diff --git a/flake.nix b/flake.nix index 534031f..a0dad3b 100644 --- a/flake.nix +++ b/flake.nix @@ -76,6 +76,13 @@ system = "x86_64-linux"; pkgs = nixpkgs.legacyPackages.${system}; writeCommand = krops.packages.${system}.writeCommand; + + pullNetworkPasswords = pkgs.writers.writeBashBin "pull-network-passwords" '' + echo "download network passwords from $1" + ''; + pushNetworkPasswords = pkgs.writers.writeBashBin "push-network-passwords" '' + echo "push network passwords to $1" + ''; in { # deployment @@ -95,73 +102,89 @@ }; # colmena - devShell.x86_64-linux = + devShell.${system} = pkgs.mkShell { - buildInputs = [ colmena.packages.${system}.colmena ]; + buildInputs = [ + colmena.packages.${system}.colmena + pushNetworkPasswords + pullNetworkPasswords + nixpkgs-fmt.defaultPackage.${system} + ]; }; - colmena = { - - meta = { - nixpkgs = import nixpkgs { - system = "x86_64-linux"; - overlays = [ - (_self: _super: { - # we assign the overlay created before to the overlays of nixpkgs. - unstable = nixpkgs-unstable.legacyPackages.${pkgs.system}; - polygon-art = polygon-art.packages.${pkgs.system}; - }) - + colmena = + let + sopsModule = name: { lib, ... }: { + sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml"; + imports = [ + sops-nix.nixosModules.sops ]; }; - specialArgs = { - inherit private_assets; - }; - }; + in + { - sterni = { name, nodes, pkgs, ... }: { - deployment = { - buildOnTarget = true; - targetHost = "sterni.private"; - keys = { - "onion_id_pepe".text = "yolo"; + meta = { + nixpkgs = import nixpkgs { + system = "x86_64-linux"; + overlays = [ + (_self: _super: { + # we assign the overlay created before to the overlays of nixpkgs. + unstable = nixpkgs-unstable.legacyPackages.${pkgs.system}; + polygon-art = polygon-art.packages.${pkgs.system}; + }) + ]; + }; + specialArgs = { + inherit private_assets; }; }; - imports = [ - ./nixos/configs/sterni/configuration.nix - sops-nix.nixosModules.sops - cluster-module.nixosModules.tinc - grocy-scanner.nixosModule - home-manager.nixosModules.home-manager - ]; - - # todo - sops.defaultSopsFile = "${secrets}/secrets/sterni.yaml"; - - nix = { - # no channesl needed this way - nixPath = [ "nixpkgs=${pkgs.path}" ]; - # make flakes available - package = pkgs.nixUnstable; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.mainUser = { + defaults = { name, pkgs, ... }: { + deployment.buildOnTarget = true; + nix = { + # no channesl needed this way + nixPath = [ "nixpkgs=${pkgs.path}" ]; + # make flakes available + package = pkgs.nixUnstable; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + environment.systemPackages = [ + nixpkgs-fmt.defaultPackage."x86_64-linux" + ]; imports = [ - doom-emacs-nix.hmModule - home-manager-utils.hmModule + cluster-module.nixosModules.tinc + (sopsModule name) + home-manager.nixosModules.home-manager + ]; + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + }; + + sterni = { name, nodes, pkgs, ... }: { + deployment.targetHost = "${name}.private"; + imports = [ + ./nixos/configs/${name}/configuration.nix + grocy-scanner.nixosModule + ]; + home-manager.users.mainUser = { + imports = [ + doom-emacs-nix.hmModule + home-manager-utils.hmModule + ]; + }; + }; + + pepe = { name, nodes, pkgs, ... }: { + deployment.targetHost = "${name}.private"; + imports = [ + ./nixos/configs/${name}/configuration.nix + grocy-scanner.nixosModule ]; }; - environment.systemPackages = [ - nixpkgs-fmt.defaultPackage."x86_64-linux" - ]; }; - }; }; } diff --git a/nixos/configs/pepe/configuration.nix b/nixos/configs/pepe/configuration.nix index 6dad1a4..2538390 100644 --- a/nixos/configs/pepe/configuration.nix +++ b/nixos/configs/pepe/configuration.nix @@ -13,12 +13,12 @@ ./tinc.nix #./wifi-access-point.nix #./lan.nix - ./dms.nix + #./dms.nix ./borg.nix - ./mpd.nix + #./mpd.nix ./grocy.nix ./taskwarrior-pushover.nix - ./neo4j.nix + #./neo4j.nix ]; diff --git a/nixos/configs/pepe/mail-fetcher.nix b/nixos/configs/pepe/mail-fetcher.nix index 289880b..61942ef 100644 --- a/nixos/configs/pepe/mail-fetcher.nix +++ b/nixos/configs/pepe/mail-fetcher.nix @@ -681,7 +681,7 @@ in ''; }; systemd.timers.fetchmail = { - enable = true; + enable = false; # timerConfig.OnCalendar = " *-*-* *:00:00"; timerConfig.OnCalendar = "*:0/10"; wantedBy = [ "multi-user.target" ]; diff --git a/nixos/system/server/default.nix b/nixos/system/server/default.nix index 67f8f09..ae22d25 100644 --- a/nixos/system/server/default.nix +++ b/nixos/system/server/default.nix @@ -4,7 +4,7 @@ ../../system/all ./netdata.nix ./initssh.nix - ./graylog-exporter.nix + #./graylog-exporter.nix ./prometheus-exporters.nix ./packages.nix ];