From adbea68c9180742c4a3f9820092929447475f47b Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 17 Nov 2024 22:59:40 +0100 Subject: [PATCH] Move Colmena deployment to machine's nixos module --- colmena.nix | 55 ------------------------------------- machines/gamepc/default.nix | 27 +++++++++++++++++- machines/sue/default.nix | 31 ++++++++++++++++++++- 3 files changed, 56 insertions(+), 57 deletions(-) diff --git a/colmena.nix b/colmena.nix index 1e196d7..44662ea 100644 --- a/colmena.nix +++ b/colmena.nix @@ -15,34 +15,6 @@ inputs @ { }; sue = { - pkgs, - lib, - ... - }: let - sops = lib.getExe pkgs.sops; - in { - deployment = { - allowLocalDeployment = true; - targetHost = null; - - keys = { - # TODO: Create macro for this - root-sops-age-key = { - keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/nixos.sops.yaml"]; - name = "keys.txt"; - destDir = "/root/.config/sops/age"; - }; - - pim-sops-age-key = { - keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/home.sops.yaml"]; - name = "keys.txt"; - destDir = "/home/pim/.config/sops/age"; - user = "pim"; - group = "users"; - }; - }; - }; - imports = [ (import ./machines).sue.module ./nixos @@ -50,33 +22,6 @@ inputs @ { }; gamepc = { - pkgs, - lib, - ... - }: let - sops = lib.getExe pkgs.sops; - in { - deployment = { - targetHost = "gamepc"; - targetUser = "root"; - - keys = { - root-sops-age-key = { - keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/nixos.sops.yaml"]; - name = "keys.txt"; - destDir = "/root/.config/sops/age"; - }; - - pim-sops-age-key = { - keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"]; - name = "keys.txt"; - destDir = "/home/pim/.config/sops/age"; - user = "pim"; - group = "users"; - }; - }; - }; - imports = [ (import ./machines).gamepc.module ./nixos diff --git a/machines/gamepc/default.nix b/machines/gamepc/default.nix index 970e9a5..e889f1f 100644 --- a/machines/gamepc/default.nix +++ b/machines/gamepc/default.nix @@ -1,8 +1,12 @@ { + self, + pkgs, config, lib, ... -}: { +}: let + sops = lib.getExe pkgs.sops; +in { config = { pim = { cinnamon.enable = true; @@ -14,6 +18,27 @@ home-manager.users.pim.imports = [./home.nix]; programs.steam.enable = true; + deployment = { + targetHost = "gamepc"; + targetUser = "root"; + + keys = { + root-sops-age-key = { + keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/nixos.sops.yaml"]; + name = "keys.txt"; + destDir = "/root/.config/sops/age"; + }; + + pim-sops-age-key = { + keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"]; + name = "keys.txt"; + destDir = "/home/pim/.config/sops/age"; + user = "pim"; + group = "users"; + }; + }; + }; + services = { openssh.enable = true; tailscale.enable = true; diff --git a/machines/sue/default.nix b/machines/sue/default.nix index 226d5d1..7925c9b 100644 --- a/machines/sue/default.nix +++ b/machines/sue/default.nix @@ -1,4 +1,11 @@ -{pkgs, ...}: { +{ + self, + pkgs, + lib, + ... +}: let + sops = lib.getExe pkgs.sops; +in { config = { pim = { lanzaboote.enable = true; @@ -9,6 +16,28 @@ compliance.enable = true; }; + deployment = { + allowLocalDeployment = true; + targetHost = null; + + keys = { + # TODO: Create macro for this + root-sops-age-key = { + keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/nixos.sops.yaml"]; + name = "keys.txt"; + destDir = "/root/.config/sops/age"; + }; + + pim-sops-age-key = { + keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/home.sops.yaml"]; + name = "keys.txt"; + destDir = "/home/pim/.config/sops/age"; + user = "pim"; + group = "users"; + }; + }; + }; + services.tailscale.enable = true; facter.reportPath = ./facter.json; home-manager.users.pim.imports = [./home.nix];