parameterize fqdn for k3s SAN

configuration.nix

@@ -112,6 +112,7 @@
   ];
 
   networking = {
+    domain = "hyp";
     firewall.enable = false;
     useDHCP = false;
 

flake.nix

@@ -26,15 +26,20 @@
       machines = import ./machines;
       # TODO: Maybe use mergeAttrLists
       mkNixosSystems = systemDef:
-        nixpkgs.lib.foldlAttrs (acc: name: machine:
+        nixpkgs.lib.foldlAttrs
+          (acc: name: machine:
             acc // {
               "${name}" = nixpkgs.lib.nixosSystem (systemDef machine);
-          }) { } machines;
+            })
+          { }
+          machines;
       mkDeployNodes = nodeDef:
         nixpkgs.lib.foldlAttrs
-        (acc: name: machine: acc // { "${name}" = nodeDef machine; }) { }
+          (acc: name: machine: acc // { "${name}" = nodeDef machine; })
+          { }
           machines;
-    in {
+    in
+    {
       devShells.${system}.default = pkgs.mkShell {
         packages = [
           pkgs.libsecret
@@ -76,6 +81,7 @@
       };
 
       checks = builtins.mapAttrs
-        (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
+        (system: deployLib: deployLib.deployChecks self.deploy)
+        deploy-rs.lib;
     };
 }

modules/custom/k3s.nix

@@ -17,10 +17,10 @@ in {
     environment.systemPackages = [ pkgs.k3s ];
     services.k3s.enable = true;
     services.k3s.role = "server";
-    # Temporary fix: by default the full hostname of the server (jefke.hyp) is not included into the Subject Alternative Name of certificates of the server.
+    # TODO: parameterize data disk mount point.
-    # We can hardcode this as a CLI flag to k3s.
+    services.k3s.extraFlags = "--tls-san ${config.networking.fqdn} --data-dir /mnt/data/k3s";
-    services.k3s.extraFlags = "--tls-san jefke.hyp --data-dir /mnt/data/k3s";
 
+    # TODO: parameterize data disk mount point.
     # TODO: use kubenix for this.
     system.activationScripts.k3s-bootstrap.text =
       let