home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

restructure nixos modules

Browse source
This commit is contained in:
Pim Kunis 2023-12-29 13:41:01 +01:00
parent ace5df1b43
commit 1f5d121fd0
10 changed files with 7 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/default.nix
View file

@ -1,7 +1,7 @@
{ pkgs, config, lib, modulesPath, ... }: { { pkgs, config, lib, modulesPath, ... }: {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
./modules/custom ./modules
]; ];
boot = { boot = {

0
nixos/modules/custom/backups.nix → nixos/modules/backups.nix
View file

0
nixos/modules/custom/data-disk.nix → nixos/modules/data-disk.nix
View file

0
nixos/modules/custom/default.nix → nixos/modules/default.nix
View file

33
nixos/modules/disk-config.nix
View file

@ -1,33 +0,0 @@
{
disko.devices = {
disk = {
vdb = {
device = "/dev/nvme0n1";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "500M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
end = "-4G";
content = {
type = "filesystem";
format = "btrfs";
mountpoint = "/";
};
};
swap = { size = "100%"; };
};
};
};
};
};
}

0
nixos/modules/custom/disko.nix → nixos/modules/disko.nix
View file

0
nixos/modules/custom/k3s/bootstrap.nix → nixos/modules/k3s/bootstrap.nix
View file

0
nixos/modules/custom/k3s/default.nix → nixos/modules/k3s/default.nix
View file

7
nixos/modules/custom/ssh-certificates.nix → nixos/modules/ssh-certificates.nix
View file

@ -3,7 +3,8 @@ let
cfg = config.custom.ssh; cfg = config.custom.ssh;
hostCert = builtins.toFile "host_ed25519-cert.pub" cfg.hostCert; hostCert = builtins.toFile "host_ed25519-cert.pub" cfg.hostCert;
userCert = builtins.toFile "user_ed25519-cert.pub" cfg.userCert; userCert = builtins.toFile "user_ed25519-cert.pub" cfg.userCert;
in { in
{
options = { options = {
custom = { custom = {
ssh = { ssh = {
@ -31,7 +32,7 @@ in {
hostKey = lib.mkOption { hostKey = lib.mkOption {
default = default =
../../secrets/${config.networking.hostName}_host_ed25519.age; ../secrets/${config.networking.hostName}_host_ed25519.age;
type = lib.types.path; type = lib.types.path;
description = '' description = ''
SSH host key SSH host key
@ -40,7 +41,7 @@ in {
userKey = lib.mkOption { userKey = lib.mkOption {
default = default =
../../secrets/${config.networking.hostName}_user_ed25519.age; ../secrets/${config.networking.hostName}_user_ed25519.age;
type = lib.types.path; type = lib.types.path;
description = '' description = ''
SSH user key SSH user key

4
nixos/modules/custom/terraform-database.nix → nixos/modules/terraform-database.nix
View file

@ -30,7 +30,7 @@ in {
settings = settings =
let let
serverCert = builtins.toFile "postgresql_server.crt" serverCert = builtins.toFile "postgresql_server.crt"
(builtins.readFile ../../postgresql_server.crt); (builtins.readFile ../postgresql_server.crt);
in in
{ {
ssl = true; ssl = true;
@ -48,7 +48,7 @@ in {
networking.firewall.allowedTCPPorts = [ 5432 ]; networking.firewall.allowedTCPPorts = [ 5432 ];
age.secrets."postgresql_server.key" = { age.secrets."postgresql_server.key" = {
file = ../../secrets/postgresql_server.key.age; file = ../secrets/postgresql_server.key.age;
mode = "400"; mode = "400";
owner = builtins.toString config.ids.uids.postgres; owner = builtins.toString config.ids.uids.postgres;
group = builtins.toString config.ids.gids.postgres; group = builtins.toString config.ids.gids.postgres;