cluster: use new hosts style

cluster/default.nix

@@ -1,6 +1,9 @@
-{ lib, hostName }:
+{ lib, depot, hostName }:
 
 lib.evalModules {
+  specialArgs = {
+    inherit depot;
+  };
   modules = [
     # Arbitrary variables to reference across multiple services
     ./lib/vars
@@ -10,7 +13,6 @@ lib.evalModules {
     ../modules/port-magic
 
     ../tools/inject.nix
-    ./lib/load-hosts.nix
     ./lib/services.nix
     ./lib/inject-nixos-config.nix
     ./lib/port-magic-multi.nix

cluster/inject.nix

@@ -1,8 +1,8 @@
 hostName:
-{ lib, ... }:
+{ depot, lib, ... }:
 
 let
-  cluster = import ./. { inherit lib hostName; };
+  cluster = import ./. { inherit lib depot hostName; };
 in
 
 {

cluster/lib/load-hosts.nix

@@ -1,9 +0,0 @@
-{ config, lib, ... }:
-let
-  hosts = import ../../hosts;
-  self = hosts.${config.vars.hostName};
-  others = lib.filterAttrs (_: host: host != self) hosts;
-in
-{
-  config.vars.hosts = hosts // { inherit self others; };
-}

cluster/services/consul/remote-api.nix

@@ -1,16 +1,14 @@
-{ config, cluster, hosts, lib, tools, ... }:
+{ config, cluster, depot, lib, tools, ... }:
 
 let
   inherit (tools.meta) domain;
-  inherit (config.networking) hostName;
-
-  hyprspaceConfig = hosts.${hostName}.hypr;
+  inherit (depot.reflection) hyprspace;
   frontendDomain = "consul-remote.internal.${domain}";
 in
 
 {
   services.nginx.virtualHosts.${frontendDomain} = tools.nginx.vhosts.proxy "http://127.0.0.1:8500" // {
-    listenAddresses = lib.singleton hyprspaceConfig.addr;
+    listenAddresses = lib.singleton hyprspace.addr;
     enableACME = false;
     useACMEHost = "internal.${domain}";
   };
@@ -20,13 +18,13 @@ in
     mode = "external";
     definition = {
       name = "consul-remote";
-      address = hyprspaceConfig.addr;
+      address = hyprspace.addr;
       port = 443;
       checks = [
         {
           name = "Frontend";
           id = "service:consul-remote:frontend";
-          http = "https://${hyprspaceConfig.addr}/v1/status/leader";
+          http = "https://${hyprspace.addr}/v1/status/leader";
           tls_server_name = frontendDomain;
           interval = "60s";
         }

cluster/services/dns/authoritative.nix

@@ -1,7 +1,7 @@
-{ cluster, config, hosts, lib, tools, ... }:
+{ cluster, config, depot, lib, tools, ... }:
 
 let
-  inherit (hosts.${config.networking.hostName}) interfaces;
+  inherit (depot.reflection) interfaces;
   inherit (tools.meta) domain;
 
   patroni = cluster.config.links.patroni-pg-access;

cluster/services/dns/coredns.nix

@@ -1,10 +1,10 @@
-{ config, hosts, inputs, lib, pkgs, tools, ... }:
+{ config, depot, lib, pkgs, tools, ... }:
 
 let
-  inherit (hosts.${config.networking.hostName}) interfaces;
+  inherit (depot.reflection) interfaces;
   inherit (tools.meta) domain;
   inherit (config.links) localRecursor;
-  inherit (inputs.self.packages.${pkgs.system}) stevenblack-hosts;
+  inherit (depot.packages) stevenblack-hosts;
   dot = config.security.acme.certs."securedns.${domain}";
 in
 

cluster/services/dns/default.nix

@@ -1,7 +1,7 @@
-{ config, ... }:
+{ config, depot, ... }:
 
 let
-  inherit (config.vars) hosts;
+  inherit (depot.config) hours;
 in
 {
   vars.pdns-api-key-secret = {
@@ -10,7 +10,7 @@ in
   };
   links = {
     dnsResolver = {
-      ipv4 = hosts.VEGAS.interfaces.vstub.addr;
+      ipv4 = hours.VEGAS.interfaces.vstub.addr;
       port = 53;
     };
     powerdns-api = {

cluster/services/hercules-ci-multi-agent/common.nix

@@ -1,4 +1,4 @@
-{ config, inputs, lib, pkgs, ... }:
+{ config, depot, lib, pkgs, ... }:
 
 let
   mapAgents = lib.flip lib.mapAttrs config.services.hercules-ci-agents;
@@ -17,7 +17,7 @@ let
 in
 {
   imports = [
-    inputs.hercules-ci-agent.nixosModules.multi-agent-service
+    depot.inputs.hercules-ci-agent.nixosModules.multi-agent-service
   ];
 
   age.secrets = mergeMap (name: _: {

cluster/services/hercules-ci-multi-agent/orgs/max.nix

@@ -1,8 +1,8 @@
-{ config, lib, inputs, pkgs, ... }:
+{ config, lib, depot, pkgs, ... }:
 
 {
   services.hercules-ci-agents.max = {
-    package = lib.mkForce inputs.self.packages.${pkgs.system}.hercules-ci-agent;
+    package = lib.mkForce depot.packages.hercules-ci-agent;
     settings = {
       clusterJoinTokenPath = config.age.secrets.hci-token-max.path;
       binaryCachesPath = config.age.secrets.hci-cache-config-max.path;

cluster/services/hercules-ci-multi-agent/orgs/nixpak.nix

@@ -1,8 +1,8 @@
-{ config, lib, inputs, pkgs, ... }:
+{ config, lib, depot, pkgs, ... }:
 
 {
   services.hercules-ci-agents.nixpak = {
-    package = lib.mkForce inputs.self.packages.${pkgs.system}.hercules-ci-agent;
+    package = lib.mkForce depot.packages.hercules-ci-agent;
     settings = {
       clusterJoinTokenPath = config.age.secrets.hci-token-nixpak.path;
       binaryCachesPath = config.age.secrets.hci-cache-config-nixpak.path;

cluster/services/hercules-ci-multi-agent/orgs/private-void.nix

@@ -1,8 +1,8 @@
-{ config, lib, inputs, pkgs, ... }:
+{ config, lib, depot, pkgs, ... }:
 
 {
   services.hercules-ci-agents.private-void = {
-    package = lib.mkForce inputs.self.packages.${pkgs.system}.hercules-ci-agent;
+    package = lib.mkForce depot.packages.hercules-ci-agent;
     settings = {
       clusterJoinTokenPath = config.age.secrets.hci-token-private-void.path;
       binaryCachesPath = config.age.secrets.hci-cache-config-private-void.path;

cluster/services/ipfs/cluster.nix

@@ -1,4 +1,4 @@
-{ config, depot, inputs, lib, pkgs, tools, ... }:
+{ config, depot, lib, pkgs, tools, ... }:
 
 let
   inherit (tools.meta) domain;
@@ -24,7 +24,7 @@ in {
 
   services.ipfs-cluster = {
     enable = true;
-    package = inputs.self.packages.${pkgs.system}.ipfs-cluster;
+    package = depot.packages.ipfs-cluster;
     consensus = "crdt";
     dataDir = "/srv/storage/ipfs/cluster";
     secretFile = config.age.secrets.ipfs-cluster-secret.path;

cluster/services/ipfs/default.nix

@@ -1,8 +1,8 @@
-{ config, lib, tools, ... }:
+{ config, depot, lib, tools, ... }:
 
 {
   hostLinks = lib.genAttrs config.services.ipfs.nodes.node (name: let
-    host = config.vars.hosts.${name};
+    host = depot.reflection;
     intf = host.interfaces.primary;
     self = config.hostLinks.${name}.ipfs;
   in {

cluster/services/ipfs/gateway.nix

@@ -1,4 +1,4 @@
-{ config, hosts, tools, ... }:
+{ config, depot, tools, ... }:
 with tools.nginx;
 let
   inherit (tools.meta) domain;
@@ -64,7 +64,7 @@ in
         extraConfig = ''
           access_log off;
           auth_request off;
-          allow ${hosts.VEGAS.interfaces.primary.addr};
+          allow ${depot.config.hours.VEGAS.interfaces.primary.addr};
           deny all;
         '';
       };

cluster/services/ipfs/node.nix

@@ -1,4 +1,4 @@
-{ cluster, config, depot, inputs, lib, hosts, pkgs, tools, ... }:
+{ cluster, config, depot, lib, pkgs, tools, ... }:
 let
   inherit (tools.meta) domain;
   cfg = config.services.ipfs;
@@ -21,7 +21,7 @@ in
 
   services.ipfs = {
     enable = true;
-    package = inputs.self.packages.${pkgs.system}.ipfs;
+    package = depot.packages.ipfs;
     startWhenNeeded = false;
     autoMount = true;
     autoMigrate = false;
@@ -40,7 +40,7 @@ in
     extraFlags = [ "--migrate" ];
     extraConfig = {
       Bootstrap = [
-        "/ip4/${hosts.VEGAS.interfaces.primary.addr}/tcp/${toString ipfsPort}/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo"
+        "/ip4/${depot.config.hours.VEGAS.interfaces.primary.addr}/tcp/${toString ipfsPort}/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo"
         "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa"
         "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb"
         "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN"

cluster/services/websites/host.nix

@@ -1,9 +1,9 @@
-{ config, inputs, lib, pkgs, tools, ... }:
+{ config, depot, lib, pkgs, tools, ... }:
 
 let
   importWebsites = expr: import expr {
     tools = tools.nginx;
-    packages = inputs.self.packages.${pkgs.system};
+    inherit (depot) packages;
   };
 
   websites = tools.nginx.mappers.mapSubdomains (importWebsites ./websites.nix);

cluster/services/wireguard/default.nix

@@ -1,7 +1,7 @@
-{ config, ... }:
+{ config, depot, ... }:
 
 let
-  inherit (config.vars) hosts;
+  inherit (depot.config) hours;
 
   meshNet = rec {
     netAddr = "10.1.1.0";
@@ -9,7 +9,7 @@ let
     cidr = "${netAddr}/${toString prefix}";
   };
 
-  getExtAddr = host: host.interfaces.primary.addrPublic or host.interfaces.primary.addr;
+  getExtAddr = host: host.interfaces.primary.addrPublic;
 in
 {
   vars = {
@@ -22,7 +22,7 @@ in
   };
   links = {
     mesh-node-checkmate = {
-      ipv4 = getExtAddr hosts.checkmate;
+      ipv4 = getExtAddr hours.checkmate;
       extra = {
         meshIp = "10.1.1.32";
         inherit meshNet;
@@ -32,17 +32,17 @@ in
       };
     };
     mesh-node-VEGAS = {
-      ipv4 = getExtAddr hosts.VEGAS;
+      ipv4 = getExtAddr hours.VEGAS;
       extra = {
         meshIp = "10.1.1.5";
         inherit meshNet;
         pubKey = "NpeB8O4erGTas1pz6Pt7qtY9k45YV6tcZmvvA4qXoFk=";
         privKeyFile = ./mesh-keys/VEGAS.age;
-        extraRoutes = [ "${hosts.VEGAS.interfaces.vstub.addr}/32" "10.10.0.0/16" ];
+        extraRoutes = [ "${hours.VEGAS.interfaces.vstub.addr}/32" "10.10.0.0/16" ];
       };
     };
     mesh-node-prophet = {
-      ipv4 = getExtAddr hosts.prophet;
+      ipv4 = getExtAddr hours.prophet;
       extra = {
         meshIp = "10.1.1.9";
         inherit meshNet;