add pepe

flake.nix

@@ -76,6 +76,13 @@
       system = "x86_64-linux";
       pkgs = nixpkgs.legacyPackages.${system};
       writeCommand = krops.packages.${system}.writeCommand;
+
+      pullNetworkPasswords = pkgs.writers.writeBashBin "pull-network-passwords" ''
+        echo "download network passwords from $1"
+      '';
+      pushNetworkPasswords = pkgs.writers.writeBashBin "push-network-passwords" ''
+        echo "push network passwords to $1"
+      '';
     in
     {
       # deployment
@@ -95,73 +102,89 @@
       };
 
       # colmena
-      devShell.x86_64-linux =
+      devShell.${system} =
         pkgs.mkShell {
-          buildInputs = [ colmena.packages.${system}.colmena ];
+          buildInputs = [
+            colmena.packages.${system}.colmena
+            pushNetworkPasswords
+            pullNetworkPasswords
+            nixpkgs-fmt.defaultPackage.${system}
+          ];
         };
 
-      colmena = {
-
-        meta = {
-          nixpkgs = import nixpkgs {
-            system = "x86_64-linux";
-            overlays = [
-              (_self: _super: {
-                # we assign the overlay created before to the overlays of nixpkgs.
-                unstable = nixpkgs-unstable.legacyPackages.${pkgs.system};
-                polygon-art = polygon-art.packages.${pkgs.system};
-              })
-
+      colmena =
+        let
+          sopsModule = name: { lib, ... }: {
+            sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml";
+            imports = [
+              sops-nix.nixosModules.sops
             ];
           };
-          specialArgs = {
-            inherit private_assets;
-          };
-        };
+        in
+        {
 
-        sterni = { name, nodes, pkgs, ... }: {
-          deployment = {
-            buildOnTarget = true;
-            targetHost = "sterni.private";
-            keys = {
-              "onion_id_pepe".text = "yolo";
+          meta = {
+            nixpkgs = import nixpkgs {
+              system = "x86_64-linux";
+              overlays = [
+                (_self: _super: {
+                  # we assign the overlay created before to the overlays of nixpkgs.
+                  unstable = nixpkgs-unstable.legacyPackages.${pkgs.system};
+                  polygon-art = polygon-art.packages.${pkgs.system};
+                })
+              ];
+            };
+            specialArgs = {
+              inherit private_assets;
             };
           };
 
-          imports = [
-            ./nixos/configs/sterni/configuration.nix
-            sops-nix.nixosModules.sops
-            cluster-module.nixosModules.tinc
-            grocy-scanner.nixosModule
-            home-manager.nixosModules.home-manager
-          ];
-
-          # todo
-          sops.defaultSopsFile = "${secrets}/secrets/sterni.yaml";
-
-          nix = {
-            # no channesl needed this way
-            nixPath = [ "nixpkgs=${pkgs.path}" ];
-            # make flakes available
-            package = pkgs.nixUnstable;
-            extraOptions = ''
-              experimental-features = nix-command flakes
-            '';
-          };
-          home-manager.useGlobalPkgs = true;
-          home-manager.useUserPackages = true;
-          home-manager.users.mainUser = {
+          defaults = { name, pkgs, ... }: {
+            deployment.buildOnTarget = true;
+            nix = {
+              # no channesl needed this way
+              nixPath = [ "nixpkgs=${pkgs.path}" ];
+              # make flakes available
+              package = pkgs.nixUnstable;
+              extraOptions = ''
+                experimental-features = nix-command flakes
+              '';
+            };
+            environment.systemPackages = [
+              nixpkgs-fmt.defaultPackage."x86_64-linux"
+            ];
             imports = [
-              doom-emacs-nix.hmModule
-              home-manager-utils.hmModule
+              cluster-module.nixosModules.tinc
+              (sopsModule name)
+              home-manager.nixosModules.home-manager
+            ];
+            home-manager.useGlobalPkgs = true;
+            home-manager.useUserPackages = true;
+          };
+
+          sterni = { name, nodes, pkgs, ... }: {
+            deployment.targetHost = "${name}.private";
+            imports = [
+              ./nixos/configs/${name}/configuration.nix
+              grocy-scanner.nixosModule
+            ];
+            home-manager.users.mainUser = {
+              imports = [
+                doom-emacs-nix.hmModule
+                home-manager-utils.hmModule
+              ];
+            };
+          };
+
+          pepe = { name, nodes, pkgs, ... }: {
+            deployment.targetHost = "${name}.private";
+            imports = [
+              ./nixos/configs/${name}/configuration.nix
+              grocy-scanner.nixosModule
             ];
           };
-          environment.systemPackages = [
-            nixpkgs-fmt.defaultPackage."x86_64-linux"
-          ];
 
         };
-      };
     };
 }
 

nixos/configs/pepe/configuration.nix

@@ -13,12 +13,12 @@
     ./tinc.nix
     #./wifi-access-point.nix
     #./lan.nix
-    ./dms.nix
+    #./dms.nix
     ./borg.nix
-    ./mpd.nix
+    #./mpd.nix
     ./grocy.nix
     ./taskwarrior-pushover.nix
-    ./neo4j.nix
+    #./neo4j.nix
 
   ];
 

nixos/configs/pepe/mail-fetcher.nix

@@ -681,7 +681,7 @@ in
       '';
     };
   systemd.timers.fetchmail = {
-    enable = true;
+    enable = false;
     # timerConfig.OnCalendar = " *-*-* *:00:00";
     timerConfig.OnCalendar = "*:0/10";
     wantedBy = [ "multi-user.target" ];

nixos/system/server/default.nix

@@ -4,7 +4,7 @@
     ../../system/all
     ./netdata.nix
     ./initssh.nix
-    ./graylog-exporter.nix
+    #./graylog-exporter.nix
     ./prometheus-exporters.nix
     ./packages.nix
   ];