From a9b1f9b419e4db9732a1ec5eef9dcead5a8f183d Mon Sep 17 00:00:00 2001 From: tdback Date: Sun, 26 Jan 2025 11:36:10 -0500 Subject: flake: overhaul on flake, added deploy-rs --- flake.lock | 100 ++++++++++++++-- flake.nix | 337 ++++++++++++++++++++++++++-------------------------- modules/default.nix | 13 +- 3 files changed, 272 insertions(+), 178 deletions(-) diff --git a/flake.lock b/flake.lock index 9c54e90..c80afe6 100644 --- a/flake.lock +++ b/flake.lock @@ -45,6 +45,42 @@ "type": "github" } }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1727447169, + "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -89,16 +125,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1736916166, - "narHash": "sha256-puPDoVKxkuNmYIGMpMQiK8bEjaACcCksolsG36gdaNQ=", - "owner": "nixos", + "lastModified": 1702272962, + "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "e24b4c09e963677b1beea49d411cd315a024ad3a", + "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-24.11", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -119,11 +155,28 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1736916166, + "narHash": "sha256-puPDoVKxkuNmYIGMpMQiK8bEjaACcCksolsG36gdaNQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e24b4c09e963677b1beea49d411cd315a024ad3a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", + "deploy-rs": "deploy-rs", "home-manager": "home-manager_2", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable" } }, @@ -141,6 +194,39 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 2db1764..80598e5 100644 --- a/flake.nix +++ b/flake.nix @@ -10,6 +10,7 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + deploy-rs.url = "github:serokell/deploy-rs"; }; outputs = @@ -18,173 +19,171 @@ helpers = import ./modules { inherit inputs; }; inherit (helpers) mergeSets mkSystem; in - { - nixosConfigurations = mergeSets [ - (mkSystem "frigg" "x86_64-linux" inputs.nixpkgs [ - { - type = "profiles"; - modules = [ - "common" - "podman" - "upgrade" - "wireguard" - "zfs" - ]; - } - { - type = "scripts"; - modules = [ - "motd" - "pushover" - "zquota" - ]; - } - { - type = "services"; - modules = [ - "cgit" - "proxy" - "sftpgo" - "ssh" - ]; - } - ]) - (mkSystem "heimdall" "x86_64-linux" inputs.nixpkgs [ - { - type = "profiles"; - modules = [ - "common" - "upgrade" - ]; - } - { - type = "scripts"; - modules = [ - "motd" - "pushover" - ]; - } - { - type = "services"; - modules = [ - "dns" - "searx" - "ssh" - ]; - } - ]) - (mkSystem "loki" "aarch64-linux" inputs.nixpkgs [ - { - type = "profiles"; - modules = [ - "common" - "upgrade" - ]; - } - { - type = "scripts"; - modules = [ - "motd" - "pushover" - ]; - } - { - type = "services"; - modules = [ - "matrix" - "ssh" - ]; - } - ]) - (mkSystem "odin" "x86_64-linux" inputs.nixpkgs [ - { - type = "containers"; - modules = [ - "freshrss" - "jellyfin" - "lubelogger" - "pinchflat" - "vaultwarden" - "watchtower" - ]; - } - { - type = "profiles"; - modules = [ - "common" - "podman" - "share" - "upgrade" - "wireguard" - "zfs" - ]; - } - { - type = "scripts"; - modules = [ - "motd" - "pushover" - "zquota" - ]; - } - { - type = "services"; - modules = [ - "immich" - "proxy" - "ssh" - ]; - } - ]) - (mkSystem "sparrow" "x86_64-linux" inputs.nixpkgs ( - inputs.nixpkgs.lib.singleton { - type = "profiles"; - modules = [ - "common" - "vpn" - "xorg" - ]; - } - )) - (mkSystem "thor" "x86_64-linux" inputs.nixpkgs [ - { - type = "profiles"; - modules = [ - "common" - "upgrade" - "wireguard" - ]; - } - { - type = "scripts"; - modules = [ - "motd" - "pushover" - ]; - } - { - type = "services"; - modules = [ - "fediverse" - "ssh" - "web" - ]; - } - ]) - (mkSystem "woodpecker" "x86_64-linux" inputs.nixpkgs ( - inputs.nixpkgs.lib.singleton { - type = "profiles"; - modules = [ - "common" - "fstrim" - "libvirtd" - "nvidia" - "steam" - "wireshark" - "xorg" - ]; - } - )) - ]; - }; + mergeSets [ + (mkSystem "frigg" "x86_64-linux" inputs.nixpkgs [ + { + type = "customs"; + modules = [ "cgit" ]; + } + { + type = "profiles"; + modules = [ + "common" + "upgrade" + "wireguard" + "zfs" + ]; + } + { + type = "scripts"; + modules = [ + "motd" + "pushover" + "zquota" + ]; + } + { + type = "services"; + modules = [ + "llm" + "sftpgo" + "ssh" + ]; + } + ]) + (mkSystem "heimdall" "x86_64-linux" inputs.nixpkgs [ + { + type = "profiles"; + modules = [ + "common" + "upgrade" + ]; + } + { + type = "scripts"; + modules = [ + "motd" + "pushover" + ]; + } + { + type = "services"; + modules = [ + "dns" + "searx" + "ssh" + ]; + } + ]) + (mkSystem "loki" "aarch64-linux" inputs.nixpkgs [ + { + type = "profiles"; + modules = [ + "common" + "upgrade" + ]; + } + { + type = "scripts"; + modules = [ + "motd" + "pushover" + ]; + } + { + type = "services"; + modules = [ + "matrix" + "ssh" + ]; + } + ]) + (mkSystem "odin" "x86_64-linux" inputs.nixpkgs [ + { + type = "containers"; + modules = [ + "freshrss" + "jellyfin" + "lubelogger" + "pinchflat" + "vaultwarden" + "watchtower" + ]; + } + { + type = "profiles"; + modules = [ + "common" + "podman" + "upgrade" + "wireguard" + "zfs" + ]; + } + { + type = "scripts"; + modules = [ + "motd" + "pushover" + "zquota" + ]; + } + { + type = "services"; + modules = [ + "immich" + "ssh" + ]; + } + ]) + (mkSystem "sparrow" "x86_64-linux" inputs.nixpkgs ( + inputs.nixpkgs.lib.singleton { + type = "profiles"; + modules = [ + "common" + "vpn" + "xorg" + ]; + } + )) + (mkSystem "thor" "x86_64-linux" inputs.nixpkgs [ + { + type = "profiles"; + modules = [ + "common" + "upgrade" + "wireguard" + ]; + } + { + type = "scripts"; + modules = [ + "motd" + "pushover" + ]; + } + { + type = "services"; + modules = [ + "fediverse" + "ssh" + "website" + ]; + } + ]) + (mkSystem "woodpecker" "x86_64-linux" inputs.nixpkgs ( + inputs.nixpkgs.lib.singleton { + type = "profiles"; + modules = [ + "common" + "fstrim" + "libvirtd" + "nvidia" + "steam" + "wireshark" + "xorg" + ]; + } + )) + ]; } diff --git a/modules/default.nix b/modules/default.nix index 49f08c5..91ab291 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,8 +6,17 @@ let mkModules = moduleAttrList: builtins.concatMap (moduleAttr: genModules moduleAttr) moduleAttrList; in { - mkSystem = hostname: system: nixpkgsVersion: modules: { - ${hostname} = nixpkgsVersion.lib.nixosSystem { + mkSystem = hostname: system: nixpkgsVersion: modules: rec { + deploy.nodes.${hostname} = { + inherit hostname; + profiles.system = { + user = "root"; + sshUser = "tdback"; + path = inputs.deploy-rs.lib.${system}.activate.nixos nixosConfigurations.${hostname}; + }; + }; + + nixosConfigurations.${hostname} = nixpkgsVersion.lib.nixosSystem { inherit system; modules = (mkModules modules) ++ [ "${inputs.self}/hosts/${hostname}" -- cgit v1.2.3