steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

chore: cleanup and refactor

Browse source
This commit is contained in:
steveej 2024-08-22 14:33:00 +02:00
parent a105680d8b
commit a21c2f544c
8 changed files with 35 additions and 460 deletions
Download patch file Download diff file Expand all files Collapse all files

12
flake.nix
View file

@ -185,22 +185,23 @@
# "justyna-p300"
# "srv0-dmz0"
# # "router0-dmz0"
# "router0-dmz0"
"router0-ifog"
"router0-hosthatch"
"sj-srv1"
"hstk0"
# "retro"
]);
flake.lib = {
inherit withSystem;
};
# this makes nixos-anywhere work
flake.nixosConfigurations = let
colmenaHive = (inputs.colmena.lib.makeHive self.outputs.colmena).nodes;
router0-dmz0 = (inputs.get-flake ./nix/os/devices/router0-dmz0).nixosConfigurations;
retro = (inputs.get-flake ./nix/os/devices/retro).nixosConfigurations;
in (
colmenaHive
// {
@ -210,9 +211,6 @@
# nixos-rebuild switch --flake .\#router0-dmz0_cross --build-host localhost --target-host root@192.168.10.1
router0-dmz0_cross = router0-dmz0.cross;
# nixos-install --flake .\#retro_cross
retro_cross = retro.cross;
steveej-x13s_cross = (inputs.get-flake ./nix/os/devices/steveej-x13s).nixosConfigurations.cross;
steveej-x13s-rmvbl_cross = (inputs.get-flake ./nix/os/devices/steveej-x13s-rmvbl).nixosConfigurations.cross;
}

2
nix/os/devices/steveej-x13s/default.nix
View file

@ -30,7 +30,7 @@
# nixpkgs.pkgs = nodeFlake.inputs.nixpkgs.legacyPackages.${system};
imports = [
(repoFlake + "/nix/os/devices/${nodeName}/configuration.nix")
./configuration.nix
];
};
}

54
nix/os/devices/steveej-x13s/flake.nix
View file

@ -34,24 +34,31 @@
nixpkgs,
...
}: let
targetPlatform = "aarch64-linux";
buildPlatform = "x86_64-linux";
nativeSystem = "aarch64-linux";
nodeName = "steveej-x13s";
pkgs = nixpkgs.legacyPackages.${nativeSystem};
pkgsCross = import self.inputs.nixpkgs {
system = "x86_64-linux";
crossSystem = {
config = "aarch64-unknown-linux-gnu";
};
};
repoFlake = get-flake ../../../..;
mkNixosConfiguration = {
nodeName,
extraModules ? [],
...
} @ attrs:
mkNixosConfiguration = {extraModules ? [], ...} @ attrs:
nixpkgs.lib.nixosSystem (
nixpkgs.lib.attrsets.recursiveUpdate
attrs
{
specialArgs =
(import ./default.nix {
system = targetPlatform;
inherit nodeName repoFlake;
system = nativeSystem;
inherit nodeName;
inherit repoFlake;
repoFlakeWithSystem = repoFlake.lib.withSystem;
nodeFlake = self;
})
.meta
@ -60,7 +67,13 @@
modules =
[
# repoFlake.nixosModules.hardware-x13s
./configuration.nix
# flake registry
{
nixpkgs.overlays = builtins.attrValues self.overlays;
nix.registry.nixpkgs.flake = nixpkgs;
}
]
++ extraModules;
}
@ -70,30 +83,21 @@
inherit mkNixosConfiguration;
};
nixosConfigurations = let
nodeName = "steveej-x13s";
in {
overlays = {};
nixosConfigurations = {
native = mkNixosConfiguration {
inherit nodeName;
system = targetPlatform;
extraModules = [
./configuration.nix
];
system = nativeSystem;
};
cross = mkNixosConfiguration {
inherit nodeName;
extraModules = [
./configuration.nix
{
nixpkgs.buildPlatform.system = buildPlatform;
nixpkgs.hostPlatform.system = targetPlatform;
nixpkgs.buildPlatform.system = "x86_64-linux";
nixpkgs.hostPlatform.system = nativeSystem;
}
];
};
};
packages.${targetPlatform} = {
};
};
}

1
nix/os/devices/voodoo/.gitignore vendored
View file

@ -1 +0,0 @@
result

85
nix/os/devices/voodoo/configuration.nix
View file

@ -1,85 +0,0 @@
{
repoFlake,
pkgs,
lib,
config,
nodeFlake,
nodeName,
localDomainName,
system,
...
}: let
in {
imports = [
# repoFlake.inputs.sops-nix.nixosModules.sops
# ../../profiles/common/user.nix
{
nix.nixPath = [
"nixpkgs=${pkgs.path}"
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.max-jobs = lib.mkDefault "auto";
nix.settings.cores = lib.mkDefault 0;
}
{
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
# users.commonUsers = {
# enable = true;
# enableNonRoot = false;
# rootPasswordFile = config.sops.secrets.passwords-root.path;
# };
users.users.root.password = "voodoo";
# sops.defaultSopsFile = ../../../../secrets/${nodeName}/secrets.yaml;
# sops.defaultSopsFormat = "yaml";
# sops.secrets.passwords-root.neededForUsers = true;
}
];
networking = {
hostName = nodeName;
useNetworkd = false;
useDHCP = true;
firewall.enable = false;
};
system.stateVersion = "23.11";
# We exclude a number of modules included in the default list. A non-insignificant amount do
# not apply to embedded hardware like this, so simply skip the defaults.
#
# Custom kernel is required as a lot of MTK components misbehave when built as modules.
# They fail to load properly, leaving the system without working ethernet, they'll oops on
# remove. MTK-DSA parts and PCIe were observed to do this.
# boot.initrd.includeDefaultModules = false;
# boot.initrd.kernelModules = ["rfkill" "cfg80211" "mt7915e"];
# boot.initrd.availableKernelModules = ["nvme"];
hardware.enableRedistributableFirmware = false;
# Extlinux compatible with custom uboot patches in this repo, which also provide unique
# MAC addresses instead of the non-unique one that gets used by a lot of MTK devices...
boot.loader.grub.enable = true;
environment.systemPackages = [
# pkgs.pciutils
];
fileSystems."/".label = "voodoo_root";
boot.loader.grub.devices = [
"/dev/disk/by-id/usb-ST313640_A_20171021-0"
];
}

35
nix/os/devices/voodoo/default.nix
View file

@ -1,35 +0,0 @@
{
system ? "i586-linux",
nodeName,
repoFlake,
nodeFlake,
localDomainName ? "internal",
...
}: {
meta.nodeSpecialArgs.${nodeName} = {
inherit repoFlake nodeName nodeFlake system;
packages' = repoFlake.packages.${system};
nodePackages' = nodeFlake.packages.${system};
inherit localDomainName;
};
meta.nodeNixpkgs.${nodeName} =
import nodeFlake.inputs.nixpkgs.outPath
{
inherit system;
};
${nodeName} = {
deployment.targetHost = "${nodeName}.${localDomainName}";
deployment.replaceUnknownProfiles = true;
# nixpkgs.pkgs = nodeFlake.inputs.nixpkgs.legacyPackages.${system};
imports = [
./configuration.nix
];
networking.hostName = nodeName;
};
}

225
nix/os/devices/voodoo/flake.lock generated
View file

@ -1,225 +0,0 @@
{
"nodes": {
"bpir3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703603768,
"narHash": "sha256-ZViXHNt7ClqNtlRO9iot+LxiSbBvZi/RR+/6Q7W6UV8=",
"owner": "steveej-forks",
"repo": "nixos-bpir3",
"rev": "47cb545b92c136d1482a66b940c4719c40eb5fe3",
"type": "github"
},
"original": {
"owner": "steveej-forks",
"ref": "linux-6.6",
"repo": "nixos-bpir3",
"type": "github"
}
},
"dependencyDagOfSubmodule": {
"inputs": {
"nixpkgs": [
"nixos-nftables-firewall",
"nixpkgs"
]
},
"locked": {
"lastModified": 1656615370,
"narHash": "sha256-IZDqz1aSySoqf1qtVQg+oJMHfC4IlT55Zoa7EkjvPug=",
"owner": "thelegy",
"repo": "nix-dependencyDagOfSubmodule",
"rev": "98eb563d80b35acafbfc1abb9ccee569c1efb19c",
"type": "github"
},
"original": {
"owner": "thelegy",
"repo": "nix-dependencyDagOfSubmodule",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703532766,
"narHash": "sha256-ojjW3cuNmqL5uqDWohwLoO8dYpheM5+AfgsNmGIMwG8=",
"owner": "nix-community",
"repo": "disko",
"rev": "1b191113874dee97796749bb21eac3d84735c70a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"get-flake": {
"locked": {
"lastModified": 1694475786,
"narHash": "sha256-s5wDmPooMUNIAAsxxCMMh9g68AueGg63DYk2hVZJbc8=",
"owner": "ursi",
"repo": "get-flake",
"rev": "ac54750e3b95dab6ec0726d77f440efe6045bec1",
"type": "github"
},
"original": {
"owner": "ursi",
"repo": "get-flake",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703527373,
"narHash": "sha256-AjypRssRtS6F3xkf7rE3/bXkIF2WJOZLbTIspjcE1zM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "80679ea5074ab7190c4cce478c600057cfb5edae",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"hostapd": {
"flake": false,
"locked": {
"lastModified": 1703346062,
"narHash": "sha256-SHSBKIgKc5zEGhKDT2v+yGERTJHf8pe+9ZPUwJBTJKQ=",
"ref": "refs/heads/main",
"rev": "196d6c83b9cb7d298fdc92684dc37115348b159e",
"revCount": 19119,
"type": "git",
"url": "git://w1.fi/hostap.git?branch=main"
},
"original": {
"type": "git",
"url": "git://w1.fi/hostap.git?branch=main"
}
},
"nixos-nftables-firewall": {
"inputs": {
"dependencyDagOfSubmodule": "dependencyDagOfSubmodule",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703279052,
"narHash": "sha256-0rbG/9SwaWtXT7ZuifMq+7wvfxDpZrjr0zdMcM4KK+E=",
"owner": "thelegy",
"repo": "nixos-nftables-firewall",
"rev": "3bf23aeb346e772d157816e6b72a742a6c97db80",
"type": "github"
},
"original": {
"owner": "thelegy",
"repo": "nixos-nftables-firewall",
"type": "github"
}
},
"nixos-stable": {
"locked": {
"lastModified": 1703068421,
"narHash": "sha256-WSw5Faqlw75McIflnl5v7qVD/B3S2sLh+968bpOGrWA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d65bceaee0fb1e64363f7871bc43dc1c6ecad99f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1703255338,
"narHash": "sha256-Z6wfYJQKmDN9xciTwU3cOiOk+NElxdZwy/FiHctCzjU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6df37dc6a77654682fe9f071c62b4242b5342e04",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"openwrt": {
"flake": false,
"locked": {
"lastModified": 1691699580,
"narHash": "sha256-CV+ufXPEr5Nz2O2FBnnuPeHNsFQ7c5s0uW39u/q3cUo=",
"ref": "main",
"rev": "847984c773d819d5579d5abae4b80a4983103ed9",
"revCount": 58166,
"type": "git",
"url": "https://github.com/openwrt/openwrt.git"
},
"original": {
"ref": "main",
"rev": "847984c773d819d5579d5abae4b80a4983103ed9",
"type": "git",
"url": "https://github.com/openwrt/openwrt.git"
}
},
"root": {
"inputs": {
"bpir3": "bpir3",
"disko": "disko",
"get-flake": "get-flake",
"home-manager": "home-manager",
"hostapd": "hostapd",
"nixos-nftables-firewall": "nixos-nftables-firewall",
"nixpkgs": "nixpkgs",
"openwrt": "openwrt",
"srvos": "srvos"
}
},
"srvos": {
"inputs": {
"nixos-stable": "nixos-stable",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1703469109,
"narHash": "sha256-hTQJ9uV43Vt8UXwervEj9mbDoQSN1mD3lwwPChG8jy8=",
"owner": "numtide",
"repo": "srvos",
"rev": "52d07db520046c4775f1047e68a05dcb53bba9ec",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "srvos",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

81
nix/os/devices/voodoo/flake.nix
View file

@ -1,81 +0,0 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
get-flake.url = "github:ursi/get-flake";
disko.inputs.nixpkgs.follows = "nixpkgs";
srvos.url = "github:numtide/srvos";
srvos.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = {
self,
get-flake,
nixpkgs,
...
}: let
targetPlatform = "i686-linux";
buildPlatform = "x86_64-linux";
nodeName = "voodoo";
pkgs = nixpkgs.legacyPackages.${targetPlatform};
pkgsCross = import self.inputs.nixpkgs {
system = buildPlatform;
crossSystem = {
config = "pentium2-unknown-linux-gnu";
};
};
mkNixosConfiguration = {extraModules ? [], ...} @ attrs:
nixpkgs.lib.nixosSystem (
nixpkgs.lib.attrsets.recursiveUpdate
attrs
{
specialArgs =
(import ./default.nix {
system = targetPlatform;
inherit nodeName;
repoFlake = get-flake ../../../..;
nodeFlake = self;
})
.meta
.nodeSpecialArgs
.${nodeName};
modules =
[
./configuration.nix
# flake registry
{
nix.registry.nixpkgs.flake = nixpkgs;
}
{
nixpkgs.overlays = [
(final: previous: {})
];
}
]
++ extraModules;
}
);
in {
nixosConfigurations = {
native = mkNixosConfiguration {
system = targetPlatform;
};
cross = mkNixosConfiguration {
extraModules = [
{
nixpkgs.buildPlatform.system = buildPlatform;
nixpkgs.hostPlatform.system = targetPlatform;
}
];
};
};
};
}