From b382999a70f49cea657ac576a42786588faba9f5 Mon Sep 17 00:00:00 2001 From: Ryan Yin Date: Sat, 9 Mar 2024 01:32:58 +0800 Subject: [PATCH] refactor: Use haumea for filesystem-based module system for flake outputs refactor: Use hyphen(`-`) for variable names & folder names(except Python), replace all unserscore(`_`) with hyphen(`-`). --- Justfile | 46 +-- README.md | 4 +- constants.nix | 17 - flake.lock | 22 ++ flake.nix | 68 +--- home/base/core.nix | 4 +- home/base/desktop/cloud/default.nix | 24 +- home/base/server/git.nix | 7 +- home/darwin/core.nix | 4 +- home/darwin/ssh.nix | 4 +- home/linux/base/shell.nix | 4 +- .../README.md | 0 .../default.nix | 6 +- .../disko-fs.nix | 0 .../hardware-configuration.nix | 0 .../impermanence.nix | 0 .../README.md | 0 .../apple-set-os-loader.nix | 0 .../brcm-firmware/default.nix | 0 .../brcm-firmware/firmware.tar.xz | Bin .../brcm-firmware/flake.lock | 0 .../brcm-firmware/flake.nix | 0 .../default.nix | 6 +- .../hardware-configuration.nix | 5 +- .../home.nix | 0 .../README.md | 0 .../default.nix | 6 +- .../disko-fs.nix | 0 .../hardware-configuration.nix | 0 .../impermanence.nix | 0 .../{darwin_fern => darwin-fern}/default.nix | 0 hosts/{darwin_fern => darwin-fern}/home.nix | 0 .../default.nix | 0 .../home.nix | 0 .../default.nix | 12 +- .../tailscale.nix | 0 hosts/{idols_ai => idols-ai}/README.md | 0 hosts/{idols_ai => idols-ai}/cifs-mount.nix | 4 +- hosts/{idols_ai => idols-ai}/default.nix | 6 +- .../hardware-configuration.nix | 4 +- hosts/{idols_ai => idols-ai}/home.nix | 0 hosts/{idols_ai => idols-ai}/impermanence.nix | 0 hosts/{idols_ai => idols-ai}/secureboot.nix | 0 .../README.md | 0 .../config.dae | 0 .../dae.nix | 0 .../default.nix | 4 +- .../router.nix | 0 hosts/{idols_kana => idols-kana}/README.md | 0 hosts/{idols_kana => idols-kana}/caddy.nix | 4 +- hosts/{idols_kana => idols-kana}/default.nix | 6 +- .../homepage/README.md | 0 .../homepage/config/bookmarks.yaml | 0 .../homepage/config/docker.yaml | 0 .../homepage/config/images/rolling-girls.png | Bin .../homepage/config/kubernetes.yaml | 0 .../homepage/config/services.yaml | 0 .../homepage/config/settings.yaml | 0 .../homepage/config/widgets.yaml | 0 .../homepage/default.nix | 0 .../oci-containers/dashy/default.nix | 0 .../oci-containers/default.nix | 0 hosts/{idols_kana => idols-kana}/proxy.nix | 0 hosts/{idols_kana => idols-kana}/sftpgo.nix | 0 .../transmission.nix | 6 +- .../uptime-kuma.nix | 0 hosts/{idols_ruby => idols-ruby}/README.md | 0 hosts/{idols_ruby => idols-ruby}/attic.nix | 0 hosts/{idols_ruby => idols-ruby}/caddy.nix | 4 +- hosts/{idols_ruby => idols-ruby}/default.nix | 6 +- .../exporters/default.nix | 0 .../exporters/pve.nix | 0 .../grafana/dashboards.yml | 0 .../grafana/dashboards/README.md | 0 .../homelab/alertmanager-9578_rev4.json | 0 .../node-exporter-full-1860_rev33.json | 0 .../kubernetes/k8s-addons-prometheus.json | 0 .../kubernetes/k8s-addons-trivy-operator.json | 0 .../kubernetes/k8s-system-api-server.json | 0 .../kubernetes/k8s-system-coredns.json | 0 .../kubernetes/k8s-views-global.json | 0 .../kubernetes/k8s-views-namespaces.json | 0 .../kubernetes/k8s-views-nodes.json | 0 .../dashboards/kubernetes/k8s-views-pods.json | 0 .../grafana/datasources.yml | 0 .../grafana/default.nix | 8 +- .../prometheus/README.md | 0 .../alert_rules/coredns_embedded-exporter.yml | 0 .../alert_rules/etcd_embedded-exporter.yml | 0 .../alert_rules/istio_embedded-exporter.yml | 0 .../alert_rules/kubestate-exporter.yml | 0 .../prometheus/alert_rules/node-exporter.yml | 0 .../prometheus/default.nix | 12 +- hosts/{idols_ruby => idols-ruby}/restic.nix | 0 .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 5 +- .../k3s.nix | 4 +- .../default.nix | 7 +- .../k3s.nix | 2 +- .../default.nix | 7 +- .../k3s.nix | 2 +- .../default.nix | 7 +- .../k3s.nix | 2 +- hosts/k8s/lib.nix | 6 +- .../default.nix | 6 +- .../default.nix | 6 +- .../default.nix | 6 +- lib/colmenaSystem.nix | 23 +- lib/default.nix | 2 + lib/macosSystem.nix | 17 +- lib/nixosSystem.nix | 19 +- modules/base.nix | 9 +- modules/darwin/security.nix | 4 +- modules/darwin/users.nix | 6 +- modules/darwin/wm/skhd.nix | 4 +- modules/darwin/wm/yabai.nix | 4 +- modules/nixos/base/remote-building.nix | 4 +- modules/nixos/base/ssh.nix | 4 +- modules/nixos/base/user-group.nix | 14 +- modules/nixos/desktop.nix | 6 +- nixos-installer/flake.nix | 12 +- outputs/aarch64-darwin/default.nix | 30 ++ outputs/aarch64-darwin/src/fern.nix | 35 ++ outputs/aarch64-linux/default.nix | 38 +++ .../aarch64-linux/src/12kingdoms-rakushun.nix | 60 ++++ outputs/aarch64-linux/src/12kingdoms-suzu.nix | 60 ++++ outputs/default.nix | 135 ++++++++ outputs/riscv64-linux/default.nix | 38 +++ .../src/rolling-girls-nozomi.nix | 60 ++++ .../src/rolling-girls-yukina.nix | 60 ++++ outputs/x86_64-darwin/default.nix | 30 ++ outputs/x86_64-darwin/src/harnomica.nix | 36 ++ outputs/x86_64-linux/default.nix | 37 ++ .../x86_64-linux/src/12kindoms-shoukei.nix | 77 +++++ .../x86_64-linux/src/homelab-tailscale-gw.nix | 37 ++ outputs/x86_64-linux/src/idols-ai.nix | 77 +++++ outputs/x86_64-linux/src/idols-aquamarine.nix | 42 +++ outputs/x86_64-linux/src/idols-kana.nix | 42 +++ outputs/x86_64-linux/src/idols-ruby.nix | 45 +++ .../x86_64-linux/src/k3s-prod-1-master-1.nix | 44 +++ .../x86_64-linux/src/k3s-prod-1-master-2.nix | 41 +++ .../x86_64-linux/src/k3s-prod-1-master-3.nix | 41 +++ .../x86_64-linux/src/k3s-prod-1-worker-1.nix | 41 +++ .../x86_64-linux/src/k3s-prod-1-worker-2.nix | 41 +++ .../x86_64-linux/src/k3s-prod-1-worker-3.nix | 41 +++ outputs/x86_64-linux/src/kubevirt-shoryu.nix | 40 +++ outputs/x86_64-linux/src/kubevirt-shushou.nix | 40 +++ outputs/x86_64-linux/src/kubevirt-youko.nix | 40 +++ secrets/darwin.nix | 6 +- secrets/nixos.nix | 6 +- systems/README.md | 11 - systems/colmena.nix | 156 --------- systems/darwin.nix | 34 -- systems/default.nix | 45 --- systems/nixos.nix | 95 ------ systems/vars.nix | 320 ------------------ vars/default.nix | 6 + .../networking.nix | 2 +- 167 files changed, 1570 insertions(+), 955 deletions(-) delete mode 100644 constants.nix rename hosts/{12kingdoms_rakushun => 12kingdoms-rakushun}/README.md (100%) rename hosts/{12kingdoms_rakushun => 12kingdoms-rakushun}/default.nix (91%) rename hosts/{12kingdoms_rakushun => 12kingdoms-rakushun}/disko-fs.nix (100%) rename hosts/{12kingdoms_rakushun => 12kingdoms-rakushun}/hardware-configuration.nix (100%) rename hosts/{12kingdoms_rakushun => 12kingdoms-rakushun}/impermanence.nix (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/README.md (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/apple-set-os-loader.nix (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/brcm-firmware/default.nix (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/brcm-firmware/firmware.tar.xz (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/brcm-firmware/flake.lock (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/brcm-firmware/flake.nix (100%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/default.nix (92%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/hardware-configuration.nix (98%) rename hosts/{12kingdoms_shoukei => 12kingdoms-shoukei}/home.nix (100%) rename hosts/{12kingdoms_suzu => 12kingdoms-suzu}/README.md (100%) rename hosts/{12kingdoms_suzu => 12kingdoms-suzu}/default.nix (90%) rename hosts/{12kingdoms_suzu => 12kingdoms-suzu}/disko-fs.nix (100%) rename hosts/{12kingdoms_suzu => 12kingdoms-suzu}/hardware-configuration.nix (100%) rename hosts/{12kingdoms_suzu => 12kingdoms-suzu}/impermanence.nix (100%) rename hosts/{darwin_fern => darwin-fern}/default.nix (100%) rename hosts/{darwin_fern => darwin-fern}/home.nix (100%) rename hosts/{darwin_harmonica => darwin-harmonica}/default.nix (100%) rename hosts/{darwin_harmonica => darwin-harmonica}/home.nix (100%) rename hosts/{homelab_tailscale_gw => homelab-tailscale-gw}/default.nix (87%) rename hosts/{homelab_tailscale_gw => homelab-tailscale-gw}/tailscale.nix (100%) rename hosts/{idols_ai => idols-ai}/README.md (100%) rename hosts/{idols_ai => idols-ai}/cifs-mount.nix (84%) rename hosts/{idols_ai => idols-ai}/default.nix (93%) rename hosts/{idols_ai => idols-ai}/hardware-configuration.nix (98%) rename hosts/{idols_ai => idols-ai}/home.nix (100%) rename hosts/{idols_ai => idols-ai}/impermanence.nix (100%) rename hosts/{idols_ai => idols-ai}/secureboot.nix (100%) rename hosts/{idols_aquamarine => idols-aquamarine}/README.md (100%) rename hosts/{idols_aquamarine => idols-aquamarine}/config.dae (100%) rename hosts/{idols_aquamarine => idols-aquamarine}/dae.nix (100%) rename hosts/{idols_aquamarine => idols-aquamarine}/default.nix (94%) rename hosts/{idols_aquamarine => idols-aquamarine}/router.nix (100%) rename hosts/{idols_kana => idols-kana}/README.md (100%) rename hosts/{idols_kana => idols-kana}/caddy.nix (96%) rename hosts/{idols_kana => idols-kana}/default.nix (90%) rename hosts/{idols_kana => idols-kana}/homepage/README.md (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/bookmarks.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/docker.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/images/rolling-girls.png (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/kubernetes.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/services.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/settings.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/config/widgets.yaml (100%) rename hosts/{idols_kana => idols-kana}/homepage/default.nix (100%) rename hosts/{idols_kana => idols-kana}/oci-containers/dashy/default.nix (100%) rename hosts/{idols_kana => idols-kana}/oci-containers/default.nix (100%) rename hosts/{idols_kana => idols-kana}/proxy.nix (100%) rename hosts/{idols_kana => idols-kana}/sftpgo.nix (100%) rename hosts/{idols_kana => idols-kana}/transmission.nix (98%) rename hosts/{idols_kana => idols-kana}/uptime-kuma.nix (100%) rename hosts/{idols_ruby => idols-ruby}/README.md (100%) rename hosts/{idols_ruby => idols-ruby}/attic.nix (100%) rename hosts/{idols_ruby => idols-ruby}/caddy.nix (96%) rename hosts/{idols_ruby => idols-ruby}/default.nix (90%) rename hosts/{idols_ruby => idols-ruby}/exporters/default.nix (100%) rename hosts/{idols_ruby => idols-ruby}/exporters/pve.nix (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards.yml (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/README.md (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/homelab/alertmanager-9578_rev4.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/homelab/node-exporter-full-1860_rev33.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-addons-prometheus.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-addons-trivy-operator.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-system-api-server.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-system-coredns.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-views-global.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-views-namespaces.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-views-nodes.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/dashboards/kubernetes/k8s-views-pods.json (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/datasources.yml (100%) rename hosts/{idols_ruby => idols-ruby}/grafana/default.nix (94%) rename hosts/{idols_ruby => idols-ruby}/prometheus/README.md (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/alert_rules/coredns_embedded-exporter.yml (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/alert_rules/etcd_embedded-exporter.yml (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/alert_rules/istio_embedded-exporter.yml (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/alert_rules/kubestate-exporter.yml (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/alert_rules/node-exporter.yml (100%) rename hosts/{idols_ruby => idols-ruby}/prometheus/default.nix (92%) rename hosts/{idols_ruby => idols-ruby}/restic.nix (100%) rename hosts/k8s/{k3s_prod_1_master_1 => k3s-prod-1-master-1}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_master_1 => k3s-prod-1-master-1}/k3s.nix (93%) rename hosts/k8s/{k3s_prod_1_master_2 => k3s-prod-1-master-2}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_master_3 => k3s-prod-1-master-2}/k3s.nix (91%) rename hosts/k8s/{k3s_prod_1_master_3 => k3s-prod-1-master-3}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_master_2 => k3s-prod-1-master-3}/k3s.nix (91%) rename hosts/k8s/{k3s_prod_1_worker_1 => k3s-prod-1-worker-1}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_worker_3 => k3s-prod-1-worker-1}/k3s.nix (85%) rename hosts/k8s/{k3s_prod_1_worker_2 => k3s-prod-1-worker-2}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_worker_1 => k3s-prod-1-worker-2}/k3s.nix (85%) rename hosts/k8s/{k3s_prod_1_worker_3 => k3s-prod-1-worker-3}/default.nix (77%) rename hosts/k8s/{k3s_prod_1_worker_2 => k3s-prod-1-worker-3}/k3s.nix (85%) rename hosts/k8s/{kubevirt_shoryu => kubevirt-shoryu}/default.nix (72%) rename hosts/k8s/{kubevirt_shushou => kubevirt-shoryu}/k3s.nix (98%) rename hosts/k8s/{kubevirt_shushou => kubevirt-shushou}/default.nix (71%) rename hosts/k8s/{kubevirt_youko => kubevirt-shushou}/k3s.nix (98%) rename hosts/k8s/{kubevirt_youko => kubevirt-youko}/default.nix (71%) rename hosts/k8s/{kubevirt_shoryu => kubevirt-youko}/k3s.nix (98%) rename hosts/{rolling_girls_chiaya => rolling-girls-chiaya}/default.nix (90%) rename hosts/{rolling_girls_nozomi => rolling-girls-nozomi}/default.nix (95%) rename hosts/{rolling_girls_yukina => rolling-girls-yukina}/default.nix (95%) create mode 100644 outputs/aarch64-darwin/default.nix create mode 100644 outputs/aarch64-darwin/src/fern.nix create mode 100644 outputs/aarch64-linux/default.nix create mode 100644 outputs/aarch64-linux/src/12kingdoms-rakushun.nix create mode 100644 outputs/aarch64-linux/src/12kingdoms-suzu.nix create mode 100644 outputs/default.nix create mode 100644 outputs/riscv64-linux/default.nix create mode 100644 outputs/riscv64-linux/src/rolling-girls-nozomi.nix create mode 100644 outputs/riscv64-linux/src/rolling-girls-yukina.nix create mode 100644 outputs/x86_64-darwin/default.nix create mode 100644 outputs/x86_64-darwin/src/harnomica.nix create mode 100644 outputs/x86_64-linux/default.nix create mode 100644 outputs/x86_64-linux/src/12kindoms-shoukei.nix create mode 100644 outputs/x86_64-linux/src/homelab-tailscale-gw.nix create mode 100644 outputs/x86_64-linux/src/idols-ai.nix create mode 100644 outputs/x86_64-linux/src/idols-aquamarine.nix create mode 100644 outputs/x86_64-linux/src/idols-kana.nix create mode 100644 outputs/x86_64-linux/src/idols-ruby.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-master-1.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-master-2.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-master-3.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-worker-1.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-worker-2.nix create mode 100644 outputs/x86_64-linux/src/k3s-prod-1-worker-3.nix create mode 100644 outputs/x86_64-linux/src/kubevirt-shoryu.nix create mode 100644 outputs/x86_64-linux/src/kubevirt-shushou.nix create mode 100644 outputs/x86_64-linux/src/kubevirt-youko.nix delete mode 100644 systems/README.md delete mode 100644 systems/colmena.nix delete mode 100644 systems/darwin.nix delete mode 100644 systems/default.nix delete mode 100644 systems/nixos.nix delete mode 100644 systems/vars.nix create mode 100644 vars/default.nix rename systems/vars_networking.nix => vars/networking.nix (99%) diff --git a/Justfile b/Justfile index 391cfbb3..aa43ed8a 100644 --- a/Justfile +++ b/Justfile @@ -11,21 +11,21 @@ set shell := ["nu", "-c"] i3 mode="default": use utils.nu *; \ - nixos-switch ai_i3 {{mode}} + nixos-switch ai-i3 {{mode}} hypr mode="default": use utils.nu *; \ - nixos-switch ai_hyprland {{mode}} + nixos-switch ai-hyprland {{mode}} s-i3 mode="default": use utils.nu *; \ - nixos-switch shoukei_i3 {{mode}} + nixos-switch shoukei-i3 {{mode}} s-hypr mode="default": use utils.nu *; \ - nixos-switch shoukei_hyprland {{mode}} + nixos-switch shoukei-hyprland {{mode}} up: @@ -122,7 +122,7 @@ ruby: kana: colmena apply --on '@kana' --verbose --show-trace -tsgw: +tailscale: colmena apply --on '@tailscale-gw' --verbose --show-trace # pve-aqua: @@ -138,8 +138,8 @@ tsgw: # rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst # # pve-tsgw: -# nom build .#tailscale_gw -# rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-tailscale_gw.vma.zst +# nom build .#tailscale-gw +# rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-tailscale-gw.vma.zst # ############################################################################ @@ -148,33 +148,33 @@ tsgw: # ############################################################################ -k8s: - colmena apply --on '@k8s-*' --verbose --show-trace +k3s: + colmena apply --on '@k3s-*' --verbose --show-trace master: - colmena apply --on '@k8s-prod-master-*' --verbose --show-trace + colmena apply --on '@k3s-prod-1-master-*' --verbose --show-trace worker: - colmena apply --on '@k8s-prod-worker-*' --verbose --show-trace + colmena apply --on '@k3s-prod-1-worker-*' --verbose --show-trace # pve-k8s: -# nom build .#k3s_prod_1_master_1 -# rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_1.vma.zst +# nom build .#k3s-prod-1-master-1 +# rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-1.vma.zst # -# nom build .#k3s_prod_1_master_2 -# rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_2.vma.zst +# nom build .#k3s-prod-1-master-2 +# rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-2.vma.zst # -# nom build .#k3s_prod_1_master_3 -# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_3.vma.zst +# nom build .#k3s-prod-1-master-3 +# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-3.vma.zst # -# nom build .#k3s_prod_1_worker_1 -# rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_1.vma.zst +# nom build .#k3s-prod-1-worker-1 +# rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-1.vma.zst # -# nom build .#k3s_prod_1_worker_2 -# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_2.vma.zst +# nom build .#k3s-prod-1-worker-2 +# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-2.vma.zst # -# nom build .#k3s_prod_1_worker_3 -# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_3.vma.zst +# nom build .#k3s-prod-1-worker-3 +# rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-3.vma.zst # ############################################################################ diff --git a/README.md b/README.md index b1eb8445..7b23f009 100644 --- a/README.md +++ b/README.md @@ -91,7 +91,7 @@ See [./secrets](./secrets) for details. ## How to Deploy this Flake? > :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine :exclamation: It will not succeed.** -> This flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols_ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/default.nix#L77-L91), etc.) which is not suitable for your hardwares, +> This flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols-ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols-ai/default.nix#L77-L91), etc.) which is not suitable for your hardwares, > and requires my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) to deploy. > You may use this repo as a reference to build your own configuration. @@ -104,7 +104,7 @@ For NixOS: ```bash # deploy one of the configuration based on the hostname sudo nixos-rebuild switch --flake .#ai_i3 -# sudo nixos-rebuild switch --flake .#ai_hyprland +# sudo nixos-rebuild switch --flake .#ai-hyprland # deploy via `just`(a command runner with similar syntax to make) & Justfile just i3 # deploy my pc with i3 window manager diff --git a/constants.nix b/constants.nix deleted file mode 100644 index 53da8ed1..00000000 --- a/constants.nix +++ /dev/null @@ -1,17 +0,0 @@ -rec { - # user information - username = "ryan"; - userfullname = "Ryan Yin"; - useremail = "xiaoyin_c@qq.com"; - - allSystemAttrs = { - # linux systems - x64_system = "x86_64-linux"; - riscv64_system = "riscv64-linux"; - aarch64_system = "aarch64-linux"; - #darwin systems - x64_darwin = "x86_64-darwin"; - aarch64_darwin = "aarch64-darwin"; - }; - allSystems = builtins.attrValues allSystemAttrs; -} diff --git a/flake.lock b/flake.lock index d6bed045..6dda0e54 100644 --- a/flake.lock +++ b/flake.lock @@ -568,6 +568,27 @@ "type": "github" } }, + "haumea": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1685133229, + "narHash": "sha256-FePm/Gi9PBSNwiDFq3N+DWdfxFq0UKsVVTJS3cQPn94=", + "owner": "nix-community", + "repo": "haumea", + "rev": "34dd58385092a23018748b50f9b23de6266dffc2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "v0.2.2", + "repo": "haumea", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -1357,6 +1378,7 @@ "daeuniverse": "daeuniverse", "disko": "disko", "doomemacs": "doomemacs", + "haumea": "haumea", "home-manager": "home-manager_2", "hyprland": "hyprland", "impermanence": "impermanence", diff --git a/flake.nix b/flake.nix index d2dc03b2..4a369681 100644 --- a/flake.nix +++ b/flake.nix @@ -8,68 +8,7 @@ # ################################################################################################################## - # The `outputs` function will return all the build results of the flake. - # A flake can have many use cases and different types of outputs, - # parameters in `outputs` are defined in `inputs` and can be referenced by their names. - # However, `self` is an exception, this special parameter points to the `outputs` itself (self-reference) - # The `@` syntax here is used to alias the attribute set of the inputs's parameter, making it convenient to use inside the function. - outputs = inputs @ { - self, - nixpkgs, - pre-commit-hooks, - ... - }: let - constants = import ./constants.nix; - - # `lib.genAttrs [ "foo" "bar" ] (name: "x_" + name)` => `{ foo = "x_foo"; bar = "x_bar"; }` - forEachSystem = func: (nixpkgs.lib.genAttrs constants.allSystems func); - - allSystemConfigurations = import ./systems {inherit self inputs constants;}; - in - allSystemConfigurations - // { - # format the nix code in this flake - # alejandra is a nix formatter with a beautiful output - formatter = forEachSystem ( - system: nixpkgs.legacyPackages.${system}.alejandra - ); - - # pre-commit hooks for nix code - checks = forEachSystem ( - system: { - pre-commit-check = pre-commit-hooks.lib.${system}.run { - src = ./.; - hooks = { - alejandra.enable = true; # formatter - # deadnix.enable = true; # detect unused variable bindings in `*.nix` - # statix.enable = true; # lints and suggestions for Nix code(auto suggestions) - # prettier = { - # enable = true; - # excludes = [".js" ".md" ".ts"]; - # }; - }; - }; - } - ); - devShells = forEachSystem ( - system: let - pkgs = nixpkgs.legacyPackages.${system}; - in { - default = pkgs.mkShell { - packages = with pkgs; [ - # fix https://discourse.nixos.org/t/non-interactive-bash-errors-from-flake-nix-mkshell/33310 - bashInteractive - # fix `cc` replaced by clang, which causes nvim-treesitter compilation error - gcc - ]; - name = "dots"; - shellHook = '' - ${self.checks.${system}.pre-commit-check.shellHook} - ''; - }; - } - ); - }; + outputs = inputs: import ./outputs inputs; # the nixConfig here only affects the flake itself, not the system configuration! # for more information, see: @@ -174,6 +113,11 @@ attic.url = "github:zhaofengli/attic"; + haumea = { + url = "github:nix-community/haumea/v0.2.2"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + ######################## Some non-flake repositories ######################################### # AstroNvim is an aesthetic and feature-rich neovim config. diff --git a/home/base/core.nix b/home/base/core.nix index d13a2aea..68c0284d 100644 --- a/home/base/core.nix +++ b/home/base/core.nix @@ -1,8 +1,8 @@ -{username, ...}: { +{myvars, ...}: { # Home Manager needs a bit of information about you and the # paths it should manage. home = { - inherit username; + inherit (myvars) username; # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage diff --git a/home/base/desktop/cloud/default.nix b/home/base/desktop/cloud/default.nix index 6cfba4da..52b47634 100644 --- a/home/base/desktop/cloud/default.nix +++ b/home/base/desktop/cloud/default.nix @@ -5,20 +5,17 @@ }: { home.packages = with pkgs; [ - # general tools - packer # machine image builder - # infrastructure as code - pulumi - pulumictl - tf2pulumi - crd2pulumi - pulumiPackages.pulumi-random - pulumiPackages.pulumi-command - pulumiPackages.pulumi-aws-native - pulumiPackages.pulumi-language-go - pulumiPackages.pulumi-language-python - pulumiPackages.pulumi-language-nodejs + # pulumi + # pulumictl + # tf2pulumi + # crd2pulumi + # pulumiPackages.pulumi-random + # pulumiPackages.pulumi-command + # pulumiPackages.pulumi-aws-native + # pulumiPackages.pulumi-language-go + # pulumiPackages.pulumi-language-python + # pulumiPackages.pulumi-language-nodejs # aws awscli2 @@ -34,6 +31,7 @@ # cloud tools that nix do not have cache for. terraform terraformer # generate terraform configs from existing cloud resources + packer # machine image builder ] ); } diff --git a/home/base/server/git.nix b/home/base/server/git.nix index db40295a..a7670d34 100644 --- a/home/base/server/git.nix +++ b/home/base/server/git.nix @@ -2,8 +2,7 @@ config, lib, pkgs, - userfullname, - useremail, + myvars, ... }: { # `programs.git` will generate the config file: ~/.config/git/config @@ -21,8 +20,8 @@ enable = true; lfs.enable = true; - userName = userfullname; - userEmail = useremail; + userName = myvars.userfullname; + userEmail = myvars.useremail; includes = [ { diff --git a/home/darwin/core.nix b/home/darwin/core.nix index 5a4bea40..97723492 100644 --- a/home/darwin/core.nix +++ b/home/darwin/core.nix @@ -1,3 +1,3 @@ -{username, ...}: { - home.homeDirectory = "/Users/${username}"; +{myvars, ...}: { + home.homeDirectory = "/Users/${myvars.username}"; } diff --git a/home/darwin/ssh.nix b/home/darwin/ssh.nix index 17a516bc..a967e44e 100644 --- a/home/darwin/ssh.nix +++ b/home/darwin/ssh.nix @@ -1,3 +1,3 @@ -{vars_networking, ...}: { - programs.ssh.extraConfig = vars_networking.ssh.extraConfig; +{myvars, ...}: { + programs.ssh.extraConfig = myvars.networking.ssh.extraConfig; } diff --git a/home/linux/base/shell.nix b/home/linux/base/shell.nix index 35f1e302..7bab02f7 100644 --- a/home/linux/base/shell.nix +++ b/home/linux/base/shell.nix @@ -1,13 +1,13 @@ { config, - username, + myvars, ... }: let d = config.xdg.dataHome; c = config.xdg.configHome; cache = config.xdg.cacheHome; in rec { - home.homeDirectory = "/home/${username}"; + home.homeDirectory = "/home/${myvars.username}"; # environment variables that always set at login home.sessionVariables = { diff --git a/hosts/12kingdoms_rakushun/README.md b/hosts/12kingdoms-rakushun/README.md similarity index 100% rename from hosts/12kingdoms_rakushun/README.md rename to hosts/12kingdoms-rakushun/README.md diff --git a/hosts/12kingdoms_rakushun/default.nix b/hosts/12kingdoms-rakushun/default.nix similarity index 91% rename from hosts/12kingdoms_rakushun/default.nix rename to hosts/12kingdoms-rakushun/default.nix index 6bc39e58..574aa994 100644 --- a/hosts/12kingdoms_rakushun/default.nix +++ b/hosts/12kingdoms-rakushun/default.nix @@ -1,7 +1,7 @@ { disko, nixos-rk3588, - vars_networking, + myvars, ... }: ############################################################# @@ -11,7 +11,7 @@ ############################################################# let hostName = "rakushun"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ # import the rk3588 module, which contains the configuration for bootloader/kernel/firmware @@ -24,7 +24,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; networkmanager.enable = false; # RJ45 port 1 diff --git a/hosts/12kingdoms_rakushun/disko-fs.nix b/hosts/12kingdoms-rakushun/disko-fs.nix similarity index 100% rename from hosts/12kingdoms_rakushun/disko-fs.nix rename to hosts/12kingdoms-rakushun/disko-fs.nix diff --git a/hosts/12kingdoms_rakushun/hardware-configuration.nix b/hosts/12kingdoms-rakushun/hardware-configuration.nix similarity index 100% rename from hosts/12kingdoms_rakushun/hardware-configuration.nix rename to hosts/12kingdoms-rakushun/hardware-configuration.nix diff --git a/hosts/12kingdoms_rakushun/impermanence.nix b/hosts/12kingdoms-rakushun/impermanence.nix similarity index 100% rename from hosts/12kingdoms_rakushun/impermanence.nix rename to hosts/12kingdoms-rakushun/impermanence.nix diff --git a/hosts/12kingdoms_shoukei/README.md b/hosts/12kingdoms-shoukei/README.md similarity index 100% rename from hosts/12kingdoms_shoukei/README.md rename to hosts/12kingdoms-shoukei/README.md diff --git a/hosts/12kingdoms_shoukei/apple-set-os-loader.nix b/hosts/12kingdoms-shoukei/apple-set-os-loader.nix similarity index 100% rename from hosts/12kingdoms_shoukei/apple-set-os-loader.nix rename to hosts/12kingdoms-shoukei/apple-set-os-loader.nix diff --git a/hosts/12kingdoms_shoukei/brcm-firmware/default.nix b/hosts/12kingdoms-shoukei/brcm-firmware/default.nix similarity index 100% rename from hosts/12kingdoms_shoukei/brcm-firmware/default.nix rename to hosts/12kingdoms-shoukei/brcm-firmware/default.nix diff --git a/hosts/12kingdoms_shoukei/brcm-firmware/firmware.tar.xz b/hosts/12kingdoms-shoukei/brcm-firmware/firmware.tar.xz similarity index 100% rename from hosts/12kingdoms_shoukei/brcm-firmware/firmware.tar.xz rename to hosts/12kingdoms-shoukei/brcm-firmware/firmware.tar.xz diff --git a/hosts/12kingdoms_shoukei/brcm-firmware/flake.lock b/hosts/12kingdoms-shoukei/brcm-firmware/flake.lock similarity index 100% rename from hosts/12kingdoms_shoukei/brcm-firmware/flake.lock rename to hosts/12kingdoms-shoukei/brcm-firmware/flake.lock diff --git a/hosts/12kingdoms_shoukei/brcm-firmware/flake.nix b/hosts/12kingdoms-shoukei/brcm-firmware/flake.nix similarity index 100% rename from hosts/12kingdoms_shoukei/brcm-firmware/flake.nix rename to hosts/12kingdoms-shoukei/brcm-firmware/flake.nix diff --git a/hosts/12kingdoms_shoukei/default.nix b/hosts/12kingdoms-shoukei/default.nix similarity index 92% rename from hosts/12kingdoms_shoukei/default.nix rename to hosts/12kingdoms-shoukei/default.nix index 32a811e3..c93a5028 100644 --- a/hosts/12kingdoms_shoukei/default.nix +++ b/hosts/12kingdoms-shoukei/default.nix @@ -1,6 +1,6 @@ { nixos-hardware, - vars_networking, + myvars, ... }: ############################################################# @@ -18,7 +18,7 @@ in { {hardware.myapple-t2.enableAppleSetOsLoader = true;} ./hardware-configuration.nix - ../idols_ai/impermanence.nix + ../idols-ai/impermanence.nix ]; boot.kernelModules = ["kvm-amd"]; @@ -26,7 +26,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; # configures the network interface(include wireless) via `nmcli` & `nmtui` networkmanager.enable = true; diff --git a/hosts/12kingdoms_shoukei/hardware-configuration.nix b/hosts/12kingdoms-shoukei/hardware-configuration.nix similarity index 98% rename from hosts/12kingdoms_shoukei/hardware-configuration.nix rename to hosts/12kingdoms-shoukei/hardware-configuration.nix index db30eb96..bad6d2c5 100644 --- a/hosts/12kingdoms_shoukei/hardware-configuration.nix +++ b/hosts/12kingdoms-shoukei/hardware-configuration.nix @@ -53,11 +53,10 @@ # whether to allow TRIM requests to the underlying device. # it's less secure, but faster. allowDiscards = true; - # Whether to bypass dm-crypt’s internal read and write workqueues. - # Enabling this should improve performance on SSDs; + # Whether to bypass dm-crypt’s internal read and write workqueues. + # Enabling this should improve performance on SSDs; # https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state_drive_(SSD)_performance bypassWorkqueues = true; - }; }; diff --git a/hosts/12kingdoms_shoukei/home.nix b/hosts/12kingdoms-shoukei/home.nix similarity index 100% rename from hosts/12kingdoms_shoukei/home.nix rename to hosts/12kingdoms-shoukei/home.nix diff --git a/hosts/12kingdoms_suzu/README.md b/hosts/12kingdoms-suzu/README.md similarity index 100% rename from hosts/12kingdoms_suzu/README.md rename to hosts/12kingdoms-suzu/README.md diff --git a/hosts/12kingdoms_suzu/default.nix b/hosts/12kingdoms-suzu/default.nix similarity index 90% rename from hosts/12kingdoms_suzu/default.nix rename to hosts/12kingdoms-suzu/default.nix index 86f04ab6..0e0f01cb 100644 --- a/hosts/12kingdoms_suzu/default.nix +++ b/hosts/12kingdoms-suzu/default.nix @@ -1,7 +1,7 @@ { disko, nixos-rk3588, - vars_networking, + myvars, ... }: ############################################################# @@ -11,7 +11,7 @@ ############################################################# let hostName = "suzu"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ # import the rk3588 module, which contains the configuration for bootloader/kernel/firmware @@ -24,7 +24,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; networkmanager.enable = false; interfaces.end1 = { diff --git a/hosts/12kingdoms_suzu/disko-fs.nix b/hosts/12kingdoms-suzu/disko-fs.nix similarity index 100% rename from hosts/12kingdoms_suzu/disko-fs.nix rename to hosts/12kingdoms-suzu/disko-fs.nix diff --git a/hosts/12kingdoms_suzu/hardware-configuration.nix b/hosts/12kingdoms-suzu/hardware-configuration.nix similarity index 100% rename from hosts/12kingdoms_suzu/hardware-configuration.nix rename to hosts/12kingdoms-suzu/hardware-configuration.nix diff --git a/hosts/12kingdoms_suzu/impermanence.nix b/hosts/12kingdoms-suzu/impermanence.nix similarity index 100% rename from hosts/12kingdoms_suzu/impermanence.nix rename to hosts/12kingdoms-suzu/impermanence.nix diff --git a/hosts/darwin_fern/default.nix b/hosts/darwin-fern/default.nix similarity index 100% rename from hosts/darwin_fern/default.nix rename to hosts/darwin-fern/default.nix diff --git a/hosts/darwin_fern/home.nix b/hosts/darwin-fern/home.nix similarity index 100% rename from hosts/darwin_fern/home.nix rename to hosts/darwin-fern/home.nix diff --git a/hosts/darwin_harmonica/default.nix b/hosts/darwin-harmonica/default.nix similarity index 100% rename from hosts/darwin_harmonica/default.nix rename to hosts/darwin-harmonica/default.nix diff --git a/hosts/darwin_harmonica/home.nix b/hosts/darwin-harmonica/home.nix similarity index 100% rename from hosts/darwin_harmonica/home.nix rename to hosts/darwin-harmonica/home.nix diff --git a/hosts/homelab_tailscale_gw/default.nix b/hosts/homelab-tailscale-gw/default.nix similarity index 87% rename from hosts/homelab_tailscale_gw/default.nix rename to hosts/homelab-tailscale-gw/default.nix index 810084f0..03d3bee8 100644 --- a/hosts/homelab_tailscale_gw/default.nix +++ b/hosts/homelab-tailscale-gw/default.nix @@ -1,4 +1,8 @@ -{vars_networking, mylib, ...}: +{ + myvars, + mylib, + ... +}: ############################################################# # # Tailscale Gateway(homelab subnet router) - a NixOS VM running on Proxmox @@ -6,7 +10,7 @@ ############################################################# let hostName = "tailscale-gw"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = mylib.scanPaths ./.; @@ -22,10 +26,10 @@ in { networking = { inherit hostName; - inherit (vars_networking) nameservers; + inherit (myvars.networking) nameservers; # Use mainGateway instead of defaultGateway to make NAT Traversal work - defaultGateway = vars_networking.mainGateway; + defaultGateway = myvars.networking.mainGateway; networkmanager.enable = false; interfaces.ens18 = { diff --git a/hosts/homelab_tailscale_gw/tailscale.nix b/hosts/homelab-tailscale-gw/tailscale.nix similarity index 100% rename from hosts/homelab_tailscale_gw/tailscale.nix rename to hosts/homelab-tailscale-gw/tailscale.nix diff --git a/hosts/idols_ai/README.md b/hosts/idols-ai/README.md similarity index 100% rename from hosts/idols_ai/README.md rename to hosts/idols-ai/README.md diff --git a/hosts/idols_ai/cifs-mount.nix b/hosts/idols-ai/cifs-mount.nix similarity index 84% rename from hosts/idols_ai/cifs-mount.nix rename to hosts/idols-ai/cifs-mount.nix index 789887a3..851e187a 100644 --- a/hosts/idols_ai/cifs-mount.nix +++ b/hosts/idols-ai/cifs-mount.nix @@ -1,10 +1,10 @@ { config, - username, + myvars, ... }: { # mount a smb/cifs share - fileSystems."/home/${username}/SMB-Downloads" = { + fileSystems."/home/${myvars.username}/SMB-Downloads" = { device = "//192.168.5.194/Downloads"; fsType = "cifs"; options = [ diff --git a/hosts/idols_ai/default.nix b/hosts/idols-ai/default.nix similarity index 93% rename from hosts/idols_ai/default.nix rename to hosts/idols-ai/default.nix index 2066262b..42c9c7d4 100644 --- a/hosts/idols_ai/default.nix +++ b/hosts/idols-ai/default.nix @@ -1,4 +1,4 @@ -{vars_networking, ...}: +{myvars, ...}: ############################################################# # # Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use. @@ -6,7 +6,7 @@ ############################################################# let hostName = "ai"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ ./cifs-mount.nix @@ -19,7 +19,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; wireless.enable = false; # Enables wireless support via wpa_supplicant. # configures the network interface(include wireless) via `nmcli` & `nmtui` diff --git a/hosts/idols_ai/hardware-configuration.nix b/hosts/idols-ai/hardware-configuration.nix similarity index 98% rename from hosts/idols_ai/hardware-configuration.nix rename to hosts/idols-ai/hardware-configuration.nix index e7cdc8f7..2acc5c4b 100644 --- a/hosts/idols_ai/hardware-configuration.nix +++ b/hosts/idols-ai/hardware-configuration.nix @@ -56,8 +56,8 @@ # whether to allow TRIM requests to the underlying device. # it's less secure, but faster. allowDiscards = true; - # Whether to bypass dm-crypt’s internal read and write workqueues. - # Enabling this should improve performance on SSDs; + # Whether to bypass dm-crypt’s internal read and write workqueues. + # Enabling this should improve performance on SSDs; # https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state_drive_(SSD)_performance bypassWorkqueues = true; }; diff --git a/hosts/idols_ai/home.nix b/hosts/idols-ai/home.nix similarity index 100% rename from hosts/idols_ai/home.nix rename to hosts/idols-ai/home.nix diff --git a/hosts/idols_ai/impermanence.nix b/hosts/idols-ai/impermanence.nix similarity index 100% rename from hosts/idols_ai/impermanence.nix rename to hosts/idols-ai/impermanence.nix diff --git a/hosts/idols_ai/secureboot.nix b/hosts/idols-ai/secureboot.nix similarity index 100% rename from hosts/idols_ai/secureboot.nix rename to hosts/idols-ai/secureboot.nix diff --git a/hosts/idols_aquamarine/README.md b/hosts/idols-aquamarine/README.md similarity index 100% rename from hosts/idols_aquamarine/README.md rename to hosts/idols-aquamarine/README.md diff --git a/hosts/idols_aquamarine/config.dae b/hosts/idols-aquamarine/config.dae similarity index 100% rename from hosts/idols_aquamarine/config.dae rename to hosts/idols-aquamarine/config.dae diff --git a/hosts/idols_aquamarine/dae.nix b/hosts/idols-aquamarine/dae.nix similarity index 100% rename from hosts/idols_aquamarine/dae.nix rename to hosts/idols-aquamarine/dae.nix diff --git a/hosts/idols_aquamarine/default.nix b/hosts/idols-aquamarine/default.nix similarity index 94% rename from hosts/idols_aquamarine/default.nix rename to hosts/idols-aquamarine/default.nix index 704e8764..988c3945 100644 --- a/hosts/idols_aquamarine/default.nix +++ b/hosts/idols-aquamarine/default.nix @@ -1,4 +1,4 @@ -{vars_networking, ...}: +{myvars, ...}: ############################################################# # # Aquamarine - A NixOS VM running on Proxmox @@ -27,7 +27,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) nameservers; + inherit (myvars.networking) nameservers; }; # This value determines the NixOS release from which the default diff --git a/hosts/idols_aquamarine/router.nix b/hosts/idols-aquamarine/router.nix similarity index 100% rename from hosts/idols_aquamarine/router.nix rename to hosts/idols-aquamarine/router.nix diff --git a/hosts/idols_kana/README.md b/hosts/idols-kana/README.md similarity index 100% rename from hosts/idols_kana/README.md rename to hosts/idols-kana/README.md diff --git a/hosts/idols_kana/caddy.nix b/hosts/idols-kana/caddy.nix similarity index 96% rename from hosts/idols_kana/caddy.nix rename to hosts/idols-kana/caddy.nix index bfcc6768..36b7bc47 100644 --- a/hosts/idols_kana/caddy.nix +++ b/hosts/idols-kana/caddy.nix @@ -1,4 +1,4 @@ -{useremail, ...}: { +{myvars, ...}: { services.caddy = { enable = true; # Reload Caddy instead of restarting it when configuration file changes. @@ -16,7 +16,7 @@ ''; # ACME related settings. - # email = useremail; + # email = myvars.useremail; # acmeCA = "https://acme-v02.api.letsencrypt.org/directory"; virtualHosts."http://dashy.writefor.fun".extraConfig = '' diff --git a/hosts/idols_kana/default.nix b/hosts/idols-kana/default.nix similarity index 90% rename from hosts/idols_kana/default.nix rename to hosts/idols-kana/default.nix index 1ee7ddae..b2e8a7d9 100644 --- a/hosts/idols_kana/default.nix +++ b/hosts/idols-kana/default.nix @@ -1,5 +1,5 @@ { - vars_networking, + myvars, mylib, ... }: @@ -10,7 +10,7 @@ ############################################################# let hostName = "kana"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = mylib.scanPaths ./.; @@ -32,7 +32,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; networkmanager.enable = false; interfaces.ens18 = { diff --git a/hosts/idols_kana/homepage/README.md b/hosts/idols-kana/homepage/README.md similarity index 100% rename from hosts/idols_kana/homepage/README.md rename to hosts/idols-kana/homepage/README.md diff --git a/hosts/idols_kana/homepage/config/bookmarks.yaml b/hosts/idols-kana/homepage/config/bookmarks.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/bookmarks.yaml rename to hosts/idols-kana/homepage/config/bookmarks.yaml diff --git a/hosts/idols_kana/homepage/config/docker.yaml b/hosts/idols-kana/homepage/config/docker.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/docker.yaml rename to hosts/idols-kana/homepage/config/docker.yaml diff --git a/hosts/idols_kana/homepage/config/images/rolling-girls.png b/hosts/idols-kana/homepage/config/images/rolling-girls.png similarity index 100% rename from hosts/idols_kana/homepage/config/images/rolling-girls.png rename to hosts/idols-kana/homepage/config/images/rolling-girls.png diff --git a/hosts/idols_kana/homepage/config/kubernetes.yaml b/hosts/idols-kana/homepage/config/kubernetes.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/kubernetes.yaml rename to hosts/idols-kana/homepage/config/kubernetes.yaml diff --git a/hosts/idols_kana/homepage/config/services.yaml b/hosts/idols-kana/homepage/config/services.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/services.yaml rename to hosts/idols-kana/homepage/config/services.yaml diff --git a/hosts/idols_kana/homepage/config/settings.yaml b/hosts/idols-kana/homepage/config/settings.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/settings.yaml rename to hosts/idols-kana/homepage/config/settings.yaml diff --git a/hosts/idols_kana/homepage/config/widgets.yaml b/hosts/idols-kana/homepage/config/widgets.yaml similarity index 100% rename from hosts/idols_kana/homepage/config/widgets.yaml rename to hosts/idols-kana/homepage/config/widgets.yaml diff --git a/hosts/idols_kana/homepage/default.nix b/hosts/idols-kana/homepage/default.nix similarity index 100% rename from hosts/idols_kana/homepage/default.nix rename to hosts/idols-kana/homepage/default.nix diff --git a/hosts/idols_kana/oci-containers/dashy/default.nix b/hosts/idols-kana/oci-containers/dashy/default.nix similarity index 100% rename from hosts/idols_kana/oci-containers/dashy/default.nix rename to hosts/idols-kana/oci-containers/dashy/default.nix diff --git a/hosts/idols_kana/oci-containers/default.nix b/hosts/idols-kana/oci-containers/default.nix similarity index 100% rename from hosts/idols_kana/oci-containers/default.nix rename to hosts/idols-kana/oci-containers/default.nix diff --git a/hosts/idols_kana/proxy.nix b/hosts/idols-kana/proxy.nix similarity index 100% rename from hosts/idols_kana/proxy.nix rename to hosts/idols-kana/proxy.nix diff --git a/hosts/idols_kana/sftpgo.nix b/hosts/idols-kana/sftpgo.nix similarity index 100% rename from hosts/idols_kana/sftpgo.nix rename to hosts/idols-kana/sftpgo.nix diff --git a/hosts/idols_kana/transmission.nix b/hosts/idols-kana/transmission.nix similarity index 98% rename from hosts/idols_kana/transmission.nix rename to hosts/idols-kana/transmission.nix index 6cd67203..b2fa1649 100644 --- a/hosts/idols_kana/transmission.nix +++ b/hosts/idols-kana/transmission.nix @@ -1,6 +1,6 @@ { config, - username, + myvars, ... }: let dataDir = "/var/lib/transmission"; @@ -60,8 +60,8 @@ in { # Wildcards allowed using '*'. Example: "*.foo.org,example.com", rpc-host-whitelist-enabled = true; rpc-host-whitelist = "*.writefor.fun,localhost,192.168.5.*"; - rpc-user = username; - rpc-username = username; + rpc-user = myvars.username; + rpc-username = myvars.username; # rpc-password = "test"; # you'd better use the credentialsFile for this. incomplete-dir-enabled = true; diff --git a/hosts/idols_kana/uptime-kuma.nix b/hosts/idols-kana/uptime-kuma.nix similarity index 100% rename from hosts/idols_kana/uptime-kuma.nix rename to hosts/idols-kana/uptime-kuma.nix diff --git a/hosts/idols_ruby/README.md b/hosts/idols-ruby/README.md similarity index 100% rename from hosts/idols_ruby/README.md rename to hosts/idols-ruby/README.md diff --git a/hosts/idols_ruby/attic.nix b/hosts/idols-ruby/attic.nix similarity index 100% rename from hosts/idols_ruby/attic.nix rename to hosts/idols-ruby/attic.nix diff --git a/hosts/idols_ruby/caddy.nix b/hosts/idols-ruby/caddy.nix similarity index 96% rename from hosts/idols_ruby/caddy.nix rename to hosts/idols-ruby/caddy.nix index ff44f271..a0e3e5ba 100644 --- a/hosts/idols_ruby/caddy.nix +++ b/hosts/idols-ruby/caddy.nix @@ -1,4 +1,4 @@ -{useremail, ...}: { +{myvars, ...}: { services.caddy = { enable = true; # Reload Caddy instead of restarting it when configuration file changes. @@ -16,7 +16,7 @@ ''; # ACME related settings. - # email = useremail; + # email = myvars.useremail; # acmeCA = "https://acme-v02.api.letsencrypt.org/directory"; virtualHosts."http://grafana.writefor.fun".extraConfig = '' diff --git a/hosts/idols_ruby/default.nix b/hosts/idols-ruby/default.nix similarity index 90% rename from hosts/idols_ruby/default.nix rename to hosts/idols-ruby/default.nix index 9631a767..d3644159 100644 --- a/hosts/idols_ruby/default.nix +++ b/hosts/idols-ruby/default.nix @@ -1,5 +1,5 @@ { - vars_networking, + myvars, mylib, ... }: @@ -10,7 +10,7 @@ ############################################################# let hostName = "ruby"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = mylib.scanPaths ./.; @@ -32,7 +32,7 @@ in { networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; networkmanager.enable = false; interfaces.ens18 = { diff --git a/hosts/idols_ruby/exporters/default.nix b/hosts/idols-ruby/exporters/default.nix similarity index 100% rename from hosts/idols_ruby/exporters/default.nix rename to hosts/idols-ruby/exporters/default.nix diff --git a/hosts/idols_ruby/exporters/pve.nix b/hosts/idols-ruby/exporters/pve.nix similarity index 100% rename from hosts/idols_ruby/exporters/pve.nix rename to hosts/idols-ruby/exporters/pve.nix diff --git a/hosts/idols_ruby/grafana/dashboards.yml b/hosts/idols-ruby/grafana/dashboards.yml similarity index 100% rename from hosts/idols_ruby/grafana/dashboards.yml rename to hosts/idols-ruby/grafana/dashboards.yml diff --git a/hosts/idols_ruby/grafana/dashboards/README.md b/hosts/idols-ruby/grafana/dashboards/README.md similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/README.md rename to hosts/idols-ruby/grafana/dashboards/README.md diff --git a/hosts/idols_ruby/grafana/dashboards/homelab/alertmanager-9578_rev4.json b/hosts/idols-ruby/grafana/dashboards/homelab/alertmanager-9578_rev4.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/homelab/alertmanager-9578_rev4.json rename to hosts/idols-ruby/grafana/dashboards/homelab/alertmanager-9578_rev4.json diff --git a/hosts/idols_ruby/grafana/dashboards/homelab/node-exporter-full-1860_rev33.json b/hosts/idols-ruby/grafana/dashboards/homelab/node-exporter-full-1860_rev33.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/homelab/node-exporter-full-1860_rev33.json rename to hosts/idols-ruby/grafana/dashboards/homelab/node-exporter-full-1860_rev33.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-addons-prometheus.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-addons-prometheus.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-addons-prometheus.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-addons-prometheus.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-addons-trivy-operator.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-addons-trivy-operator.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-addons-trivy-operator.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-addons-trivy-operator.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-system-api-server.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-system-api-server.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-system-api-server.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-system-api-server.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-system-coredns.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-system-coredns.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-system-coredns.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-system-coredns.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-global.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-global.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-global.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-global.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-namespaces.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-namespaces.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-namespaces.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-namespaces.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-nodes.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-nodes.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-nodes.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-nodes.json diff --git a/hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-pods.json b/hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-pods.json similarity index 100% rename from hosts/idols_ruby/grafana/dashboards/kubernetes/k8s-views-pods.json rename to hosts/idols-ruby/grafana/dashboards/kubernetes/k8s-views-pods.json diff --git a/hosts/idols_ruby/grafana/datasources.yml b/hosts/idols-ruby/grafana/datasources.yml similarity index 100% rename from hosts/idols_ruby/grafana/datasources.yml rename to hosts/idols-ruby/grafana/datasources.yml diff --git a/hosts/idols_ruby/grafana/default.nix b/hosts/idols-ruby/grafana/default.nix similarity index 94% rename from hosts/idols_ruby/grafana/default.nix rename to hosts/idols-ruby/grafana/default.nix index 9f17431c..a26a92c6 100644 --- a/hosts/idols_ruby/grafana/default.nix +++ b/hosts/idols-ruby/grafana/default.nix @@ -1,8 +1,6 @@ { config, - pkgs, - username, - useremail, + myvars, ... }: { services.grafana = { @@ -28,8 +26,8 @@ }; security = { - admin_user = username; - admin_email = useremail; + admin_user = myvars.username; + admin_email = myvars.useremail; # Use file provider to read the admin password from a file. # https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider admin_password = "$__file{${config.age.secrets."grafana-admin-password".path}}"; diff --git a/hosts/idols_ruby/prometheus/README.md b/hosts/idols-ruby/prometheus/README.md similarity index 100% rename from hosts/idols_ruby/prometheus/README.md rename to hosts/idols-ruby/prometheus/README.md diff --git a/hosts/idols_ruby/prometheus/alert_rules/coredns_embedded-exporter.yml b/hosts/idols-ruby/prometheus/alert_rules/coredns_embedded-exporter.yml similarity index 100% rename from hosts/idols_ruby/prometheus/alert_rules/coredns_embedded-exporter.yml rename to hosts/idols-ruby/prometheus/alert_rules/coredns_embedded-exporter.yml diff --git a/hosts/idols_ruby/prometheus/alert_rules/etcd_embedded-exporter.yml b/hosts/idols-ruby/prometheus/alert_rules/etcd_embedded-exporter.yml similarity index 100% rename from hosts/idols_ruby/prometheus/alert_rules/etcd_embedded-exporter.yml rename to hosts/idols-ruby/prometheus/alert_rules/etcd_embedded-exporter.yml diff --git a/hosts/idols_ruby/prometheus/alert_rules/istio_embedded-exporter.yml b/hosts/idols-ruby/prometheus/alert_rules/istio_embedded-exporter.yml similarity index 100% rename from hosts/idols_ruby/prometheus/alert_rules/istio_embedded-exporter.yml rename to hosts/idols-ruby/prometheus/alert_rules/istio_embedded-exporter.yml diff --git a/hosts/idols_ruby/prometheus/alert_rules/kubestate-exporter.yml b/hosts/idols-ruby/prometheus/alert_rules/kubestate-exporter.yml similarity index 100% rename from hosts/idols_ruby/prometheus/alert_rules/kubestate-exporter.yml rename to hosts/idols-ruby/prometheus/alert_rules/kubestate-exporter.yml diff --git a/hosts/idols_ruby/prometheus/alert_rules/node-exporter.yml b/hosts/idols-ruby/prometheus/alert_rules/node-exporter.yml similarity index 100% rename from hosts/idols_ruby/prometheus/alert_rules/node-exporter.yml rename to hosts/idols-ruby/prometheus/alert_rules/node-exporter.yml diff --git a/hosts/idols_ruby/prometheus/default.nix b/hosts/idols-ruby/prometheus/default.nix similarity index 92% rename from hosts/idols_ruby/prometheus/default.nix rename to hosts/idols-ruby/prometheus/default.nix index ad141257..e3821838 100644 --- a/hosts/idols_ruby/prometheus/default.nix +++ b/hosts/idols-ruby/prometheus/default.nix @@ -1,6 +1,6 @@ { config, - vars_networking, + myvars, ... }: { # https://prometheus.io/docs/prometheus/latest/configuration/configuration/ @@ -56,7 +56,7 @@ # All my NixOS hosts. targets = map (host: "${host.address}:9100") - (builtins.attrValues vars_networking.hostAddress); + (builtins.attrValues myvars.networking.hostAddress); labels.type = "node"; } ]; @@ -70,7 +70,7 @@ metrics_path = "/metrics"; static_configs = [ { - targets = ["${vars_networking.hostAddress.aquamarine.address}:9153"]; + targets = ["${myvars.networking.hostAddress.aquamarine.address}:9153"]; labels.type = "app"; labels.app = "dnsmasq"; } @@ -83,7 +83,7 @@ metrics_path = "/metrics"; static_configs = [ { - targets = ["${vars_networking.hostAddress.kana.address}:9153"]; + targets = ["${myvars.networking.hostAddress.kana.address}:9153"]; labels.type = "app"; labels.app = "v2ray"; } @@ -96,7 +96,7 @@ metrics_path = "/metrics"; static_configs = [ { - targets = ["${vars_networking.hostAddress.kana.address}:10000"]; + targets = ["${myvars.networking.hostAddress.kana.address}:10000"]; labels.type = "app"; labels.app = "v2ray"; } @@ -122,7 +122,7 @@ # The smarthost and SMTP sender used for mail notifications. smtp_smarthost = "smtp.qq.com:465"; smtp_from = "$SMTP_SENDER_EMAIL"; - smtp_auth_username = "$SMTP_AUTH_USERNAME"; + smtp_auth_myvars.username = "$SMTP_AUTH_USERNAME"; smtp_auth_password = "$SMTP_AUTH_PASSWORD"; # smtp.qq.com:465 support SSL only, so we need to disable TLS here. # https://service.mail.qq.com/detail/0/310 diff --git a/hosts/idols_ruby/restic.nix b/hosts/idols-ruby/restic.nix similarity index 100% rename from hosts/idols_ruby/restic.nix rename to hosts/idols-ruby/restic.nix diff --git a/hosts/k8s/k3s_prod_1_master_1/default.nix b/hosts/k8s/k3s-prod-1-master-1/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_master_1/default.nix rename to hosts/k8s/k3s-prod-1-master-1/default.nix index e921385b..8f7c0718 100644 --- a/hosts/k8s/k3s_prod_1_master_1/default.nix +++ b/hosts/k8s/k3s-prod-1-master-1/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-master-1"; # Define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_master_1/k3s.nix b/hosts/k8s/k3s-prod-1-master-1/k3s.nix similarity index 93% rename from hosts/k8s/k3s_prod_1_master_1/k3s.nix rename to hosts/k8s/k3s-prod-1-master-1/k3s.nix index 20bcee01..22fe6e6b 100644 --- a/hosts/k8s/k3s_prod_1_master_1/k3s.nix +++ b/hosts/k8s/k3s-prod-1-master-1/k3s.nix @@ -1,7 +1,7 @@ { config, pkgs, - username, + myvars, ... }: let package = pkgs.k3s_1_29; @@ -29,7 +29,7 @@ in { tokenFile = config.age.secrets."k3s-prod-1-token".path; # https://docs.k3s.io/cli/server extraFlags = - " --write-kubeconfig /home/${username}/.kube/config" + " --write-kubeconfig /home/${myvars.username}/.kube/config" + " --write-kubeconfig-mode 644" + " --service-node-port-range 80-32767" + " --kube-apiserver-arg='--allow-privileged=true'" # required by kubevirt diff --git a/hosts/k8s/k3s_prod_1_master_2/default.nix b/hosts/k8s/k3s-prod-1-master-2/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_master_2/default.nix rename to hosts/k8s/k3s-prod-1-master-2/default.nix index d1e85873..149d38d7 100644 --- a/hosts/k8s/k3s_prod_1_master_2/default.nix +++ b/hosts/k8s/k3s-prod-1-master-2/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-master-2"; # define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_master_3/k3s.nix b/hosts/k8s/k3s-prod-1-master-2/k3s.nix similarity index 91% rename from hosts/k8s/k3s_prod_1_master_3/k3s.nix rename to hosts/k8s/k3s-prod-1-master-2/k3s.nix index ebac57c0..2e5d13ed 100644 --- a/hosts/k8s/k3s_prod_1_master_3/k3s.nix +++ b/hosts/k8s/k3s-prod-1-master-2/k3s.nix @@ -1,11 +1,11 @@ { config, pkgs, - vars_networking, + myvars, ... }: let serverName = "k3s-prod-1-master-1"; - serverIp = vars_networking.hostAddress.${serverName}.address; + serverIp = myvars.networking.hostAddress.${serverName}.address; package = pkgs.k3s_1_29; in { environment.systemPackages = [package]; diff --git a/hosts/k8s/k3s_prod_1_master_3/default.nix b/hosts/k8s/k3s-prod-1-master-3/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_master_3/default.nix rename to hosts/k8s/k3s-prod-1-master-3/default.nix index 37a1273b..7269ab0c 100644 --- a/hosts/k8s/k3s_prod_1_master_3/default.nix +++ b/hosts/k8s/k3s-prod-1-master-3/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-master-3"; # define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_master_2/k3s.nix b/hosts/k8s/k3s-prod-1-master-3/k3s.nix similarity index 91% rename from hosts/k8s/k3s_prod_1_master_2/k3s.nix rename to hosts/k8s/k3s-prod-1-master-3/k3s.nix index ebac57c0..2e5d13ed 100644 --- a/hosts/k8s/k3s_prod_1_master_2/k3s.nix +++ b/hosts/k8s/k3s-prod-1-master-3/k3s.nix @@ -1,11 +1,11 @@ { config, pkgs, - vars_networking, + myvars, ... }: let serverName = "k3s-prod-1-master-1"; - serverIp = vars_networking.hostAddress.${serverName}.address; + serverIp = myvars.networking.hostAddress.${serverName}.address; package = pkgs.k3s_1_29; in { environment.systemPackages = [package]; diff --git a/hosts/k8s/k3s_prod_1_worker_1/default.nix b/hosts/k8s/k3s-prod-1-worker-1/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_worker_1/default.nix rename to hosts/k8s/k3s-prod-1-worker-1/default.nix index d5d66085..53a4f6d1 100644 --- a/hosts/k8s/k3s_prod_1_worker_1/default.nix +++ b/hosts/k8s/k3s-prod-1-worker-1/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-worker-1"; # define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_worker_3/k3s.nix b/hosts/k8s/k3s-prod-1-worker-1/k3s.nix similarity index 85% rename from hosts/k8s/k3s_prod_1_worker_3/k3s.nix rename to hosts/k8s/k3s-prod-1-worker-1/k3s.nix index e03d9090..c1b5b4e3 100644 --- a/hosts/k8s/k3s_prod_1_worker_3/k3s.nix +++ b/hosts/k8s/k3s-prod-1-worker-1/k3s.nix @@ -1,11 +1,11 @@ { config, pkgs, - vars_networking, + myvars, ... }: let serverName = "k3s-prod-1-master-1"; - serverIp = vars_networking.hostAddress.${serverName}.address; + serverIp = myvars.networking.hostAddress.${serverName}.address; package = pkgs.k3s_1_29; in { environment.systemPackages = [package]; diff --git a/hosts/k8s/k3s_prod_1_worker_2/default.nix b/hosts/k8s/k3s-prod-1-worker-2/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_worker_2/default.nix rename to hosts/k8s/k3s-prod-1-worker-2/default.nix index 37bb0d46..45fc4fcb 100644 --- a/hosts/k8s/k3s_prod_1_worker_2/default.nix +++ b/hosts/k8s/k3s-prod-1-worker-2/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-worker-2"; # define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_worker_1/k3s.nix b/hosts/k8s/k3s-prod-1-worker-2/k3s.nix similarity index 85% rename from hosts/k8s/k3s_prod_1_worker_1/k3s.nix rename to hosts/k8s/k3s-prod-1-worker-2/k3s.nix index e03d9090..c1b5b4e3 100644 --- a/hosts/k8s/k3s_prod_1_worker_1/k3s.nix +++ b/hosts/k8s/k3s-prod-1-worker-2/k3s.nix @@ -1,11 +1,11 @@ { config, pkgs, - vars_networking, + myvars, ... }: let serverName = "k3s-prod-1-master-1"; - serverIp = vars_networking.hostAddress.${serverName}.address; + serverIp = myvars.networking.hostAddress.${serverName}.address; package = pkgs.k3s_1_29; in { environment.systemPackages = [package]; diff --git a/hosts/k8s/k3s_prod_1_worker_3/default.nix b/hosts/k8s/k3s-prod-1-worker-3/default.nix similarity index 77% rename from hosts/k8s/k3s_prod_1_worker_3/default.nix rename to hosts/k8s/k3s-prod-1-worker-3/default.nix index 7a240594..9d9299ad 100644 --- a/hosts/k8s/k3s_prod_1_worker_3/default.nix +++ b/hosts/k8s/k3s-prod-1-worker-3/default.nix @@ -1,13 +1,14 @@ { pkgs, - vars_networking, + myvars, mylib, ... }: let hostName = "k3s-prod-1-worker-3"; # define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = diff --git a/hosts/k8s/k3s_prod_1_worker_2/k3s.nix b/hosts/k8s/k3s-prod-1-worker-3/k3s.nix similarity index 85% rename from hosts/k8s/k3s_prod_1_worker_2/k3s.nix rename to hosts/k8s/k3s-prod-1-worker-3/k3s.nix index e03d9090..c1b5b4e3 100644 --- a/hosts/k8s/k3s_prod_1_worker_2/k3s.nix +++ b/hosts/k8s/k3s-prod-1-worker-3/k3s.nix @@ -1,11 +1,11 @@ { config, pkgs, - vars_networking, + myvars, ... }: let serverName = "k3s-prod-1-master-1"; - serverIp = vars_networking.hostAddress.${serverName}.address; + serverIp = myvars.networking.hostAddress.${serverName}.address; package = pkgs.k3s_1_29; in { environment.systemPackages = [package]; diff --git a/hosts/k8s/kubevirt_shoryu/default.nix b/hosts/k8s/kubevirt-shoryu/default.nix similarity index 72% rename from hosts/k8s/kubevirt_shoryu/default.nix rename to hosts/k8s/kubevirt-shoryu/default.nix index 43dd2713..9d00fc7f 100644 --- a/hosts/k8s/kubevirt_shoryu/default.nix +++ b/hosts/k8s/kubevirt-shoryu/default.nix @@ -1,7 +1,7 @@ { pkgs, mylib, - vars_networking, + myvars, disko, ... }: let @@ -9,7 +9,8 @@ hostName = "kubevirt-shoryu"; # Define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = @@ -17,6 +18,6 @@ in { ++ [ coreModule disko.nixosModules.default - ../kubevirt-disko-fs.nix + ../disko_config/kubevirt-disko-fs.nix ]; } diff --git a/hosts/k8s/kubevirt_shushou/k3s.nix b/hosts/k8s/kubevirt-shoryu/k3s.nix similarity index 98% rename from hosts/k8s/kubevirt_shushou/k3s.nix rename to hosts/k8s/kubevirt-shoryu/k3s.nix index 1370c17e..deb27be0 100644 --- a/hosts/k8s/kubevirt_shushou/k3s.nix +++ b/hosts/k8s/kubevirt-shoryu/k3s.nix @@ -1,7 +1,7 @@ { config, pkgs, - username, + myvars, ... }: let package = pkgs.k3s_1_29; diff --git a/hosts/k8s/kubevirt_shushou/default.nix b/hosts/k8s/kubevirt-shushou/default.nix similarity index 71% rename from hosts/k8s/kubevirt_shushou/default.nix rename to hosts/k8s/kubevirt-shushou/default.nix index 8c8bd493..417115f7 100644 --- a/hosts/k8s/kubevirt_shushou/default.nix +++ b/hosts/k8s/kubevirt-shushou/default.nix @@ -1,14 +1,15 @@ { pkgs, mylib, - vars_networking, + myvars, disko, ... }: let hostName = "kubevirt-shushou"; # Define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = @@ -16,6 +17,6 @@ in { ++ [ coreModule disko.nixosModules.default - ../kubevirt-disko-fs.nix + ../disko_config/kubevirt-disko-fs.nix ]; } diff --git a/hosts/k8s/kubevirt_youko/k3s.nix b/hosts/k8s/kubevirt-shushou/k3s.nix similarity index 98% rename from hosts/k8s/kubevirt_youko/k3s.nix rename to hosts/k8s/kubevirt-shushou/k3s.nix index 1370c17e..deb27be0 100644 --- a/hosts/k8s/kubevirt_youko/k3s.nix +++ b/hosts/k8s/kubevirt-shushou/k3s.nix @@ -1,7 +1,7 @@ { config, pkgs, - username, + myvars, ... }: let package = pkgs.k3s_1_29; diff --git a/hosts/k8s/kubevirt_youko/default.nix b/hosts/k8s/kubevirt-youko/default.nix similarity index 71% rename from hosts/k8s/kubevirt_youko/default.nix rename to hosts/k8s/kubevirt-youko/default.nix index 0ba44a74..65743392 100644 --- a/hosts/k8s/kubevirt_youko/default.nix +++ b/hosts/k8s/kubevirt-youko/default.nix @@ -1,14 +1,15 @@ { pkgs, mylib, - vars_networking, + myvars, disko, ... }: let hostName = "kubevirt-youko"; # Define your hostname. k8sLib = import ../lib.nix; coreModule = k8sLib.gencoreModule { - inherit pkgs hostName vars_networking; + inherit pkgs hostName; + inherit (myvars) networking; }; in { imports = @@ -16,6 +17,6 @@ in { ++ [ coreModule disko.nixosModules.default - ../kubevirt-disko-fs.nix + ../disko_config/kubevirt-disko-fs.nix ]; } diff --git a/hosts/k8s/kubevirt_shoryu/k3s.nix b/hosts/k8s/kubevirt-youko/k3s.nix similarity index 98% rename from hosts/k8s/kubevirt_shoryu/k3s.nix rename to hosts/k8s/kubevirt-youko/k3s.nix index 1370c17e..deb27be0 100644 --- a/hosts/k8s/kubevirt_shoryu/k3s.nix +++ b/hosts/k8s/kubevirt-youko/k3s.nix @@ -1,7 +1,7 @@ { config, pkgs, - username, + myvars, ... }: let package = pkgs.k3s_1_29; diff --git a/hosts/k8s/lib.nix b/hosts/k8s/lib.nix index 33a85ae3..f5f3fce2 100644 --- a/hosts/k8s/lib.nix +++ b/hosts/k8s/lib.nix @@ -2,10 +2,10 @@ gencoreModule = { pkgs, hostName, - vars_networking, + networking, ... }: let - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = networking.hostAddress.${hostName}; in { # supported file systems, so we can mount any removable disks with these filesystems boot.supportedFilesystems = [ @@ -49,7 +49,7 @@ networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (networking) defaultGateway nameservers; networkmanager.enable = false; # Set the host's address on the OVS bridge interface instead of the physical interface! diff --git a/hosts/rolling_girls_chiaya/default.nix b/hosts/rolling-girls-chiaya/default.nix similarity index 90% rename from hosts/rolling_girls_chiaya/default.nix rename to hosts/rolling-girls-chiaya/default.nix index 494beea3..3f2adac3 100644 --- a/hosts/rolling_girls_chiaya/default.nix +++ b/hosts/rolling-girls-chiaya/default.nix @@ -1,6 +1,6 @@ { # nixos-jh7110, - vars_networking, + myvars, ... }: ############################################################# @@ -12,7 +12,7 @@ ############################################################# let hostName = "chiaya"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ ]; @@ -20,7 +20,7 @@ in { # Set static IP address / gateway / DNS servers. networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; # Failed to enable firewall due to the following error: # firewall-start[2300]: iptables: Failed to initialize nft: Protocol not supported diff --git a/hosts/rolling_girls_nozomi/default.nix b/hosts/rolling-girls-nozomi/default.nix similarity index 95% rename from hosts/rolling_girls_nozomi/default.nix rename to hosts/rolling-girls-nozomi/default.nix index 785fe0ae..76211ea2 100644 --- a/hosts/rolling_girls_nozomi/default.nix +++ b/hosts/rolling-girls-nozomi/default.nix @@ -1,6 +1,6 @@ { nixos-licheepi4a, - vars_networking, + myvars, ... }: ############################################################# @@ -10,7 +10,7 @@ ############################################################# let hostName = "nozomi"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ # import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware @@ -22,7 +22,7 @@ in { # Set static IP address / gateway / DNS servers. networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; wireless = { # https://wiki.archlinux.org/title/wpa_supplicant diff --git a/hosts/rolling_girls_yukina/default.nix b/hosts/rolling-girls-yukina/default.nix similarity index 95% rename from hosts/rolling_girls_yukina/default.nix rename to hosts/rolling-girls-yukina/default.nix index faf228e9..2e5a4911 100644 --- a/hosts/rolling_girls_yukina/default.nix +++ b/hosts/rolling-girls-yukina/default.nix @@ -1,6 +1,6 @@ { nixos-licheepi4a, - vars_networking, + myvars, ... }: ############################################################# @@ -10,7 +10,7 @@ ############################################################# let hostName = "yukina"; # Define your hostname. - hostAddress = vars_networking.hostAddress.${hostName}; + hostAddress = myvars.networking.hostAddress.${hostName}; in { imports = [ # import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware @@ -22,7 +22,7 @@ in { # Set static IP address / gateway / DNS servers. networking = { inherit hostName; - inherit (vars_networking) defaultGateway nameservers; + inherit (myvars.networking) defaultGateway nameservers; wireless = { # https://wiki.archlinux.org/title/wpa_supplicant diff --git a/lib/colmenaSystem.nix b/lib/colmenaSystem.nix index 89128ad0..7e58360e 100644 --- a/lib/colmenaSystem.nix +++ b/lib/colmenaSystem.nix @@ -1,20 +1,23 @@ # colmena - Remote Deployment via SSH { - nixpkgs, - home-manager, - specialArgs, + inputs, nixos-modules, home-module ? null, - host_tags, - targetUser ? specialArgs.username, + myvars, + system, + tags, + ssh-user, + genSpecialArgs, + ... }: let - inherit (specialArgs) username; + inherit (inputs) home-manager; + specialArgs = genSpecialArgs system; in {name, ...}: { deployment = { - inherit targetUser; - targetHost = builtins.replaceStrings ["_"] ["-"] name; # hostName or IP address - tags = host_tags; + inherit tags; + targetUser = ssh-user; + targetHost = name; # hostName or IP address }; imports = @@ -28,7 +31,7 @@ in home-manager.useUserPackages = true; home-manager.extraSpecialArgs = specialArgs; - home-manager.users."${username}" = home-module; + home-manager.users."${myvars.username}" = home-module; } ] else [] diff --git a/lib/default.nix b/lib/default.nix index edb0c822..6cbd7c06 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -3,6 +3,8 @@ macosSystem = import ./macosSystem.nix; nixosSystem = import ./nixosSystem.nix; attrs = import ./attrs.nix {inherit lib;}; + # use path relative to the root of the project + relativeToRoot = lib.path.append ../.; scanPaths = path: builtins.map (f: (path + "/${f}")) diff --git a/lib/macosSystem.nix b/lib/macosSystem.nix index 44d581c4..d40b2c77 100644 --- a/lib/macosSystem.nix +++ b/lib/macosSystem.nix @@ -1,13 +1,14 @@ { - nixpkgs, - nix-darwin, - home-manager, - system, - specialArgs, + inputs, darwin-modules, - home-module, + home-module ? null, + myvars, + system, + genSpecialArgs, + ... }: let - inherit (specialArgs) username; + inherit (inputs) nixpkgs home-manager nix-darwin; + specialArgs = genSpecialArgs system; in nix-darwin.lib.darwinSystem { inherit system specialArgs; @@ -31,7 +32,7 @@ in home-manager.useUserPackages = true; home-manager.extraSpecialArgs = specialArgs; - home-manager.users."${username}" = home-module; + home-manager.users."${myvars.username}" = home-module; } ]; } diff --git a/lib/nixosSystem.nix b/lib/nixosSystem.nix index 8003d2a2..a854c608 100644 --- a/lib/nixosSystem.nix +++ b/lib/nixosSystem.nix @@ -1,13 +1,15 @@ { - nixpkgs, - home-manager, - nixos-generators, + inputs, + lib, system, - specialArgs, + genSpecialArgs, nixos-modules, home-module ? null, + myvars, + ... }: let - inherit (specialArgs) username; + inherit (inputs) nixpkgs home-manager nixos-generators; + specialArgs = genSpecialArgs system; in nixpkgs.lib.nixosSystem { inherit system specialArgs; @@ -24,17 +26,16 @@ in } ] ++ ( - if (home-module != null) - then [ + lib.optionals (home-module != null) + [ home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.extraSpecialArgs = specialArgs; - home-manager.users."${username}" = home-module; + home-manager.users."${myvars.username}" = home-module; } ] - else [] ); } diff --git a/modules/base.nix b/modules/base.nix index c33b45cd..8976cd1b 100644 --- a/modules/base.nix +++ b/modules/base.nix @@ -1,7 +1,6 @@ { pkgs, - username, - userfullname, + myvars, nuenv, ... } @ args: { @@ -50,8 +49,8 @@ rsync ]; - users.users.${username} = { - description = userfullname; + users.users.${myvars.username} = { + description = myvars.userfullname; # Public Keys that can be used to login to all my PCs, Macbooks, and servers. # # Since its authority is so large, we must strengthen its security: @@ -78,7 +77,7 @@ # given the users in this list the right to specify additional substituters via: # 1. `nixConfig.substituers` in `flake.nix` # 2. command line args `--options substituers http://xxx` - trusted-users = [username]; + trusted-users = [myvars.username]; # substituers that will be considered before the official ones(https://cache.nixos.org) substituters = [ diff --git a/modules/darwin/security.nix b/modules/darwin/security.nix index 47b50033..7f20fc9f 100644 --- a/modules/darwin/security.nix +++ b/modules/darwin/security.nix @@ -1,9 +1,9 @@ { config, - username, + myvars, ... }: let - homeDir = config.users.users."${username}".home; + homeDir = config.users.users."${myvars.username}".home; in { # https://github.com/LnL7/nix-darwin/blob/master/modules/programs/gnupg.nix # try `pkill gpg-agent` if you have issues(such as `no pinentry`) diff --git a/modules/darwin/users.nix b/modules/darwin/users.nix index 166ae391..a8ccf9b5 100644 --- a/modules/darwin/users.nix +++ b/modules/darwin/users.nix @@ -1,7 +1,7 @@ -{username, ...}: { +{myvars, ...}: { # Define a user account. Don't forget to set a password with ‘passwd’. - users.users."${username}" = { - home = "/Users/${username}"; + users.users."${myvars.username}" = { + home = "/Users/${myvars.username}"; # set user's default shell back to zsh # `chsh -s /bin/zsh` diff --git a/modules/darwin/wm/skhd.nix b/modules/darwin/wm/skhd.nix index b6d22fa3..5b4688f4 100644 --- a/modules/darwin/wm/skhd.nix +++ b/modules/darwin/wm/skhd.nix @@ -1,6 +1,6 @@ { config, - username, + myvars, ... }: { services.skhd = { @@ -10,7 +10,7 @@ # custom log path for debugging launchd.user.agents.skhd.serviceConfig = let - homeDir = config.users.users."${username}".home; + homeDir = config.users.users."${myvars.username}".home; in { StandardErrorPath = "${homeDir}/Library/Logs/skhd.stderr.log"; StandardOutPath = "${homeDir}/Library/Logs/skhd.stdout.log"; diff --git a/modules/darwin/wm/yabai.nix b/modules/darwin/wm/yabai.nix index d9ef7264..8ea7e22e 100644 --- a/modules/darwin/wm/yabai.nix +++ b/modules/darwin/wm/yabai.nix @@ -2,11 +2,11 @@ pkgs, config, lib, - username, + myvars, pkgs-unstable, ... }: let - homeDir = config.users.users."${username}".home; + homeDir = config.users.users."${myvars.username}".home; in { # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/os-specific/darwin/yabai/default.nix services.yabai = { diff --git a/modules/nixos/base/remote-building.nix b/modules/nixos/base/remote-building.nix index b36c57c8..84901ab3 100644 --- a/modules/nixos/base/remote-building.nix +++ b/modules/nixos/base/remote-building.nix @@ -1,4 +1,4 @@ -{username, ...}: { +{myvars, ...}: { #################################################################### # # NixOS's Configuration for Remote Building / Distributed Building @@ -14,7 +14,7 @@ # nix.settings.max-jobs = 0; nix.distributedBuilds = true; nix.buildMachines = let - sshUser = username; + sshUser = myvars.username; # ssh key's path on local machine sshKey = "/etc/agenix/ssh-key-romantic"; systems = [ diff --git a/modules/nixos/base/ssh.nix b/modules/nixos/base/ssh.nix index f61b4999..d8d38a30 100644 --- a/modules/nixos/base/ssh.nix +++ b/modules/nixos/base/ssh.nix @@ -1,6 +1,6 @@ { lib, - vars_networking, + myvars, ... }: { # networking.firewall.allowedTCPPorts = [ ... ]; @@ -8,7 +8,7 @@ # Or disable the firewall altogether. networking.firewall.enable = lib.mkDefault false; - programs.ssh = vars_networking.ssh; + programs.ssh = myvars.networking.ssh; # Enable the OpenSSH daemon. services.openssh = { diff --git a/modules/nixos/base/user-group.nix b/modules/nixos/base/user-group.nix index 128da9d3..bc607b6c 100644 --- a/modules/nixos/base/user-group.nix +++ b/modules/nixos/base/user-group.nix @@ -1,5 +1,5 @@ { - username, + myvars, config, ... }: { @@ -7,7 +7,7 @@ users.mutableUsers = false; users.groups = { - "${username}" = {}; + "${myvars.username}" = {}; docker = {}; wireshark = {}; # for android platform tools's udev rules @@ -19,14 +19,14 @@ uinput = {}; }; - users.users."${username}" = { + users.users."${myvars.username}" = { # generated by `mkpasswd -m scrypt` # we have to use initialHashedPassword here when using tmpfs for / initialHashedPassword = "$7$CU..../....KDvTIXqLTXpmCaoUy2yC9.$145eM358b7Q0sRXgEBvxctd5EAuEEdao57LmZjc05D."; - home = "/home/${username}"; + home = "/home/${myvars.username}"; isNormalUser = true; extraGroups = [ - username + myvars.username "users" "networkmanager" "wheel" @@ -39,7 +39,7 @@ # root's ssh key are mainly used for remote deployment users.users.root = { - initialHashedPassword = config.users.users."${username}".initialHashedPassword; - openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; + initialHashedPassword = config.users.users."${myvars.username}".initialHashedPassword; + openssh.authorizedKeys.keys = config.users.users."${myvars.username}".openssh.authorizedKeys.keys; }; } diff --git a/modules/nixos/desktop.nix b/modules/nixos/desktop.nix index 6d4a475b..c81783c1 100644 --- a/modules/nixos/desktop.nix +++ b/modules/nixos/desktop.nix @@ -2,7 +2,7 @@ pkgs, config, lib, - username, + myvars, ... }: with lib; let @@ -46,7 +46,7 @@ in { settings = { default_session = { # Wayland Desktop Manager is installed only for user ryan via home-manager! - user = username; + user = myvars.username; # .wayland-session is a script generated by home-manager, which links to the current wayland compositor(sway/hyprland or others). # with such a vendor-no-locking script, we can switch to another wayland compositor without modifying greetd's config here. command = "$HOME/.wayland-session"; # start a wayland session directly without a login manager @@ -75,7 +75,7 @@ in { lightdm.enable = true; autoLogin = { enable = true; - user = username; + user = myvars.username; }; # use a fake session to skip desktop manager # and let Home Manager take care of the X session diff --git a/nixos-installer/flake.nix b/nixos-installer/flake.nix index 9cb6c38c..be6fa567 100644 --- a/nixos-installer/flake.nix +++ b/nixos-installer/flake.nix @@ -15,7 +15,7 @@ nixosConfigurations = { ai = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - specialArgs = inputs // {username = "ryan";}; + specialArgs = inputs // {myvars.username = "ryan";}; modules = [ {networking.hostName = "ai";} @@ -26,14 +26,14 @@ ../modules/nixos/base/user-group.nix ../modules/nixos/base/networking.nix - ../hosts/idols_ai/hardware-configuration.nix - ../hosts/idols_ai/impermanence.nix + ../hosts/idols-ai/hardware-configuration.nix + ../hosts/idols-ai/impermanence.nix ]; }; shoukei = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - specialArgs = inputs // {username = "ryan";}; + specialArgs = inputs // {myvars.username = "ryan";}; modules = [ # Building on a USB installer is buggy, lack of disk space, memory, trublesome to setup substituteers, etc. # so we disable apple-t2 module here to avoid build kernel during the initial installation, and enable it after the first boot. @@ -51,8 +51,8 @@ ../modules/nixos/base/user-group.nix ../modules/nixos/base/networking.nix - ../hosts/12kingdoms_shoukei/hardware-configuration.nix - ../hosts/idols_ai/impermanence.nix + ../hosts/12kingdoms-shoukei/hardware-configuration.nix + ../hosts/idols-ai/impermanence.nix ]; }; }; diff --git a/outputs/aarch64-darwin/default.nix b/outputs/aarch64-darwin/default.nix new file mode 100644 index 00000000..6b0066f9 --- /dev/null +++ b/outputs/aarch64-darwin/default.nix @@ -0,0 +1,30 @@ +{ + lib, + inputs, + ... +} @ args: let + inherit (inputs) haumea; + + # Contains all the flake outputs of this system architecture. + data = haumea.lib.load { + src = ./src; + inputs = args; + }; + # nix file names is redundant, so we remove it. + dataWithoutPaths = builtins.attrValues data; + + # Merge all the machine's data into a single attribute set. + outputs = { + darwinConfigurations = lib.attrsets.mergeAttrsList (map (it: it.darwinConfigurations or {}) dataWithoutPaths); + }; +in + outputs + // { + inherit data; # for debugging purposes + + # NixOS's unit tests. + # unit-tests = haumea.lib.loadEvalTests { + # src = ./tests; + # inputs = args; + # }; + } diff --git a/outputs/aarch64-darwin/src/fern.nix b/outputs/aarch64-darwin/src/fern.nix new file mode 100644 index 00000000..452d8a31 --- /dev/null +++ b/outputs/aarch64-darwin/src/fern.nix @@ -0,0 +1,35 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "fern"; + + modules = { + darwin-modules = + (map mylib.relativeToRoot [ + # common + "secrets/darwin.nix" + "modules/darwin" + # host specific + "hosts/darwin-${name}" + ]) + ++ []; + home-module.imports = map mylib.relativeToRoot [ + "hosts/darwin-${name}/home.nix" + "home/darwin" + ]; + }; + + systemArgs = modules // args; +in { + # macOS's configuration + darwinConfigurations.${name} = mylib.macosSystem systemArgs; +} diff --git a/outputs/aarch64-linux/default.nix b/outputs/aarch64-linux/default.nix new file mode 100644 index 00000000..14cd0947 --- /dev/null +++ b/outputs/aarch64-linux/default.nix @@ -0,0 +1,38 @@ +{ + lib, + inputs, + ... +} @ args: let + inherit (inputs) haumea; + + # Contains all the flake outputs of this system architecture. + data = haumea.lib.load { + src = ./src; + inputs = args; + }; + # nix file names is redundant, so we remove it. + dataWithoutPaths = builtins.attrValues data; + + # Merge all the machine's data into a single attribute set. + outputs = { + nixosConfigurations = lib.attrsets.mergeAttrsList (map (it: it.nixosConfigurations or {}) dataWithoutPaths); + packages = lib.attrsets.mergeAttrsList (map (it: it.packages or {}) dataWithoutPaths); + # colmena contains some meta info, which need to be merged carefully. + colmena-meta = { + nodeNixpkgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeNixpkgs or {}) dataWithoutPaths); + nodeSpecialArgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeSpecialArgs or {}) dataWithoutPaths); + }; + # colmena's per-machine data. + colmena = lib.attrsets.mergeAttrsList (map (it: it.colmena or {}) dataWithoutPaths); + }; +in + outputs + // { + inherit data; # for debugging purposes + + # NixOS's unit tests. + # unit-tests = haumea.lib.loadEvalTests { + # src = ./tests; + # inputs = args; + # }; + } diff --git a/outputs/aarch64-linux/src/12kingdoms-rakushun.nix b/outputs/aarch64-linux/src/12kingdoms-rakushun.nix new file mode 100644 index 00000000..dfc34fce --- /dev/null +++ b/outputs/aarch64-linux/src/12kingdoms-rakushun.nix @@ -0,0 +1,60 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 楽俊, Rakushun + name = "rakushun"; + tags = [name "aarch"]; + ssh-user = "root"; + + modules = { + nixos-modules = map mylib.relativeToRoot [ + "modules/nixos/server/server-aarch64.nix" + # host specific modules + "hosts/12kingdoms-${name}" + ]; + }; + + inherit (inputs) nixos-rk3588; + baseSpecialArgs = genSpecialArgs system; + + rk3588Pkgs = import nixos-rk3588.inputs.nixpkgs {inherit system;}; + rk3588SpecialArgs = let + # using the same nixpkgs as nixos-rk3588 + inherit (nixos-rk3588.inputs) nixpkgs; + # use aarch64-linux's native toolchain + pkgsKernel = import nixpkgs {inherit system;}; + in + baseSpecialArgs + // { + inherit nixpkgs; + # Provide rk3588 inputs as special argument + rk3588 = {inherit nixpkgs pkgsKernel;}; + }; + + rk3588SystemArgs = + modules + // args + // { + inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable + specialArgs = rk3588SpecialArgs; + }; +in { + nixosConfigurations.${name} = mylib.nixosSystem rk3588SystemArgs; + + colmena-meta = { + nodeSpecialArgs.${name} = rk3588SpecialArgs; + nodeNixpkgs.${name} = rk3588Pkgs; + }; + colmena.${name} = + mylib.colmenaSystem + (rk3588SystemArgs // {inherit tags ssh-user;}); +} diff --git a/outputs/aarch64-linux/src/12kingdoms-suzu.nix b/outputs/aarch64-linux/src/12kingdoms-suzu.nix new file mode 100644 index 00000000..dec5a75b --- /dev/null +++ b/outputs/aarch64-linux/src/12kingdoms-suzu.nix @@ -0,0 +1,60 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 大木 鈴, Ōki Suzu + name = "suzu"; + tags = [name "aarch"]; + ssh-user = "root"; + + modules = { + nixos-modules = map mylib.relativeToRoot [ + "modules/nixos/server/server-aarch64.nix" + # host specific modules + "hosts/12kingdoms-${name}" + ]; + }; + + inherit (inputs) nixos-rk3588; + baseSpecialArgs = genSpecialArgs system; + + rk3588Pkgs = import nixos-rk3588.inputs.nixpkgs {inherit system;}; + rk3588SpecialArgs = let + # using the same nixpkgs as nixos-rk3588 + inherit (nixos-rk3588.inputs) nixpkgs; + # use aarch64-linux's native toolchain + pkgsKernel = import nixpkgs {inherit system;}; + in + baseSpecialArgs + // { + inherit nixpkgs; + # Provide rk3588 inputs as special argument + rk3588 = {inherit nixpkgs pkgsKernel;}; + }; + + rk3588SystemArgs = + modules + // args + // { + inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable + specialArgs = rk3588SpecialArgs; + }; +in { + nixosConfigurations.${name} = mylib.nixosSystem rk3588SystemArgs; + + colmena-meta = { + nodeSpecialArgs.${name} = rk3588SpecialArgs; + nodeNixpkgs.${name} = rk3588Pkgs; + }; + colmena.${name} = + mylib.colmenaSystem + (rk3588SystemArgs // {inherit tags ssh-user;}); +} diff --git a/outputs/default.nix b/outputs/default.nix new file mode 100644 index 00000000..e925efaa --- /dev/null +++ b/outputs/default.nix @@ -0,0 +1,135 @@ +{ + self, + nixpkgs, + pre-commit-hooks, + ... +} @ inputs: let + inherit (inputs.nixpkgs) lib; + mylib = import ../lib {inherit lib;}; + myvars = import ../vars {inherit lib;}; + + # Add my custom lib, vars, nixpkgs instance, and all the inputs to sepcialArgs, + # so that I can use them in all my nixos/home-manager/darwin modules. + genSpecialArgs = system: + inputs + // { + inherit mylib myvars; + + # use unstable branch for some packages to get the latest updates + pkgs-unstable = import inputs.nixpkgs-unstable { + inherit system; # refer the `system` parameter form outer scope recursively + # To use chrome, we need to allow the installation of non-free software + config.allowUnfree = true; + }; + pkgs-stable = import inputs.nixpkgs-stable { + inherit system; + # To use chrome, we need to allow the installation of non-free software + config.allowUnfree = true; + }; + }; + + # This is the args for all the haumea modules in this folder. + args = {inherit inputs lib mylib myvars genSpecialArgs;}; + + # modules for each supported system + nixosSystems = { + x86_64-linux = import ./x86_64-linux (args // {system = "x86_64-linux";}); + aarch64-linux = import ./aarch64-linux (args // {system = "aarch64-linux";}); + riscv64-linux = import ./riscv64-linux (args // {system = "riscv64-linux";}); + }; + darwinSystems = { + aarch64-darwin = import ./aarch64-darwin (args // {system = "aarch64-darwin";}); + x86_64-darwin = import ./x86_64-darwin (args // {system = "x86_64-darwin";}); + }; + allSystems = nixosSystems // darwinSystems; + allSystemNames = builtins.attrNames allSystems; + nixosSystemValues = builtins.attrValues nixosSystems; + darwinSystemValues = builtins.attrValues darwinSystems; + + # Helper function to generate a set of attributes for each system + forAllSystems = func: (nixpkgs.lib.genAttrs allSystemNames func); +in { + # add attribute sets into outputs, for debugging + debugAttrs = {inherit nixosSystems darwinSystems allSystems allSystemNames;}; + + # NixOS Hosts + nixosConfigurations = + lib.attrsets.mergeAttrsList (map (it: it.nixosConfigurations or {}) nixosSystemValues); + + # colmena - remote deployment via SSH + colmena = + { + meta = + ( + let + system = "x86_64-linux"; + in { + # colmena's default nixpkgs & specialArgs + nixpkgs = import nixpkgs {inherit system;}; + specialArgs = genSpecialArgs system; + } + ) + // { + # per-node nixpkgs & specialArgs + nodeNixpkgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeNixpkgs or {}) nixosSystemValues); + nodeSpecialArgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeSpecialArgs or {}) nixosSystemValues); + }; + } + // lib.attrsets.mergeAttrsList (map (it: it.colmena or {}) nixosSystemValues); + + # macOS Hosts + darwinConfigurations = + lib.attrsets.mergeAttrsList (map (it: it.darwinConfigurations or {}) darwinSystemValues); + + # Packages + packages = forAllSystems ( + system: allSystems.${system}.packages or {} + ); + + # Unit Tests, Intergraded Tests, and Pre-commit checks + checks = forAllSystems ( + system: { + # Unit Tests for the system + # unit-tests = allSystems.${system}.unit-tests; + + pre-commit-check = pre-commit-hooks.lib.${system}.run { + src = ./.; + hooks = { + alejandra.enable = true; # formatter + # deadnix.enable = true; # detect unused variable bindings in `*.nix` + # statix.enable = true; # lints and suggestions for Nix code(auto suggestions) + # prettier = { + # enable = true; + # excludes = [".js" ".md" ".ts"]; + # }; + }; + }; + } + ); + + # Development Shells + devShells = forAllSystems ( + system: let + pkgs = nixpkgs.legacyPackages.${system}; + in { + default = pkgs.mkShell { + packages = with pkgs; [ + # fix https://discourse.nixos.org/t/non-interactive-bash-errors-from-flake-nix-mkshell/33310 + bashInteractive + # fix `cc` replaced by clang, which causes nvim-treesitter compilation error + gcc + ]; + name = "dots"; + shellHook = '' + ${self.checks.${system}.pre-commit-check.shellHook} + ''; + }; + } + ); + + # Format the nix code in this flake + formatter = forAllSystems ( + # alejandra is a nix formatter with a beautiful output + system: nixpkgs.legacyPackages.${system}.alejandra + ); +} diff --git a/outputs/riscv64-linux/default.nix b/outputs/riscv64-linux/default.nix new file mode 100644 index 00000000..14cd0947 --- /dev/null +++ b/outputs/riscv64-linux/default.nix @@ -0,0 +1,38 @@ +{ + lib, + inputs, + ... +} @ args: let + inherit (inputs) haumea; + + # Contains all the flake outputs of this system architecture. + data = haumea.lib.load { + src = ./src; + inputs = args; + }; + # nix file names is redundant, so we remove it. + dataWithoutPaths = builtins.attrValues data; + + # Merge all the machine's data into a single attribute set. + outputs = { + nixosConfigurations = lib.attrsets.mergeAttrsList (map (it: it.nixosConfigurations or {}) dataWithoutPaths); + packages = lib.attrsets.mergeAttrsList (map (it: it.packages or {}) dataWithoutPaths); + # colmena contains some meta info, which need to be merged carefully. + colmena-meta = { + nodeNixpkgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeNixpkgs or {}) dataWithoutPaths); + nodeSpecialArgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeSpecialArgs or {}) dataWithoutPaths); + }; + # colmena's per-machine data. + colmena = lib.attrsets.mergeAttrsList (map (it: it.colmena or {}) dataWithoutPaths); + }; +in + outputs + // { + inherit data; # for debugging purposes + + # NixOS's unit tests. + # unit-tests = haumea.lib.loadEvalTests { + # src = ./tests; + # inputs = args; + # }; + } diff --git a/outputs/riscv64-linux/src/rolling-girls-nozomi.nix b/outputs/riscv64-linux/src/rolling-girls-nozomi.nix new file mode 100644 index 00000000..546574c6 --- /dev/null +++ b/outputs/riscv64-linux/src/rolling-girls-nozomi.nix @@ -0,0 +1,60 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 森友 望未, Moritomo Nozomi + name = "nozomi"; + tags = [name "riscv"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + "modules/nixos/server/server-riscv64.nix" + # host specific modules + "hosts/rolling-girls-${name}" + ]) + ++ [ + # cross-compilation this flake. + {nixpkgs.crossSystem.system = "riscv64-linux";} + ]; + }; + + inherit (inputs) nixos-licheepi4a; + baseSpecialArgs = genSpecialArgs system; + + # using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache. + lpi4aPkgs = import nixos-licheepi4a.inputs.nixpkgs {inherit system;}; + lpi4aSpecialArgs = + baseSpecialArgs + // { + inherit (nixos-licheepi4a.inputs) nixpkgs; + pkgsKernel = nixos-licheepi4a.packages.${system}.pkgsKernelCross; + } + // args; + lpi4aSystemArgs = + modules + // args + // { + inherit (nixos-licheepi4a.inputs) nixpkgs; + specialArgs = lpi4aSpecialArgs; + }; +in { + nixosConfigurations.${name} = mylib.nixosSystem lpi4aSystemArgs; + + colmena-meta = { + nodeSpecialArgs.${name} = lpi4aSpecialArgs; + nodeNixpkgs.${name} = lpi4aPkgs; + }; + colmena.${name} = + mylib.colmenaSystem + (lpi4aSystemArgs // {inherit tags ssh-user;}); +} diff --git a/outputs/riscv64-linux/src/rolling-girls-yukina.nix b/outputs/riscv64-linux/src/rolling-girls-yukina.nix new file mode 100644 index 00000000..cb84bda2 --- /dev/null +++ b/outputs/riscv64-linux/src/rolling-girls-yukina.nix @@ -0,0 +1,60 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 小坂 結季奈, Kosaka Yukina + name = "yukina"; + tags = [name "riscv"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + "modules/nixos/server/server-riscv64.nix" + # host specific modules + "hosts/rolling-girls-${name}" + ]) + ++ [ + # cross-compilation this flake. + {nixpkgs.crossSystem.system = "riscv64-linux";} + ]; + }; + + inherit (inputs) nixos-licheepi4a; + baseSpecialArgs = genSpecialArgs system; + + # using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache. + lpi4aPkgs = import nixos-licheepi4a.inputs.nixpkgs {inherit system;}; + lpi4aSpecialArgs = + baseSpecialArgs + // { + inherit (nixos-licheepi4a.inputs) nixpkgs; + pkgsKernel = nixos-licheepi4a.packages.${system}.pkgsKernelCross; + } + // args; + lpi4aSystemArgs = + modules + // args + // { + inherit (nixos-licheepi4a.inputs) nixpkgs; + specialArgs = lpi4aSpecialArgs; + }; +in { + nixosConfigurations.${name} = mylib.nixosSystem lpi4aSystemArgs; + + colmena-meta = { + nodeSpecialArgs.${name} = lpi4aSpecialArgs; + nodeNixpkgs.${name} = lpi4aPkgs; + }; + colmena.${name} = + mylib.colmenaSystem + (lpi4aSystemArgs // {inherit tags ssh-user;}); +} diff --git a/outputs/x86_64-darwin/default.nix b/outputs/x86_64-darwin/default.nix new file mode 100644 index 00000000..6b0066f9 --- /dev/null +++ b/outputs/x86_64-darwin/default.nix @@ -0,0 +1,30 @@ +{ + lib, + inputs, + ... +} @ args: let + inherit (inputs) haumea; + + # Contains all the flake outputs of this system architecture. + data = haumea.lib.load { + src = ./src; + inputs = args; + }; + # nix file names is redundant, so we remove it. + dataWithoutPaths = builtins.attrValues data; + + # Merge all the machine's data into a single attribute set. + outputs = { + darwinConfigurations = lib.attrsets.mergeAttrsList (map (it: it.darwinConfigurations or {}) dataWithoutPaths); + }; +in + outputs + // { + inherit data; # for debugging purposes + + # NixOS's unit tests. + # unit-tests = haumea.lib.loadEvalTests { + # src = ./tests; + # inputs = args; + # }; + } diff --git a/outputs/x86_64-darwin/src/harnomica.nix b/outputs/x86_64-darwin/src/harnomica.nix new file mode 100644 index 00000000..2ae441e8 --- /dev/null +++ b/outputs/x86_64-darwin/src/harnomica.nix @@ -0,0 +1,36 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "harmonica"; + + modules = { + darwin-modules = + (map mylib.relativeToRoot [ + # common + "secrets/darwin.nix" + "modules/darwin" + # host specific + "hosts/darwin-${name}" + ]) + ++ []; + + home-module.imports = map mylib.relativeToRoot [ + "hosts/darwin-${name}/home.nix" + "home/darwin" + ]; + }; + + systemArgs = modules // args; +in { + # macOS's configuration + darwinConfigurations.${name} = mylib.macosSystem systemArgs; +} diff --git a/outputs/x86_64-linux/default.nix b/outputs/x86_64-linux/default.nix new file mode 100644 index 00000000..4f5d9b7a --- /dev/null +++ b/outputs/x86_64-linux/default.nix @@ -0,0 +1,37 @@ +{ + lib, + inputs, + ... +} @ args: let + inherit (inputs) haumea; + + # Contains all the flake outputs of this system architecture. + data = haumea.lib.load { + src = ./src; + inputs = args; + }; + # nix file names is redundant, so we remove it. + dataWithoutPaths = builtins.attrValues data; + + # Merge all the machine's data into a single attribute set. + outputs = { + nixosConfigurations = lib.attrsets.mergeAttrsList (map (it: it.nixosConfigurations or {}) dataWithoutPaths); + packages = lib.attrsets.mergeAttrsList (map (it: it.packages or {}) dataWithoutPaths); + # colmena contains some meta info, which need to be merged carefully. + colmena-meta = { + nodeNixpkgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeNixpkgs or {}) dataWithoutPaths); + nodeSpecialArgs = lib.attrsets.mergeAttrsList (map (it: it.colmena-meta.nodeSpecialArgs or {}) dataWithoutPaths); + }; + colmena = lib.attrsets.mergeAttrsList (map (it: it.colmena or {}) dataWithoutPaths); + }; +in + outputs + // { + inherit data; # for debugging purposes + + # NixOS's unit tests. + # unit-tests = haumea.lib.loadEvalTests { + # src = ./tests; + # inputs = args; + # }; + } diff --git a/outputs/x86_64-linux/src/12kindoms-shoukei.nix b/outputs/x86_64-linux/src/12kindoms-shoukei.nix new file mode 100644 index 00000000..7e1d7999 --- /dev/null +++ b/outputs/x86_64-linux/src/12kindoms-shoukei.nix @@ -0,0 +1,77 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + myvars, + mylib, + system, + genSpecialArgs, + ... +} @ args: let + # Shoukei (祥瓊, Shōkei) + name = "shoukei"; + base-modules = { + nixos-modules = map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/desktop.nix" + # host specific + "hosts/12kingdoms-${name}" + ]; + home-module.imports = map mylib.relativeToRoot [ + # common + "home/linux/desktop.nix" + # host specific + "hosts/12kindoms-${name}/home.nix" + ]; + }; + + modules-i3 = { + nixos-modules = + [ + { + modules.desktop.xorg.enable = true; + modules.secrets.desktop.enable = true; + modules.secrets.impermanence.enable = true; + } + ] + ++ base-modules.nixos-modules; + home-module.imports = + [ + {modules.desktop.i3.enable = true;} + ] + ++ base-modules.home-module.imports; + }; + + modules-hyprland = { + nixos-modules = + [ + { + modules.desktop.wayland.enable = true; + modules.secrets.desktop.enable = true; + modules.secrets.impermanence.enable = true; + } + ] + ++ base-modules.nixos-modules; + home-module.imports = + [ + {modules.desktop.hyprland.enable = true;} + ] + ++ base-modules.home-module.imports; + }; +in { + nixosConfigurations = { + # with i3 window manager + "${name}-i3" = mylib.nixosSystem (modules-i3 // args); + # host with hyprland compositor + "${name}-hyprland" = mylib.nixosSystem (modules-hyprland // args); + }; + + # generate iso image for hosts with desktop environment + packages = { + "${name}-i3" = inputs.self.nixosConfigurations."${name}-i3".config.formats.iso; + "${name}-hyprland" = inputs.self.nixosConfigurations."${name}-hyprland".config.formats.iso; + }; +} diff --git a/outputs/x86_64-linux/src/homelab-tailscale-gw.nix b/outputs/x86_64-linux/src/homelab-tailscale-gw.nix new file mode 100644 index 00000000..0c4723dd --- /dev/null +++ b/outputs/x86_64-linux/src/homelab-tailscale-gw.nix @@ -0,0 +1,37 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "tailscale-gw"; + tags = [name "homelab-network"]; + ssh-user = "root"; + + modules = { + nixos-modules = map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/homelab-${name}" + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/idols-ai.nix b/outputs/x86_64-linux/src/idols-ai.nix new file mode 100644 index 00000000..d617ad88 --- /dev/null +++ b/outputs/x86_64-linux/src/idols-ai.nix @@ -0,0 +1,77 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + myvars, + mylib, + system, + genSpecialArgs, + ... +} @ args: let + # 星野 アイ, Hoshino Ai + name = "ai"; + base-modules = { + nixos-modules = map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/desktop.nix" + # host specific + "hosts/idols-${name}" + ]; + home-module.imports = map mylib.relativeToRoot [ + # common + "home/linux/desktop.nix" + # host specific + "hosts/idols-${name}/home.nix" + ]; + }; + + modules-i3 = { + nixos-modules = + [ + { + modules.desktop.xorg.enable = true; + modules.secrets.desktop.enable = true; + modules.secrets.impermanence.enable = true; + } + ] + ++ base-modules.nixos-modules; + home-module.imports = + [ + {modules.desktop.i3.enable = true;} + ] + ++ base-modules.home-module.imports; + }; + + modules-hyprland = { + nixos-modules = + [ + { + modules.desktop.wayland.enable = true; + modules.secrets.desktop.enable = true; + modules.secrets.impermanence.enable = true; + } + ] + ++ base-modules.nixos-modules; + home-module.imports = + [ + {modules.desktop.hyprland.enable = true;} + ] + ++ base-modules.home-module.imports; + }; +in { + nixosConfigurations = { + # with i3 window manager + "${name}-i3" = mylib.nixosSystem (modules-i3 // args); + # host with hyprland compositor + "${name}-hyprland" = mylib.nixosSystem (modules-hyprland // args); + }; + + # generate iso image for hosts with desktop environment + packages = { + "${name}-i3" = inputs.self.nixosConfigurations."${name}-i3".config.formats.iso; + "${name}-hyprland" = inputs.self.nixosConfigurations."${name}-hyprland".config.formats.iso; + }; +} diff --git a/outputs/x86_64-linux/src/idols-aquamarine.nix b/outputs/x86_64-linux/src/idols-aquamarine.nix new file mode 100644 index 00000000..0cb31407 --- /dev/null +++ b/outputs/x86_64-linux/src/idols-aquamarine.nix @@ -0,0 +1,42 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 星野 愛久愛海, Hoshino Akuamarin + name = "aquamarine"; + tags = ["aqua" "homelab-network"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/idols-${name}" + ]) + ++ [ + {modules.secrets.server.network.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/idols-kana.nix b/outputs/x86_64-linux/src/idols-kana.nix new file mode 100644 index 00000000..91fc62fe --- /dev/null +++ b/outputs/x86_64-linux/src/idols-kana.nix @@ -0,0 +1,42 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 有馬 かな, Arima Kana + name = "kana"; + tags = [name "homelab-app"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/idols-${name}" + ]) + ++ [ + {modules.secrets.server.application.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/idols-ruby.nix b/outputs/x86_64-linux/src/idols-ruby.nix new file mode 100644 index 00000000..4777d1f5 --- /dev/null +++ b/outputs/x86_64-linux/src/idols-ruby.nix @@ -0,0 +1,45 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + # 星野 瑠美衣, Hoshino Rubii + name = "ruby"; + tags = [name "homelab-operation"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/idols-${name}" + ]) + ++ [ + {modules.secrets.server.operation.enable = true;} + ]; + home-modules.imports = map mylib.relativeToRoot [ + "home/linux/server.nix" + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-master-1.nix b/outputs/x86_64-linux/src/k3s-prod-1-master-1.nix new file mode 100644 index 00000000..58ceecba --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-master-1.nix @@ -0,0 +1,44 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-master-1"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + home-modules.imports = map mylib.relativeToRoot [ + "home/linux/server.nix" + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-master-2.nix b/outputs/x86_64-linux/src/k3s-prod-1-master-2.nix new file mode 100644 index 00000000..757eae3a --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-master-2.nix @@ -0,0 +1,41 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-master-2"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-master-3.nix b/outputs/x86_64-linux/src/k3s-prod-1-master-3.nix new file mode 100644 index 00000000..aa375d9d --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-master-3.nix @@ -0,0 +1,41 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-master-3"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-worker-1.nix b/outputs/x86_64-linux/src/k3s-prod-1-worker-1.nix new file mode 100644 index 00000000..2f7cfb3f --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-worker-1.nix @@ -0,0 +1,41 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-worker-1"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-worker-2.nix b/outputs/x86_64-linux/src/k3s-prod-1-worker-2.nix new file mode 100644 index 00000000..b3d1c7f0 --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-worker-2.nix @@ -0,0 +1,41 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-worker-2"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/k3s-prod-1-worker-3.nix b/outputs/x86_64-linux/src/k3s-prod-1-worker-3.nix new file mode 100644 index 00000000..913b883b --- /dev/null +++ b/outputs/x86_64-linux/src/k3s-prod-1-worker-3.nix @@ -0,0 +1,41 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "k3s-prod-1-worker-3"; + tags = [name]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + # generate proxmox image for virtual machines without desktop environment + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.proxmox; +} diff --git a/outputs/x86_64-linux/src/kubevirt-shoryu.nix b/outputs/x86_64-linux/src/kubevirt-shoryu.nix new file mode 100644 index 00000000..b79067d5 --- /dev/null +++ b/outputs/x86_64-linux/src/kubevirt-shoryu.nix @@ -0,0 +1,40 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "kubevirt-shoryu"; + tags = [name "virt-shoryu"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + # {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.iso; +} diff --git a/outputs/x86_64-linux/src/kubevirt-shushou.nix b/outputs/x86_64-linux/src/kubevirt-shushou.nix new file mode 100644 index 00000000..2ea2db29 --- /dev/null +++ b/outputs/x86_64-linux/src/kubevirt-shushou.nix @@ -0,0 +1,40 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "kubevirt-shushou"; + tags = [name "virt-shushou"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + # {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.iso; +} diff --git a/outputs/x86_64-linux/src/kubevirt-youko.nix b/outputs/x86_64-linux/src/kubevirt-youko.nix new file mode 100644 index 00000000..222b18a8 --- /dev/null +++ b/outputs/x86_64-linux/src/kubevirt-youko.nix @@ -0,0 +1,40 @@ +{ + # NOTE: the args not used in this file CAN NOT be removed! + # because haumea pass argument lazily, + # and these arguments are used in the functions like `mylib.nixosSystem`, `mylib.colmenaSystem`, etc. + inputs, + lib, + mylib, + myvars, + system, + genSpecialArgs, + ... +} @ args: let + name = "kubevirt-youko"; + tags = [name "virt-youko"]; + ssh-user = "root"; + + modules = { + nixos-modules = + (map mylib.relativeToRoot [ + # common + "secrets/nixos.nix" + "modules/nixos/server/server.nix" + "modules/nixos/server/proxmox-hardware-configuration.nix" + # host specific + "hosts/k8s/${name}" + ]) + ++ [ + # {modules.secrets.server.kubernetes.enable = true;} + ]; + }; + + systemArgs = modules // args; +in { + nixosConfigurations.${name} = mylib.nixosSystem systemArgs; + + colmena.${name} = + mylib.colmenaSystem (systemArgs // {inherit tags ssh-user;}); + + packages.${name} = inputs.self.nixosConfigurations.${name}.config.formats.iso; +} diff --git a/secrets/darwin.nix b/secrets/darwin.nix index 9408e59a..f39275c2 100644 --- a/secrets/darwin.nix +++ b/secrets/darwin.nix @@ -3,7 +3,7 @@ pkgs, agenix, mysecrets, - username, + myvars, ... }: { imports = [ @@ -31,7 +31,7 @@ }; user_readable = { mode = "0500"; - owner = username; + owner = myvars.username; }; in { # --------------------------------------------- @@ -128,7 +128,7 @@ system.activationScripts.postActivation.text = '' ${pkgs.nushell}/bin/nu -c ' if (ls /etc/agenix/ | length) > 0 { - sudo chown ${username} /etc/agenix/* + sudo chown ${myvars.username} /etc/agenix/* } ' ''; diff --git a/secrets/nixos.nix b/secrets/nixos.nix index fcbf248a..2bf285fc 100644 --- a/secrets/nixos.nix +++ b/secrets/nixos.nix @@ -4,7 +4,7 @@ pkgs, agenix, mysecrets, - username, + myvars, ... }: with lib; let @@ -20,7 +20,7 @@ with lib; let }; user_readable = { mode = "0500"; - owner = username; + owner = myvars.username; }; in { imports = [ @@ -160,7 +160,7 @@ in { "agenix/ssh-key-romantic" = { source = config.age.secrets."ssh-key-romantic".path; mode = "0600"; - user = username; + user = myvars.username; }; "agenix/ryan4yin-gpg-subkeys.priv.age" = { diff --git a/systems/README.md b/systems/README.md deleted file mode 100644 index 62fac957..00000000 --- a/systems/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Systems - -As the configuration was constantly updated, my `flake.nix` gradually became bloated, so I split the system-related logic here from flake.nix. - -- `default.nix`: Some specialArgs and other parameters common to all systems are defined here, and all other nix files in this folder are imported here. -- `colmena.nix`: My NixOS servers deployed via colmena. -- `darwin.nix`: My Macbooks -- `nixos.nix`: My NixOS desktops & servers. -- `vars.nix`: Some host-related variables. Imported by `default.nix`. -- `vars_networking.nix`: All the static IP addresses, gateway, dns server, etc. Imported by `default.nix`. - diff --git a/systems/colmena.nix b/systems/colmena.nix deleted file mode 100644 index 4e830ccb..00000000 --- a/systems/colmena.nix +++ /dev/null @@ -1,156 +0,0 @@ -args: -with args; -with mylib; -with allSystemAttrs; let - # x86_64 related - x64_base_args = { - inherit home-manager; - inherit nixpkgs; # or nixpkgs-unstable - specialArgs = allSystemSpecialArgs.x64_system; - targetUser = "root"; - }; - - # riscv64 related - # using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache. - lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs {system = x64_system;}; - lpi4a_specialArgs = - { - inherit username userfullname useremail; - pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross; - } - // args; - lpi4a_base_args = { - inherit home-manager; - inherit (nixos-licheepi4a.inputs) nixpkgs; # or nixpkgs-unstable - specialArgs = lpi4a_specialArgs; - targetUser = "root"; - }; - - # aarch64 related - rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = aarch64_system;}; - # aarch64 related - rk3588_specialArgs = let - # using the same nixpkgs as nixos-rk3588 - inherit (nixos-rk3588.inputs) nixpkgs; - # use aarch64-linux's native toolchain - pkgsKernel = import nixpkgs { - system = aarch64_system; - }; - in - allSystemSpecialArgs.aarch64_system - // { - inherit nixpkgs; - # Provide rk3588 inputs as special argument - rk3588 = {inherit nixpkgs pkgsKernel;}; - }; - rk3588_base_args = { - inherit home-manager; - inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable - specialArgs = rk3588_specialArgs; - targetUser = "root"; - }; -in { - # colmena - remote deployment via SSH - colmena = { - meta = { - nixpkgs = import nixpkgs {system = x64_system;}; - specialArgs = allSystemSpecialArgs.x64_system; - - nodeSpecialArgs = { - # riscv64 SBCs - nozomi = lpi4a_specialArgs; - yukina = lpi4a_specialArgs; - - # aarch64 SBCs - suzu = rk3588_specialArgs; - rakushun = rk3588_specialArgs; - }; - nodeNixpkgs = { - nozomi = lpi4a_pkgs; - yukina = lpi4a_pkgs; - - # aarch64 SBCs - suzu = rk3588_pkgs; - rakushun = rk3588_pkgs; - }; - }; - - # proxmox virtual machines(x86_64) - aquamarine = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - idol_aquamarine_modules - {host_tags = idol_aquamarine_tags;} - ]); - ruby = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - idol_ruby_modules - {host_tags = idol_ruby_tags;} - ]); - kana = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - idol_kana_modules - {host_tags = idol_kana_tags;} - ]); - - k3s_prod_1_master_1 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_master_1_modules - {host_tags = k3s_prod_1_master_1_tags;} - ]); - k3s_prod_1_master_2 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_master_2_modules - {host_tags = k3s_prod_1_master_2_tags;} - ]); - k3s_prod_1_master_3 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_master_3_modules - {host_tags = k3s_prod_1_master_3_tags;} - ]); - k3s_prod_1_worker_1 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_worker_1_modules - {host_tags = k3s_prod_1_worker_1_tags;} - ]); - k3s_prod_1_worker_2 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_worker_2_modules - {host_tags = k3s_prod_1_worker_2_tags;} - ]); - k3s_prod_1_worker_3 = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - k3s_prod_1_worker_3_modules - {host_tags = k3s_prod_1_worker_3_tags;} - ]); - - tailscale_gw = colmenaSystem (attrs.mergeAttrsList [ - x64_base_args - homelab_tailscale_gw_modules - {host_tags = homelab_tailscale_gw_tags;} - ]); - - # riscv64 SBCs - nozomi = colmenaSystem (attrs.mergeAttrsList [ - lpi4a_base_args - rolling_nozomi_modules - {host_tags = rolling_nozomi_tags;} - ]); - yukina = colmenaSystem (attrs.mergeAttrsList [ - lpi4a_base_args - rolling_yukina_modules - {host_tags = rolling_yukina_tags;} - ]); - - # aarch64 SBCs - suzu = colmenaSystem (attrs.mergeAttrsList [ - rk3588_base_args - _12kingdoms_suzu_modules - {host_tags = _12kingdoms_suzu_tags;} - ]); - rakushun = colmenaSystem (attrs.mergeAttrsList [ - rk3588_base_args - _12kingdoms_rakushun_modules - {host_tags = _12kingdoms_rakushun_tags;} - ]); - }; -} diff --git a/systems/darwin.nix b/systems/darwin.nix deleted file mode 100644 index 0bd44b77..00000000 --- a/systems/darwin.nix +++ /dev/null @@ -1,34 +0,0 @@ -args: -with args; -with mylib; -with allSystemAttrs; let - base_args = { - inherit nix-darwin home-manager; - nixpkgs = nixpkgs-darwin; - }; -in { - # macOS's configuration - darwinConfigurations = { - harmonica = macosSystem ( - attrs.mergeAttrsList [ - base_args - darwin_harmonica_modules - { - system = allSystemAttrs.x64_darwin; - specialArgs = allSystemSpecialArgs.x64_darwin; - } - ] - ); - - fern = macosSystem ( - attrs.mergeAttrsList [ - base_args - darwin_fern_modules - { - system = aarch64_darwin; - specialArgs = allSystemSpecialArgs.aarch64_darwin; - } - ] - ); - }; -} diff --git a/systems/default.nix b/systems/default.nix deleted file mode 100644 index b84fb2db..00000000 --- a/systems/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - self, - inputs, - constants, -}: let - inherit (inputs.nixpkgs) lib; - mylib = import ../lib {inherit lib;}; - vars = import ./vars.nix; - vars_networking = import ./vars_networking.nix {inherit lib;}; - - specialArgsForSystem = system: - { - inherit (constants) username userfullname useremail; - inherit mylib vars_networking; - # use unstable branch for some packages to get the latest updates - pkgs-unstable = import inputs.nixpkgs-unstable { - inherit system; # refer the `system` parameter form outer scope recursively - # To use chrome, we need to allow the installation of non-free software - config.allowUnfree = true; - }; - pkgs-stable = import inputs.nixpkgs-stable { - inherit system; - # To use chrome, we need to allow the installation of non-free software - config.allowUnfree = true; - }; - } - // inputs; - - allSystemSpecialArgs = - mylib.attrs.mapAttrs - (_: specialArgsForSystem) - constants.allSystemAttrs; - - args = mylib.attrs.mergeAttrsList [ - inputs - constants - vars - {inherit self lib mylib allSystemSpecialArgs;} - ]; -in - mylib.attrs.mergeAttrsList [ - (import ./nixos.nix args) - (import ./darwin.nix args) - (import ./colmena.nix args) - ] diff --git a/systems/nixos.nix b/systems/nixos.nix deleted file mode 100644 index d3168d67..00000000 --- a/systems/nixos.nix +++ /dev/null @@ -1,95 +0,0 @@ -args: -with args; -with mylib; -with allSystemAttrs; let - base_args = { - inherit home-manager nixos-generators; - inherit nixpkgs; # or nixpkgs-unstable - system = x64_system; - specialArgs = allSystemSpecialArgs.x64_system; - }; - - # aarch64 related - rk3588_specialArgs = let - # using the same nixpkgs as nixos-rk3588 - inherit (nixos-rk3588.inputs) nixpkgs; - # use aarch64-linux's native toolchain - pkgsKernel = import nixpkgs { - system = aarch64_system; - }; - in - allSystemSpecialArgs.aarch64_system - // { - inherit nixpkgs; - # Provide rk3588 inputs as special argument - rk3588 = {inherit nixpkgs pkgsKernel;}; - }; - rk3588_base_args = { - inherit home-manager nixos-generators; - inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable - system = aarch64_system; - specialArgs = rk3588_specialArgs; - }; -in { - nixosConfigurations = { - # ai with i3 window manager - ai_i3 = nixosSystem (idol_ai_modules_i3 // base_args); - # ai with hyprland compositor - ai_hyprland = nixosSystem (idol_ai_modules_hyprland // base_args); - - # shoukei - shoukei_i3 = nixosSystem (_12kingdoms_shoukei_modules_i3 // base_args); - shoukei_hyprland = nixosSystem (_12kingdoms_shoukei_modules_hyprland // base_args); - - # three virtual machines without desktop environment. - aquamarine = nixosSystem (idol_aquamarine_modules // base_args); - ruby = nixosSystem (idol_ruby_modules // base_args); - kana = nixosSystem (idol_kana_modules // base_args); - - k3s_prod_1_master_1 = nixosSystem (k3s_prod_1_master_1_modules // base_args); - k3s_prod_1_master_2 = nixosSystem (k3s_prod_1_master_2_modules // base_args); - k3s_prod_1_master_3 = nixosSystem (k3s_prod_1_master_3_modules // base_args); - k3s_prod_1_worker_1 = nixosSystem (k3s_prod_1_worker_1_modules // base_args); - k3s_prod_1_worker_2 = nixosSystem (k3s_prod_1_worker_2_modules // base_args); - k3s_prod_1_worker_3 = nixosSystem (k3s_prod_1_worker_3_modules // base_args); - - tailscale_gw = nixosSystem (homelab_tailscale_gw_modules // base_args); - - # aarch64 hosts - suzu = nixosSystem (_12kingdoms_suzu_modules // rk3588_base_args); - rakushun = nixosSystem (_12kingdoms_rakushun_modules // rk3588_base_args); - }; - - # https://github.com/nix-community/nixos-generators - packages."${x64_system}" = attrs.mergeAttrsList [ - ( - attrs.listToAttrs - [ - "ai_i3" - "ai_hyprland" - ] - # generate iso image for hosts with desktop environment - (host: self.nixosConfigurations.${host}.config.formats.iso) - ) - - ( - attrs.listToAttrs - [ - "aquamarine" - "ruby" - "kana" - - "k3s_prod_1_master_1" - "k3s_prod_1_master_2" - "k3s_prod_1_master_3" - "k3s_prod_1_worker_1" - "k3s_prod_1_worker_2" - "k3s_prod_1_worker_3" - - "tailscale_gw" - ] - # generate proxmox image for virtual machines without desktop environment - (host: self.nixosConfigurations.${host}.config.formats.proxmox) - ) - ]; -} diff --git a/systems/vars.nix b/systems/vars.nix deleted file mode 100644 index 02816edb..00000000 --- a/systems/vars.nix +++ /dev/null @@ -1,320 +0,0 @@ -let - desktop_base_modules = { - nixos-modules = [ - ../secrets/nixos.nix - ../modules/nixos/desktop.nix - ]; - home-module.imports = [ - ../home/linux/desktop.nix - ]; - }; - - pve_base_modules = { - nixos-modules = [ - ../secrets/nixos.nix - ../modules/nixos/server/server.nix - ../modules/nixos/server/proxmox-hardware-configuration.nix - ]; - }; - kube_base_modules = { - nixos-modules = [ - ../secrets/nixos.nix - ../modules/nixos/server/server.nix - ../modules/nixos/server/proxmox-hardware-configuration.nix - {modules.secrets.server.kubernetes.enable = true;} - ]; - }; -in { - # --- Desktop Systems --- # - - # 星野 アイ, Hoshino Ai - idol_ai_modules_i3 = { - nixos-modules = - [ - ../hosts/idols_ai - { - modules.desktop.xorg.enable = true; - modules.secrets.desktop.enable = true; - modules.secrets.impermanence.enable = true; - } - ] - ++ desktop_base_modules.nixos-modules; - home-module.imports = - [ - ../hosts/idols_ai/home.nix - {modules.desktop.i3.enable = true;} - ] - ++ desktop_base_modules.home-module.imports; - }; - - idol_ai_modules_hyprland = { - nixos-modules = - [ - ../hosts/idols_ai - { - modules.desktop.wayland.enable = true; - modules.secrets.desktop.enable = true; - modules.secrets.impermanence.enable = true; - } - ] - ++ desktop_base_modules.nixos-modules; - home-module.imports = - [ - ../hosts/idols_ai/home.nix - {modules.desktop.hyprland.enable = true;} - ] - ++ desktop_base_modules.home-module.imports; - }; - - # --- Homelab Systems --- # - - # 星野 愛久愛海, Hoshino Akuamarin - idol_aquamarine_modules = { - nixos-modules = - [ - ../hosts/idols_aquamarine - ../modules/nixos/server/proxmox-hardware-configuration.nix - {modules.secrets.server.network.enable = true;} - ] - ++ pve_base_modules.nixos-modules; - # home-module.imports = []; - }; - idol_aquamarine_tags = ["aqua" "homelab-network"]; - - # 星野 瑠美衣, Hoshino Rubii - idol_ruby_modules = { - nixos-modules = - [ - ../hosts/idols_ruby - {modules.secrets.server.operation.enable = true;} - ] - ++ pve_base_modules.nixos-modules; - home-module.imports = [ - ../home/linux/server.nix - ]; - }; - idol_ruby_tags = ["ruby" "homelab-operation"]; - - # 有馬 かな, Arima Kana - idol_kana_modules = { - nixos-modules = - [ - ../hosts/idols_kana - {modules.secrets.server.application.enable = true;} - ] - ++ pve_base_modules.nixos-modules; - # home-module.imports = []; - }; - idol_kana_tags = ["kana" "homelab-app"]; - - homelab_tailscale_gw_modules = { - nixos-modules = - [ - ../hosts/homelab_tailscale_gw - ] - ++ pve_base_modules.nixos-modules; - # home-module.imports = []; - }; - homelab_tailscale_gw_tags = ["tailscale-gw" "homelab-network"]; - - # --- Kubevirt Nodes --- # - kubevirt_shoryu_modules = { - nixos-modules = - [ - ../hosts/k8s/kubevirt_shoryu - ] - ++ kube_base_modules.nixos-modules; - home-module.imports = [ - ../home/linux/server.nix - ]; - }; - kubevirt_shoryu_tags = ["virt-shoryu"]; - - kubevirt_shushou_modules = { - nixos-modules = - [ - ../hosts/k8s/kubevirt_shushou - ] - ++ kube_base_modules.nixos-modules; - home-module.imports = [ - ../home/linux/server.nix - ]; - }; - kubevirt_shushou_tags = ["virt-shushou"]; - - kubevirt_youko_modules = { - nixos-modules = - [ - ../hosts/k8s/kubevirt_youko - ] - ++ kube_base_modules.nixos-modules; - home-module.imports = [ - ../home/linux/server.nix - ]; - }; - kubevirt_youko_tags = ["virt-youko"]; - - # --- Kubernetes Nodes --- # - - k3s_prod_1_master_1_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_master_1 - ] - ++ kube_base_modules.nixos-modules; - home-module.imports = [ - ../home/linux/server.nix - ]; - }; - k3s_prod_1_master_1_tags = ["k8s-prod-master-1"]; - - k3s_prod_1_master_2_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_master_2 - ] - ++ kube_base_modules.nixos-modules; - }; - k3s_prod_1_master_2_tags = ["k8s-prod-master-2"]; - - k3s_prod_1_master_3_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_master_3 - ] - ++ kube_base_modules.nixos-modules; - }; - k3s_prod_1_master_3_tags = ["k8s-prod-master-3"]; - - k3s_prod_1_worker_1_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_worker_1 - ] - ++ kube_base_modules.nixos-modules; - }; - k3s_prod_1_worker_1_tags = ["k8s-prod-worker-1"]; - - k3s_prod_1_worker_2_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_worker_2 - ] - ++ kube_base_modules.nixos-modules; - }; - k3s_prod_1_worker_2_tags = ["k8s-prod-worker-2"]; - - k3s_prod_1_worker_3_modules = { - nixos-modules = - [ - ../hosts/k8s/k3s_prod_1_worker_3 - ] - ++ kube_base_modules.nixos-modules; - }; - k3s_prod_1_worker_3_tags = ["k8s-prod-worker-3"]; - - # --- RISC-V / AARCH64 Systems --- # - - # 森友 望未, Moritomo Nozomi - rolling_nozomi_modules = { - nixos-modules = [ - ../hosts/rolling_girls_nozomi - ../modules/nixos/server/server-riscv64.nix - - # cross-compilation this flake. - {nixpkgs.crossSystem.system = "riscv64-linux";} - ]; - # home-module.imports = []; - }; - rolling_nozomi_tags = ["riscv" "nozomi"]; - - # 小坂 結季奈, Kosaka Yukina - rolling_yukina_modules = { - nixos-modules = [ - ../hosts/rolling_girls_yukina - ../modules/nixos/server/server-riscv64.nix - - # cross-compilation this flake. - {nixpkgs.crossSystem.system = "riscv64-linux";} - ]; - # home-module.imports = []; - }; - rolling_yukina_tags = ["riscv" "yukina"]; - - # 大木 鈴, Ōki Suzu - _12kingdoms_suzu_modules = { - nixos-modules = [ - ../hosts/12kingdoms_suzu - ../modules/nixos/server/server-aarch64.nix - ]; - # home-module.imports = []; - }; - _12kingdoms_suzu_tags = ["aarch" "suzu"]; - - # 楽俊, Rakushun - _12kingdoms_rakushun_modules = { - nixos-modules = [ - ../hosts/12kingdoms_rakushun - ../modules/nixos/server/server-aarch64.nix - ]; - # home-module.imports = []; - }; - _12kingdoms_rakushun_tags = ["aarch" "rakushun"]; - - # Shoukei (祥瓊, Shōkei) - _12kingdoms_shoukei_modules_i3 = { - nixos-modules = - [ - ../hosts/12kingdoms_shoukei - {modules.desktop.xorg.enable = true;} - ] - ++ desktop_base_modules.nixos-modules; - home-module.imports = - [ - ../hosts/12kingdoms_shoukei/home.nix - {modules.desktop.i3.enable = true;} - ] - ++ desktop_base_modules.home-module.imports; - }; - - _12kingdoms_shoukei_modules_hyprland = { - nixos-modules = - [ - ../hosts/12kingdoms_shoukei - {modules.desktop.wayland.enable = true;} - ] - ++ desktop_base_modules.nixos-modules; - home-module.imports = - [ - ../hosts/12kingdoms_shoukei/home.nix - {modules.desktop.hyprland.enable = true;} - ] - ++ desktop_base_modules.home-module.imports; - }; - - # --- Darwin Systems --- # - darwin_harmonica_modules = { - darwin-modules = [ - ../hosts/darwin_harmonica - - ../modules/darwin - ../secrets/darwin.nix - ]; - home-module.imports = [ - ../hosts/darwin_harmonica/home.nix - ../home/darwin - ]; - }; - darwin_fern_modules = { - darwin-modules = [ - ../hosts/darwin_fern - - ../modules/darwin - ../secrets/darwin.nix - ]; - home-module.imports = [ - ../hosts/darwin_fern/home.nix - ../home/darwin - ]; - }; -} diff --git a/vars/default.nix b/vars/default.nix new file mode 100644 index 00000000..966b26de --- /dev/null +++ b/vars/default.nix @@ -0,0 +1,6 @@ +{lib}: { + username = "ryan"; + userfullname = "Ryan Yin"; + useremail = "xiaoyin_c@qq.com"; + networking = import ./networking.nix {inherit lib;}; +} diff --git a/systems/vars_networking.nix b/vars/networking.nix similarity index 99% rename from systems/vars_networking.nix rename to vars/networking.nix index 32841d0e..339ca3f6 100644 --- a/systems/vars_networking.nix +++ b/vars/networking.nix @@ -1,4 +1,4 @@ -{lib, ...}: rec { +{lib}: rec { mainGateway = "192.168.5.1"; # main router defaultGateway = "192.168.5.101"; # subrouter with a transparent proxy nameservers = [