From 25e7ba5c331dfc6874fcd49915c1b92f7848eda0 Mon Sep 17 00:00:00 2001 From: Max Date: Tue, 7 Mar 2023 01:25:57 +0100 Subject: [PATCH] modules: use new hosts style --- modules/enterprise/default.nix | 4 ++-- modules/fail2ban/default.nix | 4 ++-- modules/hyprspace/default.nix | 20 ++++++++++---------- modules/maintenance/default.nix | 2 -- modules/motd/default.nix | 4 ++-- modules/nix-config/server.nix | 4 ++-- modules/nix-register-flakes/default.nix | 8 ++++---- modules/ssh/default.nix | 8 ++++---- modules/sss/default.nix | 4 ++-- modules/system-info/default.nix | 4 ++-- modules/tested/default.nix | 4 ++-- 11 files changed, 32 insertions(+), 34 deletions(-) diff --git a/modules/enterprise/default.nix b/modules/enterprise/default.nix index da4aa9c..33de9b5 100644 --- a/modules/enterprise/default.nix +++ b/modules/enterprise/default.nix @@ -1,8 +1,8 @@ -{ config, hosts, lib, tools, ... }: +{ config, depot, lib, tools, ... }: let orgDomain = tools.meta.domain; orgRealm = lib.toUpper orgDomain; - host = hosts.${config.networking.hostName} or null; + host = depot.reflection; in { krb5 = { enable = true; diff --git a/modules/fail2ban/default.nix b/modules/fail2ban/default.nix index 96c9c6a..e184bd9 100644 --- a/modules/fail2ban/default.nix +++ b/modules/fail2ban/default.nix @@ -1,4 +1,4 @@ -{ config, hosts, ... }: +{ config, depot, ... }: { services.fail2ban = { enable = true; @@ -10,7 +10,7 @@ ''; ignoreIP = [ "10.0.0.0/8" - hosts.${config.networking.hostName}.interfaces.primary.addr + depot.reflection.interfaces.primary.addr ]; bantime-increment = { enable = true; diff --git a/modules/hyprspace/default.nix b/modules/hyprspace/default.nix index 6444f83..8f442e4 100644 --- a/modules/hyprspace/default.nix +++ b/modules/hyprspace/default.nix @@ -1,23 +1,23 @@ -{ pkgs, inputs, lib, hosts, config, ... }: +{ pkgs, depot, lib, config, ... }: let inherit (config.networking) hostName; - inherit (inputs.self.packages.${pkgs.system}) hyprspace; - hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hypr) hosts; + inherit (depot.packages) hyprspace; + hyprspaceCapableNodes = lib.filterAttrs (_: host: host.hyprspace.enable) depot.config.hours; peersFormatted = builtins.mapAttrs (_: x: { - inherit (x.hypr) id; - routes = map (net: { inherit net; }) ((x.hypr.routes or []) ++ [ "${x.hypr.addr}/32" ]); + inherit (x.hyprspace) id; + routes = map (net: { inherit net; }) ((x.hyprspace.routes or []) ++ [ "${x.hyprspace.addr}/32" ]); }) hyprspaceCapableNodes; peersFiltered = lib.filterAttrs (name: _: name != hostName) peersFormatted; peerList = builtins.attrValues peersFiltered; - myNode = hosts.${hostName}; - listenPort = myNode.hypr.listenPort or 8001; + myNode = depot.reflection; + listenPort = myNode.hyprspace.listenPort or 8001; interfaceConfig = pkgs.writeText "hyprspace.yml" (builtins.toJSON { interface = { name = "hyprspace"; listen_port = listenPort; - inherit (myNode.hypr) id; - address = "${myNode.hypr.addr}/24"; + inherit (myNode.hyprspace) id; + address = "${myNode.hyprspace.addr}/24"; private_key = "@HYPRSPACEPRIVATEKEY@"; }; peers = peerList; @@ -26,7 +26,7 @@ let privateKeyFile = config.age.secrets.hyprspace-key.path; runConfig = "/run/hyprspace.yml"; in { - networking.hosts = lib.mapAttrs' (k: v: lib.nameValuePair v.hypr.addr [k "${k}.hypr"]) hyprspaceCapableNodes; + networking.hosts = lib.mapAttrs' (k: v: lib.nameValuePair v.hyprspace.addr [k "${k}.hypr"]) hyprspaceCapableNodes; age.secrets.hyprspace-key = { file = ../../secrets/hyprspace-key- + "${hostName}.age"; mode = "0400"; diff --git a/modules/maintenance/default.nix b/modules/maintenance/default.nix index a5955a5..7246e7f 100644 --- a/modules/maintenance/default.nix +++ b/modules/maintenance/default.nix @@ -1,5 +1,3 @@ -{ inputs, pkgs, ... }: - { systemd.targets.maintenance = { unitConfig.AllowIsolate = true; diff --git a/modules/motd/default.nix b/modules/motd/default.nix index dee78b9..be403a6 100644 --- a/modules/motd/default.nix +++ b/modules/motd/default.nix @@ -1,4 +1,4 @@ -{ config, inputs, pkgs, ... }: +{ config, depot, pkgs, ... }: { users.motd = builtins.readFile ./motd.txt; environment.interactiveShellInit = let @@ -40,7 +40,7 @@ echo -e " █ ''${BGREEN}(✓)''${CO} ''${BWHITE}You are using a genuine Private Void™ system.''${CO}" echo " █" echo -e " █ ''${BWHITE}OS Version....:''${CO} NixOS ''${CAB}${config.system.nixos.version}''${CO}" - echo -e " █ ''${BWHITE}Configuration.:''${CO} ''${CAB}${inputs.self.rev or "\${BRED}(✘)\${CO}\${BWHITE} Dirty"}''${CO}" + echo -e " █ ''${BWHITE}Configuration.:''${CO} ''${CAB}${depot.rev or "\${BRED}(✘)\${CO}\${BWHITE} Dirty"}''${CO}" echo -e " █ ''${BWHITE}Uptime........:''${CO} $(${uptime} -p | ${util "cut"} -d ' ' -f2- | GREP_COLORS='mt=01;35' ${grep} --color=always '[0-9]*')" echo -e " █ ''${BWHITE}SSH Logins....:''${CO} There are currently ''${CAB}$(${countUsers})''${CO} users logged in on ''${CAB}$(${countSessions})''${CO} sessions" ) diff --git a/modules/nix-config/server.nix b/modules/nix-config/server.nix index 6378177..914a681 100644 --- a/modules/nix-config/server.nix +++ b/modules/nix-config/server.nix @@ -1,8 +1,8 @@ -{ pkgs, lib, config, inputs, tools, ... }: +{ pkgs, lib, config, depot, tools, ... }: { nix = { - package = inputs.nix-super.packages.${pkgs.system}.default; + package = depot.inputs.nix-super.packages.default; settings = { trusted-users = [ "root" "@wheel" "@admins" ]; diff --git a/modules/nix-register-flakes/default.nix b/modules/nix-register-flakes/default.nix index 7b698f9..12a0d6e 100644 --- a/modules/nix-register-flakes/default.nix +++ b/modules/nix-register-flakes/default.nix @@ -1,6 +1,6 @@ -{ inputs, ... }: +{ depot, ... }: -with inputs; +with depot.inputs; { nix.nixPath = [ "repl=/etc/nixos/flake-channels/system/repl.nix" @@ -8,13 +8,13 @@ with inputs; ]; nix.registry = { - system.flake = self; + system.flake = depot; nixpkgs.flake = nixpkgs; default.flake = nixpkgs; }; environment.etc = { - "nixos/flake-channels/system".source = inputs.self; + "nixos/flake-channels/system".source = depot; "nixos/flake-channels/nixpkgs".source = nixpkgs; }; } diff --git a/modules/ssh/default.nix b/modules/ssh/default.nix index 57d87fd..161237b 100644 --- a/modules/ssh/default.nix +++ b/modules/ssh/default.nix @@ -1,8 +1,8 @@ -{ hosts, lib, ... }: +{ depot, lib, ... }: let - filtered = lib.filterAttrs (_: host: host ? ssh) hosts; - idCapable = lib.filterAttrs (_: host: host.ssh ? id) filtered; - configCapable = lib.filterAttrs (_: host: host.ssh ? extraConfig) filtered; + filtered = lib.filterAttrs (_: host: host.ssh.enable) depot.config.hours; + idCapable = lib.filterAttrs (_: host: host.ssh.id.publicKey != null) filtered; + configCapable = lib.filterAttrs (_: host: host.ssh.extraConfig != "") filtered; sshHosts = lib.mapAttrs (_: host: host.ssh.id) idCapable; sshExtras = lib.mapAttrsToList (_: host: host.ssh.extraConfig) configCapable; diff --git a/modules/sss/default.nix b/modules/sss/default.nix index 86e1645..43de8eb 100644 --- a/modules/sss/default.nix +++ b/modules/sss/default.nix @@ -1,9 +1,9 @@ -{ config, lib, hosts, tools, utils, ... }: +{ config, lib, depot, tools, utils, ... }: let inherit (tools.meta) domain; inherit (tools) identity; inherit (config.networking) hostName; - inherit (hosts.${hostName}) enterprise interfaces; + inherit (depot.reflection) enterprise interfaces; toINI = content: lib.generators.toINI {} (iniFilter content); diff --git a/modules/system-info/default.nix b/modules/system-info/default.nix index 1269f44..af865d4 100644 --- a/modules/system-info/default.nix +++ b/modules/system-info/default.nix @@ -1,5 +1,5 @@ -{ inputs, ... }: +{ depot, ... }: { - system.configurationRevision = inputs.self.rev or null; + system.configurationRevision = depot.rev or null; } diff --git a/modules/tested/default.nix b/modules/tested/default.nix index 619b724..ce33617 100644 --- a/modules/tested/default.nix +++ b/modules/tested/default.nix @@ -1,4 +1,4 @@ -{ config, inputs, lib, pkgs, ... }: +{ config, depot, lib, pkgs, ... }: with lib; { @@ -9,5 +9,5 @@ with lib; default = []; }; }; - config.system.extraDependencies = map (name: inputs.self.checks.${pkgs.system}.${name}) config.tested.requiredChecks; + config.system.extraDependencies = map (name: depot.checks.${name}) config.tested.requiredChecks; }