7a911aad507679dafbeaa8c1ebf5ff",
-        "type": "github"
-      },
-      "original": {
-        "owner": "vlaci",
-        "repo": "nix-doom-emacs",
-        "type": "github"
-      }
-    },
-    "doom-snippets": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1625547004,
-        "narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=",
-        "owner": "hlissner",
-        "repo": "doom-snippets",
-        "rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hlissner",
-        "repo": "doom-snippets",
-        "type": "github"
-      }
-    },
-    "emacs-overlay": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1626972035,
-        "narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=",
-        "owner": "nix-community",
-        "repo": "emacs-overlay",
-        "rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "emacs-overlay",
-        "type": "github"
-      }
-    },
-    "emacs-so-long": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1575031854,
-        "narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
-        "owner": "hlissner",
-        "repo": "emacs-so-long",
-        "rev": "ed666b0716f60e8988c455804de24b55919e71ca",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hlissner",
-        "repo": "emacs-so-long",
-        "type": "github"
-      }
-    },
-    "evil-markdown": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1626852210,
-        "narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
-        "owner": "Somelauw",
-        "repo": "evil-markdown",
-        "rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Somelauw",
-        "repo": "evil-markdown",
-        "type": "github"
-      }
-    },
-    "evil-org-mode": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1607203864,
-        "narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
-        "owner": "hlissner",
-        "repo": "evil-org-mode",
-        "rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hlissner",
-        "repo": "evil-org-mode",
-        "type": "github"
-      }
-    },
-    "evil-quick-diff": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1575189609,
-        "narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
-        "owner": "rgrinberg",
-        "repo": "evil-quick-diff",
-        "rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
-        "type": "github"
-      },
-      "original": {
-        "owner": "rgrinberg",
-        "repo": "evil-quick-diff",
-        "type": "github"
-      }
-    },
-    "explain-pause-mode": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1595842060,
-        "narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
-        "owner": "lastquestion",
-        "repo": "explain-pause-mode",
-        "rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
-        "type": "github"
-      },
-      "original": {
-        "owner": "lastquestion",
-        "repo": "explain-pause-mode",
-        "type": "github"
-      }
-    },
     "flake-utils": {
       "locked": {
-        "lastModified": 1623875721,
+        "lastModified": 1597053966,
-        "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
+        "narHash": "sha256-f9lbPS/GJ1His8fsDqM6gfa8kSqREU4eKiMCS5hrKg4=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
+        "rev": "ec20f52e2ff61e9c36c2b894b62fc1b4bd04c71b",
         "type": "github"
       },
       "original": {
@@ -182,47 +15,9 @@
         "type": "github"
       }
     },
-    "flake-utils_2": {
-      "locked": {
-        "lastModified": 1631561581,
-        "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "home-manager": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1631573611,
-        "narHash": "sha256-u2E/wstadWNcn6vOIoK1xY86QPOzzBZQfT1FbePfdaI=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "7d9ba15214004c979d2c8733f8be12ce6502cf8a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "release-21.05",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
     "krops": {
       "inputs": {
-        "flake-utils": [
+        "flake-utils": "flake-utils",
-          "flake-utils"
-        ],
         "nixpkgs": [
           "nixpkgs"
         ]
@@ -241,23 +36,6 @@
         "type": "github"
       }
     },
-    "nix-straight": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1621543597,
-        "narHash": "sha256-E/m2Hrw2og//CfOCOWe2yapYC01Tqhozn4YMPYJsC3o=",
-        "owner": "vlaci",
-        "repo": "nix-straight.el",
-        "rev": "8e84d04f10b2298de856b2b8b9a0d13abc91b5ca",
-        "type": "github"
-      },
-      "original": {
-        "owner": "vlaci",
-        "ref": "v2.2.0",
-        "repo": "nix-straight.el",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1632418649,
@@ -274,176 +52,11 @@
         "type": "github"
       }
     },
-    "nixpkgs-unstable": {
-      "locked": {
-        "lastModified": 1632411313,
-        "narHash": "sha256-lekODc44lVo9/0EwGiX6LoEt2KhiPdcfNopealMJ7n4=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "51bcdc4cdaac48535dabf0ad4642a66774c609ed",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1625223284,
-        "narHash": "sha256-jjLcDSU1rRiJb+n3uez23XAa7kbnPcGZTa6jIKh1GMQ=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "357d2c8f6087685fe35cb1889a005a4dd4cce7b8",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nose": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1400604510,
-        "narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
-        "owner": "emacsattic",
-        "repo": "nose",
-        "rev": "f8528297519eba911696c4e68fa88892de9a7b72",
-        "type": "github"
-      },
-      "original": {
-        "owner": "emacsattic",
-        "repo": "nose",
-        "type": "github"
-      }
-    },
-    "ob-racket": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1584656173,
-        "narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
-        "owner": "xchrishawk",
-        "repo": "ob-racket",
-        "rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
-        "type": "github"
-      },
-      "original": {
-        "owner": "xchrishawk",
-        "repo": "ob-racket",
-        "type": "github"
-      }
-    },
-    "org": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1627155762,
-        "narHash": "sha256-XS1eA6P0ePabdrnUNe5lN19EA9dfK615gMGObr9wfBQ=",
-        "owner": "emacs-straight",
-        "repo": "org-mode",
-        "rev": "c9dfed48a607c7f6524f1c6480f09cf61a5d6237",
-        "type": "github"
-      },
-      "original": {
-        "owner": "emacs-straight",
-        "repo": "org-mode",
-        "type": "github"
-      }
-    },
-    "org-contrib": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1623339452,
-        "narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=",
-        "ref": "master",
-        "rev": "fc81309cf6756607a836f93049a9393c2967c4e0",
-        "revCount": 2599,
-        "type": "git",
-        "url": "https://git.sr.ht/~bzg/org-contrib"
-      },
-      "original": {
-        "type": "git",
-        "url": "https://git.sr.ht/~bzg/org-contrib"
-      }
-    },
-    "org-yt": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1527381913,
-        "narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
-        "owner": "TobiasZawada",
-        "repo": "org-yt",
-        "rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
-        "type": "github"
-      },
-      "original": {
-        "owner": "TobiasZawada",
-        "repo": "org-yt",
-        "type": "github"
-      }
-    },
-    "php-extras": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1573312690,
-        "narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
-        "owner": "arnested",
-        "repo": "php-extras",
-        "rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
-        "type": "github"
-      },
-      "original": {
-        "owner": "arnested",
-        "repo": "php-extras",
-        "type": "github"
-      }
-    },
-    "revealjs": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1625811744,
-        "narHash": "sha256-Y67nVqcovn2PbHXmWOFWMq10Qz2ZIRyyWEO6qsZLbIM=",
-        "owner": "hakimel",
-        "repo": "reveal.js",
-        "rev": "b18f12d964ef80bd9ffb061aae48ff4c15fb43ad",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hakimel",
-        "repo": "reveal.js",
-        "type": "github"
-      }
-    },
     "root": {
       "inputs": {
-        "doom-emacs-nix": "doom-emacs-nix",
-        "flake-utils": "flake-utils_2",
-        "home-manager": "home-manager",
         "krops": "krops",
         "nixpkgs": "nixpkgs",
-        "nixpkgs-unstable": "nixpkgs-unstable",
+        "secrets": "secrets"
-        "secrets": "secrets",
-        "sops-nix": "sops-nix"
-      }
-    },
-    "rotate-text": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1322962747,
-        "narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
-        "owner": "debug-ito",
-        "repo": "rotate-text.el",
-        "rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
-        "type": "github"
-      },
-      "original": {
-        "owner": "debug-ito",
-        "repo": "rotate-text.el",
-        "type": "github"
       }
     },
     "secrets": {
@@ -457,24 +70,6 @@
         "path": "/home/palo/dev/secrets",
         "type": "path"
       }
-    },
-    "sops-nix": {
-      "inputs": {
-        "nixpkgs": "nixpkgs_2"
-      },
-      "locked": {
-        "lastModified": 1632485730,
-        "narHash": "sha256-+anQTUUHxdpjLnTWqk9TJhWRYMI+1F2iVZKCq8SH4hg=",
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "rev": "64235a958b9ceedf98a3212c13b0dea3a504598f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Mic92",
-        "repo": "sops-nix",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -7,47 +7,24 @@
       url = "path:/home/palo/dev/secrets";
       flake = false;
     };
-    sops-nix.url = "github:Mic92/sops-nix";
-    flake-utils.url = "github:numtide/flake-utils";
     nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05";
-    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
-    doom-emacs-nix = {
-      url = "github:vlaci/nix-doom-emacs";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-    home-manager = {
-      url = "github:nix-community/home-manager/release-21.05";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
     krops = {
       url = "github:Mic92/krops";
-      inputs.flake-utils.follows = "flake-utils";
       inputs.nixpkgs.follows = "nixpkgs";
     };
   };
 
-  outputs = { self, sops-nix, nixpkgs, home-manager, krops, flake-utils
+  outputs = { self, nixpkgs, krops, secrets, ... }:
-    , doom-emacs-nix, nixpkgs-unstable, secrets, ... }:
-    (flake-utils.lib.eachSystem [ "x86_64-linux" ] (system:
     let
-
+      system = "x86_64-linux";
       pkgs = nixpkgs.legacyPackages.${system};
       writeCommand = krops.packages.${system}.writeCommand;
-
     in {
-
       # deploy like this:
       #  nix run ".#deploy.sterni"
-        apps.deploy = pkgs.callPackage ./krops.nix {
+      apps.${system}.deploy = pkgs.callPackage ./nixos/krops.nix {
         inherit writeCommand secrets;
         lib = krops.lib;
       };
-
-      })) // {
-        nixosConfigurations = import ./configurations.nix {
-          inherit nixpkgs home-manager nixpkgs-unstable sops-nix doom-emacs-nix;
     };
-
-      };
-
 }

krops.nix

@@ -1,96 +0,0 @@
-{ pkgs, writeCommand, lib, secrets }:
-let
-
-  # command that ensures we use flake.nix during switch
-  command = targetPath:
-    let
-      commandLine =
-        "TMPDIR=/tmp nixos-rebuild switch --flake ${targetPath} -L --keep-going";
-    in ''
-      echo '${commandLine}'
-      nix-shell \
-       -E "with import <nixpkgs> {}; mkShell { buildInputs = [ git (nixos { nix.package = nixFlakes; }).nixos-rebuild ]; }" \
-       --run '${commandLine}'
-    '';
-
-  #secrets = name: {
-  #  secrets.pass = {
-  #    dir = toString ~/.password-store;
-  #    name = "krops/${name}/secrets";
-  #  };
-  #  common_secrets.pass = {
-  #    dir = toString ~/.password-store;
-  #    name = "krops/common_secrets";
-  #  };
-  #};
-
-  #desktopSecrets = {
-  #  desktop_secrets.pass = {
-  #    dir = toString ~/.password-store;
-  #    name = "krops/desktop_secrets";
-  #  };
-  #};
-
-  source = {
-    secrets.file = "${secrets}/secrets";
-    assets.file = toString ./assets;
-    private_assets.pass = {
-      dir = toString ~/.password-store;
-      name = "krops/private_assets";
-    };
-    configs.file = toString ./configs;
-    library.file = toString ./library;
-    modules.file = toString ./modules;
-    pkgs.file = toString ./pkgs;
-    system.file = toString ./system;
-    "flake.nix".file = toString ./flake.nix;
-    "flake.lock".file = toString ./flake.lock;
-    "configurations.nix".file = toString ./configurations.nix;
-    #mqtt.file = toString ./mqtt;
-
-    #backup-module.file = toString ~/dev/backup;
-    backup-module.git = {
-      url = "https://git.ingolf-wagner.de/nix-modules/backup.git";
-      ref = "1.3.3";
-    };
-
-    #kops-lib.file = toString ~/dev/krops-lib;
-    krops-lib.git = {
-      url = "https://git.ingolf-wagner.de/nix-modules/krops.git";
-      ref = "1.0.3";
-    };
-
-    #cluster-module.file = toString ~/dev/cluster-module;
-    cluster-module.git = {
-      url = "https://git.ingolf-wagner.de/nix-modules/cluster.git";
-      ref = "1.2.0";
-    };
-
-  };
-
-in {
-  sterni = let
-    system = writeCommand "/bin/system" {
-      source = lib.evalSource [ source ];
-      force = true;
-      target = lib.mkTarget "root@sterni.private/var/krops";
-      inherit command;
-    };
-    network = writeCommand "/bin/secrets" {
-      source = lib.evalSource [{
-        system-connections.pass = {
-          dir = toString ~/.password-store;
-          name = "krops/desktop_secrets/network-manager/system-connections";
-        };
-      }];
-      force = true;
-      target = lib.mkTarget "root@sterni.private/etc/NetworkManager";
-    };
-  in pkgs.writers.writeBash "/bin/sterni" ''
-    #echo "deploy network secerts"
-    #${network}/bin/secrets
-
-    echo "deploy system"
-    ${system}/bin/system
-  '';
-}

nixos/configs/sterni/configuration.nix

@@ -14,6 +14,7 @@
 
   ];
 
+  sops.defaultSopsFile = ../../secrets/sterni.yaml;
   networking.hostName = "sterni";
 
   system.custom.wifi.interfaces = [ "wlp3s0" ];