pim/nixos-configs
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Move Colmena deployment to machine's nixos module

Browse source
This commit is contained in:
Pim Kunis 2024-11-17 22:59:40 +01:00
parent b0a106b332
commit adbea68c91
3 changed files with 56 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
colmena.nix
View file

@ -15,34 +15,6 @@ inputs @ {
};
sue = {
pkgs,
lib,
...
}: let
sops = lib.getExe pkgs.sops;
in {
deployment = {
allowLocalDeployment = true;
targetHost = null;
keys = {
# TODO: Create macro for this
root-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/nixos.sops.yaml"];
name = "keys.txt";
destDir = "/root/.config/sops/age";
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/home.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";
group = "users";
};
};
};
imports = [
(import ./machines).sue.module
./nixos
@ -50,33 +22,6 @@ inputs @ {
};
gamepc = {
pkgs,
lib,
...
}: let
sops = lib.getExe pkgs.sops;
in {
deployment = {
targetHost = "gamepc";
targetUser = "root";
keys = {
root-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/nixos.sops.yaml"];
name = "keys.txt";
destDir = "/root/.config/sops/age";
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";
group = "users";
};
};
};
imports = [
(import ./machines).gamepc.module
./nixos

27
machines/gamepc/default.nix
View file

@ -1,8 +1,12 @@
{
self,
pkgs,
config,
lib,
...
}: {
}: let
sops = lib.getExe pkgs.sops;
in {
config = {
pim = {
cinnamon.enable = true;
@ -14,6 +18,27 @@
home-manager.users.pim.imports = [./home.nix];
programs.steam.enable = true;
deployment = {
targetHost = "gamepc";
targetUser = "root";
keys = {
root-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/nixos.sops.yaml"];
name = "keys.txt";
destDir = "/root/.config/sops/age";
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";
group = "users";
};
};
};
services = {
openssh.enable = true;
tailscale.enable = true;

31
machines/sue/default.nix
View file

@ -1,4 +1,11 @@
{pkgs, ...}: {
{
self,
pkgs,
lib,
...
}: let
sops = lib.getExe pkgs.sops;
in {
config = {
pim = {
lanzaboote.enable = true;
@ -9,6 +16,28 @@
compliance.enable = true;
};
deployment = {
allowLocalDeployment = true;
targetHost = null;
keys = {
# TODO: Create macro for this
root-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/nixos.sops.yaml"];
name = "keys.txt";
destDir = "/root/.config/sops/age";
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/sue/home.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";
group = "users";
};
};
};
services.tailscale.enable = true;
facter.reportPath = ./facter.json;
home-manager.users.pim.imports = [./home.nix];