summaryrefslogtreecommitdiffstats
path: root/kartei
diff options
context:
space:
mode:
authorlassulus <git@lassul.us>2023-06-10 12:50:53 +0200
committertv <tv@krebsco.de>2023-06-21 14:47:04 +0200
commite174ef53caafbcee1e8a2ee83d6195f97afb9388 (patch)
tree630c6d61843c4a6df904327316f8c3a02a68dd3d /kartei
parentd59586939d9530ee55a4c5a3310ae13042127e09 (diff)
flake: init
Diffstat (limited to 'kartei')
-rw-r--r--kartei/0x4A6F/default.nix7
-rw-r--r--kartei/dave/default.nix6
-rw-r--r--kartei/dbalan/default.nix9
-rw-r--r--kartei/default.nix2
-rw-r--r--kartei/feliks/default.nix9
-rw-r--r--kartei/jan/default.nix6
-rw-r--r--kartei/jeschli/default.nix8
-rw-r--r--kartei/kmein/default.nix9
-rw-r--r--kartei/krebs/default.nix15
-rw-r--r--kartei/lass/default.nix15
-rw-r--r--kartei/makefu/default.nix16
-rw-r--r--kartei/mic92/default.nix7
-rw-r--r--kartei/others/default.nix9
-rw-r--r--kartei/oxzi/default.nix8
-rw-r--r--kartei/palo/default.nix9
-rw-r--r--kartei/rtunreal/default.nix10
-rw-r--r--kartei/srounce/default.nix7
-rw-r--r--kartei/template/default.nix6
-rw-r--r--kartei/tv/default.nix20
-rw-r--r--kartei/tv/hosts/ni.nix6
-rw-r--r--kartei/xkey/default.nix9
-rw-r--r--kartei/ynnel/default.nix6
22 files changed, 107 insertions, 92 deletions
diff --git a/kartei/0x4A6F/default.nix b/kartei/0x4A6F/default.nix
index 8939f267d..eb3d08e8d 100644
--- a/kartei/0x4A6F/default.nix
+++ b/kartei/0x4A6F/default.nix
@@ -1,12 +1,13 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
users = {
diff --git a/kartei/dave/default.nix b/kartei/dave/default.nix
index 053ec412b..04f226cc1 100644
--- a/kartei/dave/default.nix
+++ b/kartei/dave/default.nix
@@ -1,5 +1,5 @@
-{ config, ... }: let
- lib = import ../../lib;
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
in {
users.dave = {
mail = "hsngrmpf@gmail.com";
@@ -8,7 +8,7 @@ in {
owner = config.krebs.users.dave;
nets.retiolum = {
aliases = [ "dave.r" ];
- ip6.addr = (lib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address;
ip4.addr = "10.243.0.6";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix
index fadf187db..6bf10b921 100644
--- a/kartei/dbalan/default.nix
+++ b/kartei/dbalan/default.nix
@@ -1,6 +1,7 @@
-with import ../../lib;
-{ config, ... }:
+{ config, lib, ... }:
let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
@@ -8,11 +9,11 @@ let
owner = config.krebs.users.dbalan;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
- ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
- ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
in
diff --git a/kartei/default.nix b/kartei/default.nix
index 6024e2351..046efdd7b 100644
--- a/kartei/default.nix
+++ b/kartei/default.nix
@@ -9,7 +9,7 @@ in {
(name: _type: let
path = ./. + "/${name}";
in {
- krebs = import path { inherit config; };
+ krebs = import path { inherit config lib; };
})
(removeTemplate
(lib.filterAttrs
diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix
index e98da7bc6..96c20f602 100644
--- a/kartei/feliks/default.nix
+++ b/kartei/feliks/default.nix
@@ -1,5 +1,6 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
owner = config.krebs.users.feliks;
ci = false;
@@ -7,10 +8,10 @@ with import ../../lib;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill.ip6.addr =
- (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
});
in {
users.feliks = {
diff --git a/kartei/jan/default.nix b/kartei/jan/default.nix
index 72b5cb331..c0e3922a7 100644
--- a/kartei/jan/default.nix
+++ b/kartei/jan/default.nix
@@ -1,5 +1,5 @@
-{ config, ... }: let
- lib = import ../../lib;
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
in {
users.jan = {
@@ -67,7 +67,7 @@ in {
nets.retiolum = {
aliases = [ "grill.r" ];
ip4.addr = "10.243.217.217";
- ip6.addr = (lib.krebs.genipv6 "retiolum" "jan" { hostName = "grill"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "jan" { hostName = "grill"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAs4P6CfRcwFGCqkfv1tyTbbk2eHh08kEqxPNQ655sMKWxMhgRnRII
diff --git a/kartei/jeschli/default.nix b/kartei/jeschli/default.nix
index fe12c16a4..a53ff7a22 100644
--- a/kartei/jeschli/default.nix
+++ b/kartei/jeschli/default.nix
@@ -1,12 +1,12 @@
-with import ../../lib;
-{ config, ... }: let
-
+{ config, lib, ... }: let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = true;
owner = config.krebs.users.jeschli;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address;
});
in {
diff --git a/kartei/kmein/default.nix b/kartei/kmein/default.nix
index 1a5a57d1a..b096e2843 100644
--- a/kartei/kmein/default.nix
+++ b/kartei/kmein/default.nix
@@ -1,6 +1,7 @@
-with import ../../lib;
-{ config, ... }:
+{ config, lib, ... }:
let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else [];
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
@@ -9,11 +10,11 @@ let
owner = config.krebs.users.kmein;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
- ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
- ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix
index 414b66e9f..8a12d6f24 100644
--- a/kartei/krebs/default.nix
+++ b/kartei/krebs/default.nix
@@ -1,11 +1,12 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (lib) flip genAttrs mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
owner = config.krebs.users.krebs;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address;
});
testHosts = genAttrs [
@@ -66,7 +67,6 @@ in {
tinc.pubkey_ed25519 = "D5TYSZW9OAkdnvQ/NL98UgheRC2Zg4SMNZ8M4/KwdeL";
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64";
};
hotdog = {
@@ -100,7 +100,6 @@ in {
tinc.pubkey_ed25519 = "ugy/sGReVro3YzjDuroV/5hdeBdqD18no9dMhTy9DYL";
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
};
news = {
@@ -133,7 +132,6 @@ in {
'';
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo ";
};
onebutton = {
@@ -161,7 +159,6 @@ in {
'';
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe ";
};
ponte = {
@@ -208,7 +205,6 @@ in {
};
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo ";
};
puyak = {
@@ -234,7 +230,6 @@ in {
'';
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY";
syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR";
};
@@ -259,7 +254,6 @@ in {
'';
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc";
};
wolf = {
@@ -296,7 +290,6 @@ in {
'';
};
};
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR";
};
} // testHosts);
diff --git a/kartei/lass/default.nix b/kartei/lass/default.nix
index de776fca0..e5b12f1cb 100644
--- a/kartei/lass/default.nix
+++ b/kartei/lass/default.nix
@@ -1,8 +1,8 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
- r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address;
- w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address;
+ r6 = ip: (slib.krebs.genipv6 "retiolum" "lass" ip).address;
+ w6 = ip: (slib.krebs.genipv6 "wiregrill" "lass" ip).address;
hostFiles =
builtins.map (lib.removeSuffix ".nix") (
builtins.filter
@@ -14,14 +14,17 @@ in {
dns.providers = {
"lassul.us" = "zones";
};
- hosts = mapAttrs (_: recursiveUpdate {
+ hosts = lib.mapAttrs (_: lib.recursiveUpdate {
owner = config.krebs.users.lass;
consul = true;
ci = true;
monitoring = true;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
}) (
- lib.genAttrs hostFiles (host: import (./. + "/${host}.nix") { inherit config krebs lib r6 w6; })
+ lib.genAttrs hostFiles (host: import (./. + "/${host}.nix") {
+ inherit config lib r6 w6;
+ inherit (slib) krebs;
+ })
);
users = rec {
lass = lass-yubikey;
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix
index 5e236d574..5148e7c09 100644
--- a/kartei/makefu/default.nix
+++ b/kartei/makefu/default.nix
@@ -2,8 +2,10 @@
# tinc generate-keys
# ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (builtins) foldl' mapAttrs pathExists readFile;
+ inherit (lib) optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: foldl' recursiveUpdate {} [
{
@@ -19,7 +21,7 @@ with import ../../lib;
"${hostName}.r"
];
ip6.addr =
- (krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address;
};
})
# Retiolum ed25519 keys
@@ -37,7 +39,7 @@ with import ../../lib;
"${hostName}.w"
];
ip6.addr =
- (krebs.genipv6 "wiregrill" "makefu" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "wiregrill" "makefu" { inherit hostName; }).address;
wireguard.pubkey = readFile pubkey-path;
};
})
@@ -54,7 +56,7 @@ with import ../../lib;
];
pub-for = name: builtins.readFile (./ssh + "/${name}.pub");
- w6 = ip: (krebs.genipv6 "wiregrill" "makefu" ip).address;
+ w6 = ip: (slib.krebs.genipv6 "wiregrill" "makefu" ip).address;
in {
hosts = mapAttrs hostDefaults {
cake = rec {
@@ -149,7 +151,7 @@ in {
# pixel3a
telex.nets.wiregrill = {
aliases = ["telex.w"];
- ip6.addr = (krebs.genipv6 "wiregrill" "makefu" { hostName = "telex"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "wiregrill" "makefu" { hostName = "telex"; }).address;
ip4.addr = "10.244.245.4";
};
@@ -255,7 +257,7 @@ in {
ip6.addr = w6 "1";
wireguard.port = 51821;
wireguard.subnets = [
- (krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR
+ (slib.krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR
"10.244.245.0/24" # required for routing directly to gum via rockit
];
};
diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix
index 003c66c66..5b9d41413 100644
--- a/kartei/mic92/default.nix
+++ b/kartei/mic92/default.nix
@@ -1,12 +1,13 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
hosts = mapAttrs hostDefaults {
diff --git a/kartei/others/default.nix b/kartei/others/default.nix
index 68097cdf8..fc4f8644d 100644
--- a/kartei/others/default.nix
+++ b/kartei/others/default.nix
@@ -1,5 +1,6 @@
-with import ../../lib;
-{ config, ... }: let
+{ config, lib, ... }: let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
@@ -7,10 +8,10 @@ with import ../../lib;
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill.ip6.addr =
- (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
diff --git a/kartei/oxzi/default.nix b/kartei/oxzi/default.nix
index a4d23b01a..a1b5a766d 100644
--- a/kartei/oxzi/default.nix
+++ b/kartei/oxzi/default.nix
@@ -1,5 +1,5 @@
-{ config, ... }: let
- lib = import ../../lib;
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
in {
users.oxzi = {
mail = "post@0x21.biz";
@@ -13,7 +13,7 @@ in {
"gosh.r"
];
ip4.addr = "10.243.32.1";
- ip6.addr = (lib.krebs.genipv6 "retiolum" "oxzi" { hostName = "ancha"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "oxzi" { hostName = "ancha"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5RSP7nWZ1c04kvQBxoHqcdRKpJuRDzD3f0Nl2KhS7QsAqHJGdK7T
@@ -39,7 +39,7 @@ in {
"marohu.oxzi.r"
];
ip4.addr = "10.243.32.2";
- ip6.addr = (lib.krebs.genipv6 "retiolum" "oxzi" { hostName = "marohu"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "oxzi" { hostName = "marohu"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxHLkvuH9JMXay/fEmoWTEqLHg9A50EzkxPVBn4nyezgp5vxsUqJz
diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix
index 6fc9a594f..487261acf 100644
--- a/kartei/palo/default.nix
+++ b/kartei/palo/default.nix
@@ -1,6 +1,7 @@
-with import ../../lib;
-{ config, ... }:
+{ config, lib, ... }:
let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
@@ -8,10 +9,10 @@ let
monitoring = false;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill.ip6.addr =
- (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
});
in
diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix
index 9d57c0fce..de6c528fa 100644
--- a/kartei/rtunreal/default.nix
+++ b/kartei/rtunreal/default.nix
@@ -1,6 +1,8 @@
-with import ../../lib;
-{ config, ... }:
+{ config, lib, ... }:
let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
+
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
@@ -8,11 +10,11 @@ let
owner = config.krebs.users.rtunreal;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
- ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
- ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
diff --git a/kartei/srounce/default.nix b/kartei/srounce/default.nix
index ef37cbcd1..e0c1be963 100644
--- a/kartei/srounce/default.nix
+++ b/kartei/srounce/default.nix
@@ -1,13 +1,12 @@
-{ config, ... }: let
- lib = import ../../lib;
-
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
hostDefaults = hostName: host: lib.flip lib.recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
} // lib.optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr =
- (lib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
});
in {
diff --git a/kartei/template/default.nix b/kartei/template/default.nix
index 2acf78d38..2d595f9b4 100644
--- a/kartei/template/default.nix
+++ b/kartei/template/default.nix
@@ -1,5 +1,5 @@
-{ config, ... }: let
- lib = import ../../lib;
+{ config, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
in {
users.DUMMYUSER = {
mail = "DUMMYUSER@example.ork";
@@ -8,7 +8,7 @@ in {
owner = config.krebs.users.DUMMYUSER;
nets.retiolum = {
aliases = [ "DUMMYHOST.DUMMYUSER.r" ];
- ip6.addr = (lib.krebs.genipv6 "retiolum" "DUMMYUSER" { hostName = "DUMMYHOST"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "DUMMYUSER" { hostName = "DUMMYHOST"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
DUMMYTINCPUBKEYRSA
diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix
index eacb40af3..2f23324cc 100644
--- a/kartei/tv/default.nix
+++ b/kartei/tv/default.nix
@@ -1,5 +1,11 @@
-with import ../../lib;
-{ config, ... }: {
+{ config, lib, ... }@attrs: let
+ inherit (builtins)
+ getAttr head mapAttrs match pathExists readDir readFile typeOf;
+ inherit (lib)
+ const hasAttrByPath mapAttrs' mkDefault mkIf optionalAttrs removeSuffix
+ toList;
+ slib = import ../../lib/pure.nix { inherit lib; };
+in {
dns.providers = {
"viljetic.de" = "regfish";
};
@@ -8,10 +14,10 @@ with import ../../lib;
(hostName: hostFile: let
hostSource = import hostFile;
hostConfig = getAttr (typeOf hostSource) {
- lambda = hostSource { inherit config lib; };
+ lambda = hostSource attrs;
set = hostSource;
};
- in evalSubmodule types.host [
+ in slib.evalSubmodule slib.types.host [
hostConfig
{
name = hostName;
@@ -20,7 +26,7 @@ with import ../../lib;
(optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) {
nets.retiolum = {
ip6.addr =
- (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address;
};
})
(let
@@ -31,14 +37,14 @@ with import ../../lib;
"${hostName}.w"
];
ip6.addr =
- (krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address;
+ (slib.krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address;
wireguard.pubkey = readFile pubkey-path;
};
})
(host: mkIf (host.config.ssh.pubkey != null) {
ssh.privkey = mapAttrs (const mkDefault) {
path = config.krebs.secret.file "ssh.id_${host.config.ssh.privkey.type}";
- type = head (toList (match "ssh-([^ ]+) .*" host.config.ssh.pubkey));
+ type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey));
};
})
])
diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix
index aae5c5cd4..d64874d9c 100644
--- a/kartei/tv/hosts/ni.nix
+++ b/kartei/tv/hosts/ni.nix
@@ -1,4 +1,6 @@
-{ config, lib, ... }: {
+{ config, lib, ... }: let
+ slib = import ../../../lib/pure.nix { inherit lib; };
+in {
extraZones = {
"krebsco.de" = ''
ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
@@ -60,7 +62,7 @@
via = config.krebs.hosts.ni.nets.internet;
ip4.addr = "10.244.3.1";
wireguard.subnets = [
- (lib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
+ (slib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR
];
};
};
diff --git a/kartei/xkey/default.nix b/kartei/xkey/default.nix
index 939e04c7b..9f80288f6 100644
--- a/kartei/xkey/default.nix
+++ b/kartei/xkey/default.nix
@@ -1,6 +1,7 @@
-with import ../../lib;
-{ config, ... }:
+{ config, lib, ... }:
let
+ inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate;
+ slib = import ../../lib/pure.nix { inherit lib; };
maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else [];
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
@@ -9,11 +10,11 @@ let
owner = config.krebs.users.xkey;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
- ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
- ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
diff --git a/kartei/ynnel/default.nix b/kartei/ynnel/default.nix
index e7d985278..9d8b80a2f 100644
--- a/kartei/ynnel/default.nix
+++ b/kartei/ynnel/default.nix
@@ -1,6 +1,6 @@
-{ config, ... }:
+{ config, lib, ... }:
let
- lib = import ../../lib;
+ slib = import ../../lib/pure.nix { inherit lib; };
in
{
users.ynnel = {
@@ -10,7 +10,7 @@ in
owner = config.krebs.users.ynnel;
nets.retiolum = {
aliases = [ "mokemoke.ynnel.r" ];
- ip6.addr = (lib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address;
+ ip6.addr = (slib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA7rS560SZEPcSekW30dRF6ZTHOnb8WvuVgt3BFLRWhTgV5DqLqFa8