create helpers for creating nixos system and deploy nodes

move machine definitions to separate directory
2023-11-15 13:06:59 +01:00 · 2023-11-15 13:06:59 +01:00 · 37f1e07e74
commit 37f1e07e74
parent 3550a6e8a8
4 changed files with 34 additions and 32 deletions
--- a/flake.nix
+++ b/flake.nix
@ -20,14 +20,16 @@
      system = "x86_64-linux";
      pkgs = nixpkgs.legacyPackages.${system};
      pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
-      machines = {
-        jefke = {
-          name = "jefke";
-          hostname = "jefke.hyp";
-          user-cert = builtins.readFile ./jefke_user_ed25519-cert.pub;
-          host-cert = builtins.readFile ./jefke_host_ed25519-cert.pub;
-        };
-      };
+      machines = import ./machines;
+      mkNixosSystems = systemDef:
+        nixpkgs.lib.foldlAttrs (acc: name: machine:
+          acc // {
+            "${name}" = nixpkgs.lib.nixosSystem (systemDef machine);
+          }) { } machines;
+      mkDeployNodes = nodeDef:
+        nixpkgs.lib.foldlAttrs
+        (acc: name: machine: acc // { "${name}" = nodeDef machine; }) { }
+        machines;
    in {
      devShells.${system}.default = pkgs.mkShell {
        packages = [
@ -40,10 +42,7 @@
      # TODO. if uncommented, nix flake check fails
      # formatter = pkgs.nixfmt;

-      # TODO create helper
-      nixosConfigurations = nixpkgs.lib.foldlAttrs (acc: name: machine:
-        acc // {
-          "${name}" = nixpkgs.lib.nixosSystem {
+      nixosConfigurations = mkNixosSystems (machine: {
        inherit system;
        specialArgs = { inherit machine; };
        modules = [
@ -51,24 +50,19 @@
          agenix.nixosModules.default
          ./configuration.nix
        ];
-          };
-        }) { } machines;
+      });

      deploy = {
        sshUser = "root";
        user = "root";

-        # TODO create helper
-        nodes = nixpkgs.lib.foldlAttrs (acc: name: machine:
-          acc // {
-            "${name}" = {
+        nodes = mkDeployNodes (machine: {
          hostname = machine.hostname;
          profiles.hypervisor = {
            path = deploy-rs.lib.${system}.activate.nixos
-                  self.nixosConfigurations.${name};
+              self.nixosConfigurations.${machine.name};
          };
-            };
-          }) { } machines;
+        });
      };

      checks = builtins.mapAttrs
--- a/machines/default.nix
+++ b/machines/default.nix
@ -0,0 +1,8 @@
+{
+  jefke = {
+    name = "jefke";
+    hostname = "jefke.hyp";
+    user-cert = builtins.readFile ./jefke_user_ed25519-cert.pub;
+    host-cert = builtins.readFile ./jefke_host_ed25519-cert.pub;
+  };
+}
--- a/machines/jefke_host_ed25519-cert.pub
+++ b/machines/jefke_host_ed25519-cert.pub
--- a/machines/jefke_user_ed25519-cert.pub
+++ b/machines/jefke_user_ed25519-cert.pub