use clan facts for syncthing

This commit is contained in:
Ingolf Wagner 2024-06-02 20:50:17 +02:00
parent 4a5c162641
commit f7b7637396
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 142 additions and 49 deletions

View file

@ -142,6 +142,28 @@
"url": "https://git.clan.lol/clan/clan-core" "url": "https://git.clan.lol/clan/clan-core"
} }
}, },
"clan-fact-generators": {
"inputs": {
"clan-core": [
"clan-core"
],
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1717333086,
"narHash": "sha256-tCxNISnHTsW8ie9Q7ZUmKpgvrZQ3yrM1OH2qiZz8h1Q=",
"owner": "mrvandalo",
"repo": "clan-fact-generators",
"rev": "9ebc512d865d157050b81c4d15e41403197dc447",
"type": "github"
},
"original": {
"owner": "mrvandalo",
"repo": "clan-fact-generators",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -202,6 +224,24 @@
} }
}, },
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1715865404,
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixpkgs" "nixpkgs"
@ -221,7 +261,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": { "flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixos-anywhere", "nixos-anywhere",
@ -343,7 +383,7 @@
}, },
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1717052710, "lastModified": 1717052710,
@ -404,7 +444,7 @@
"landingpage": { "landingpage": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1709213960, "lastModified": 1709213960,
@ -454,10 +494,10 @@
"nixos-anywhere": { "nixos-anywhere": {
"inputs": { "inputs": {
"disko": "disko_2", "disko": "disko_2",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"nixos-images": "nixos-images_2", "nixos-images": "nixos-images_2",
"nixos-stable": "nixos-stable", "nixos-stable": "nixos-stable",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
@ -576,11 +616,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1716509168, "lastModified": 1716948383,
"narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=", "narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bfb7a882678e518398ce9a31a881538679f6f092", "rev": "ad57eef4ef0659193044870c731987a6df5cf56b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -670,7 +710,35 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1714640452,
"narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1716509168,
"narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bfb7a882678e518398ce9a31a881538679f6f092",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1645527175, "lastModified": 1645527175,
"narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=", "narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=",
@ -685,7 +753,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1702310776, "lastModified": 1702310776,
"narHash": "sha256-T2KJpsNjAytMsP6+xrhXfAb2KTG6Yt2D4hTTugpsJFo=", "narHash": "sha256-T2KJpsNjAytMsP6+xrhXfAb2KTG6Yt2D4hTTugpsJFo=",
@ -701,7 +769,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1716769173, "lastModified": 1716769173,
"narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=", "narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=",
@ -717,7 +785,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_5": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1701263465, "lastModified": 1701263465,
"narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=", "narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=",
@ -733,7 +801,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1632855891, "lastModified": 1632855891,
"narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=", "narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=",
@ -747,7 +815,7 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs_7": { "nixpkgs_8": {
"locked": { "locked": {
"lastModified": 1716968199, "lastModified": 1716968199,
"narHash": "sha256-vYbYTeWF4YMKYu6lHLQH+OagpubB9aZ1+V630h6qJr4=", "narHash": "sha256-vYbYTeWF4YMKYu6lHLQH+OagpubB9aZ1+V630h6qJr4=",
@ -766,7 +834,7 @@
"overviewer": { "overviewer": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_6",
"pandoc_template": "pandoc_template" "pandoc_template": "pandoc_template"
}, },
"locked": { "locked": {
@ -823,7 +891,7 @@
"polygon-art": { "polygon-art": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_6" "nixpkgs": "nixpkgs_7"
}, },
"locked": { "locked": {
"lastModified": 1688766095, "lastModified": 1688766095,
@ -871,14 +939,15 @@
"root": { "root": {
"inputs": { "inputs": {
"clan-core": "clan-core", "clan-core": "clan-core",
"flake-parts": "flake-parts", "clan-fact-generators": "clan-fact-generators",
"flake-parts": "flake-parts_2",
"home-manager": "home-manager", "home-manager": "home-manager",
"home-manager-utils": "home-manager-utils", "home-manager-utils": "home-manager-utils",
"kmonad": "kmonad", "kmonad": "kmonad",
"landingpage": "landingpage", "landingpage": "landingpage",
"nixos-anywhere": "nixos-anywhere", "nixos-anywhere": "nixos-anywhere",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_5",
"nixpkgs-legacy_2105": "nixpkgs-legacy_2105", "nixpkgs-legacy_2105": "nixpkgs-legacy_2105",
"nixpkgs-legacy_2205": "nixpkgs-legacy_2205", "nixpkgs-legacy_2205": "nixpkgs-legacy_2205",
"nixpkgs-legacy_2211": "nixpkgs-legacy_2211", "nixpkgs-legacy_2211": "nixpkgs-legacy_2211",
@ -938,7 +1007,7 @@
}, },
"srvos": { "srvos": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_7" "nixpkgs": "nixpkgs_8"
}, },
"locked": { "locked": {
"lastModified": 1717058062, "lastModified": 1717058062,

View file

@ -9,7 +9,10 @@
flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
clan-fact-generators.url = "github:mrvandalo/clan-fact-generators"; clan-fact-generators = {
url = "github:mrvandalo/clan-fact-generators";
inputs.clan-core.follows = "clan-core";
};
clan-core = { clan-core = {
url = "git+https://git.clan.lol/clan/clan-core"; url = "git+https://git.clan.lol/clan/clan-core";
@ -183,7 +186,7 @@
imports = modules ++ defaultModules ++ [ imports = modules ++ defaultModules ++ [
./nixos/machines/${name}/configuration.nix ./nixos/machines/${name}/configuration.nix
# clan core configuration # clan core configuration
({ pkgs, ... }: { ({ pkgs, lib, ... }: {
imports = [ imports = [
# this magically adds all my machines in the zero tier network # this magically adds all my machines in the zero tier network
# and makes the controller accept them. # and makes the controller accept them.
@ -194,7 +197,9 @@
# generate ssh host keys with facts # generate ssh host keys with facts
inputs.clan-core.clanModules.sshd inputs.clan-core.clanModules.sshd
]; ];
clan.static-hosts.topLevelDomain = "gummybear"; documentation.nixos.enable = true;
clan.static-hosts.topLevelDomain = "bear";
clan.static-hosts.excludeHosts = lib.mkForce [ ];
environment.systemPackages = [ environment.systemPackages = [
clan-core.packages.${pkgs.system}.clan-cli clan-core.packages.${pkgs.system}.clan-cli
]; ];

View file

@ -1,11 +1,34 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, factsGenerator, ... }:
with lib; { with lib; {
networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
clanCore.facts.services.syncthing = factsGenerator.syncthing { };
services.syncthing = { services.syncthing = {
guiAddress = lib.mkDefault "${config.networking.hostName}.private:8384"; guiAddress = lib.mkDefault "${config.networking.hostName}.${ config.clan.static-hosts.topLevelDomain }:8384";
overrideDevices = lib.mkDefault true; overrideDevices = lib.mkDefault true;
key = config.clanCore.facts.services.syncthing.secret."syncthing.key".path;
cert = config.clanCore.facts.services.syncthing.secret."syncthing.cert".path;
settings.devices = settings.devices =
let let
machineDir = "${config.clanCore.clanDir}/machines";
#machinesFileSet = builtins.readDir machineDir;
#machines = lib.mapAttrsToList (name: _: name) machinesFileSet;
syncthingPub = machine:
lib.removeSuffix "\n"
(builtins.readFile "${machineDir}/${machine}/facts/syncthing.pub");
zerotierIp = machine: (builtins.readFile "${machineDir}/${machine}/facts/zerotier-ip");
clanDevice = machine: {
"${machine}" = {
name = machine;
id = syncthingPub machine;
addresses = [ "tcp://[${zerotierIp machine}]:22000" ];
};
};
device = name: id: { device = name: id: {
"${name}" = { "${name}" = {
name = name; name = name;
@ -14,23 +37,23 @@ with lib; {
}; };
}; };
in in
{ { }
"robi" = { #{
name = "robi"; # "orbi" = {
id = "B6P22RF-5BC2LTZ-6GHVWRZ-5D3OLXC-D66E45Y-JEB3WYT-ZQ442WZ-5FFAMQ7"; # name = "orbi";
addresses = [ "tcp://144.76.13.147:22000" ]; # id = "5U5ZP6R-SUQO5SY-WICWWLZ-HPHQBM5-P27YSU6-66TWIBK-XLX4X5N-4O6TVAC";
}; # addresses = [ "tcp://95.216.66.212:22000" ];
"orbi" = { # };
name = "orbi"; #}
id = "5U5ZP6R-SUQO5SY-WICWWLZ-HPHQBM5-P27YSU6-66TWIBK-XLX4X5N-4O6TVAC";
addresses = [ "tcp://95.216.66.212:22000" ]; #// (device "mobi" )
}; #// (device "bobi" )
} // (clanDevice "orbi")
// (device "mobi" "NGI7UN6-MR2YPYI-L7DGN3I-JFZU2N3-RJBJV6K-2VZVQSJ-PWLZYOK-PXZYRAF") // (clanDevice "cream")
// (device "bobi" "FOJ3D27-W5OJMQR-7S77A3V-AS5BCG2-CIGWVMP-UBSVQNN-QZLHAIZ-IO7GKAE") // (clanDevice "cherry")
// (device "cream" "MQVKATH-THTPET5-KYAT7XX-BOIIIBA-P7OOF7Y-IWAUN53-S2VNVOY-BZWTGQK") // (clanDevice "chungus")
// (device "cherry" "WX2HZQ7-WAOL6YR-QJYFS2L-SVUJQB4-SKHZHVE-J7XCWLQ-6GRATXX-VJUMOAH")
// (device "chungus" "GZGW2YW-6RRUPDN-LFAOATC-56FS7LH-YC7R32N-LVA5JUX-3LSBYOX-BFR67QZ")
// (device "iPhone" "APFS6SA-VVTARXU-3WHHRZG-TE5N3T4-X4IC76V-T67EKZ6-NLGP3TW-EZYXYAH") // (device "iPhone" "APFS6SA-VVTARXU-3WHHRZG-TE5N3T4-X4IC76V-T67EKZ6-NLGP3TW-EZYXYAH")
// (device "iPad" "JDDNVYD-H3WMSSS-WZ745KL-7QEGN6O-ZSGQLQU-YBR2L42-7FO7KJ4-BXPYDA5") // (device "iPad" "JDDNVYD-H3WMSSS-WZ745KL-7QEGN6O-ZSGQLQU-YBR2L42-7FO7KJ4-BXPYDA5")
// { // {
@ -52,7 +75,7 @@ with lib; {
books = { books = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/books"; path = lib.mkDefault "/tmp/books";
devices = [ "chungus" "robi" "cream" "cherry" ]; devices = [ "chungus" "cream" "cherry" ];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "2"; params.keep = "2";
@ -61,12 +84,12 @@ with lib; {
desktop = { desktop = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/desktop"; path = lib.mkDefault "/tmp/desktop";
devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ]; devices = [ "chungus" "cream" "cherry" ];
}; };
finance = { finance = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/finance"; path = lib.mkDefault "/tmp/finance";
devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ]; devices = [ "chungus" "cream" "cherry" ];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
@ -95,7 +118,7 @@ with lib; {
password-store = { password-store = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store"; path = lib.mkDefault "/tmp/password-store";
devices = [ "chungus" "cream" "mobi" "bobi" "cherry" ]; devices = [ "chungus" "cream" "cherry" ];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
@ -105,7 +128,7 @@ with lib; {
#nextcloud_backup = { #nextcloud_backup = {
# enable = lib.mkDefault false; # enable = lib.mkDefault false;
# path = lib.mkDefault "/tmp/lost-fotos"; # path = lib.mkDefault "/tmp/lost-fotos";
# devices = [ "chungus" "robi" ]; # devices = [ "chungus" ];
# versioning = { # versioning = {
# type = "simple"; # type = "simple";
# params.keep = "2"; # params.keep = "2";

View file

@ -1,7 +1,5 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
#sops.secrets.syncthing_cert = { };
#sops.secrets.syncthing_key = { };
services.syncthing = { services.syncthing = {
enable = true; enable = true;
@ -9,8 +7,6 @@
user = "palo"; user = "palo";
dataDir = "/home/palo/.syncthing"; dataDir = "/home/palo/.syncthing";
configDir = "/home/palo/.syncthing"; configDir = "/home/palo/.syncthing";
#cert = toString config.sops.secrets.syncthing_cert.path;
#key = toString config.sops.secrets.syncthing_key.path;
overrideFolders = true; overrideFolders = true;
settings.folders = { settings.folders = {