diff options
author | lassulus <git@lassul.us> | 2023-06-10 12:50:53 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2023-06-21 14:47:04 +0200 |
commit | e174ef53caafbcee1e8a2ee83d6195f97afb9388 (patch) | |
tree | 630c6d61843c4a6df904327316f8c3a02a68dd3d /kartei | |
parent | d59586939d9530ee55a4c5a3310ae13042127e09 (diff) |
flake: init
Diffstat (limited to 'kartei')
-rw-r--r-- | kartei/0x4A6F/default.nix | 7 | ||||
-rw-r--r-- | kartei/dave/default.nix | 6 | ||||
-rw-r--r-- | kartei/dbalan/default.nix | 9 | ||||
-rw-r--r-- | kartei/default.nix | 2 | ||||
-rw-r--r-- | kartei/feliks/default.nix | 9 | ||||
-rw-r--r-- | kartei/jan/default.nix | 6 | ||||
-rw-r--r-- | kartei/jeschli/default.nix | 8 | ||||
-rw-r--r-- | kartei/kmein/default.nix | 9 | ||||
-rw-r--r-- | kartei/krebs/default.nix | 15 | ||||
-rw-r--r-- | kartei/lass/default.nix | 15 | ||||
-rw-r--r-- | kartei/makefu/default.nix | 16 | ||||
-rw-r--r-- | kartei/mic92/default.nix | 7 | ||||
-rw-r--r-- | kartei/others/default.nix | 9 | ||||
-rw-r--r-- | kartei/oxzi/default.nix | 8 | ||||
-rw-r--r-- | kartei/palo/default.nix | 9 | ||||
-rw-r--r-- | kartei/rtunreal/default.nix | 10 | ||||
-rw-r--r-- | kartei/srounce/default.nix | 7 | ||||
-rw-r--r-- | kartei/template/default.nix | 6 | ||||
-rw-r--r-- | kartei/tv/default.nix | 20 | ||||
-rw-r--r-- | kartei/tv/hosts/ni.nix | 6 | ||||
-rw-r--r-- | kartei/xkey/default.nix | 9 | ||||
-rw-r--r-- | kartei/ynnel/default.nix | 6 |
22 files changed, 107 insertions, 92 deletions
diff --git a/kartei/0x4A6F/default.nix b/kartei/0x4A6F/default.nix index 8939f267d..eb3d08e8d 100644 --- a/kartei/0x4A6F/default.nix +++ b/kartei/0x4A6F/default.nix @@ -1,12 +1,13 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; external = true; monitoring = false; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }); in { users = { diff --git a/kartei/dave/default.nix b/kartei/dave/default.nix index 053ec412b..04f226cc1 100644 --- a/kartei/dave/default.nix +++ b/kartei/dave/default.nix @@ -1,5 +1,5 @@ -{ config, ... }: let - lib = import ../../lib; +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; in { users.dave = { mail = "hsngrmpf@gmail.com"; @@ -8,7 +8,7 @@ in { owner = config.krebs.users.dave; nets.retiolum = { aliases = [ "dave.r" ]; - ip6.addr = (lib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "dave" { hostName = "dave"; }).address; ip4.addr = "10.243.0.6"; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/kartei/dbalan/default.nix b/kartei/dbalan/default.nix index fadf187db..6bf10b921 100644 --- a/kartei/dbalan/default.nix +++ b/kartei/dbalan/default.nix @@ -1,6 +1,7 @@ -with import ../../lib; -{ config, ... }: +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; external = true; @@ -8,11 +9,11 @@ let owner = config.krebs.users.dbalan; } // optionalAttrs (host.nets?retiolum) { nets.retiolum = { - ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill = { - ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }; }); in diff --git a/kartei/default.nix b/kartei/default.nix index 6024e2351..046efdd7b 100644 --- a/kartei/default.nix +++ b/kartei/default.nix @@ -9,7 +9,7 @@ in { (name: _type: let path = ./. + "/${name}"; in { - krebs = import path { inherit config; }; + krebs = import path { inherit config lib; }; }) (removeTemplate (lib.filterAttrs diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index e98da7bc6..96c20f602 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -1,5 +1,6 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ owner = config.krebs.users.feliks; ci = false; @@ -7,10 +8,10 @@ with import ../../lib; monitoring = false; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill.ip6.addr = - (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); in { users.feliks = { diff --git a/kartei/jan/default.nix b/kartei/jan/default.nix index 72b5cb331..c0e3922a7 100644 --- a/kartei/jan/default.nix +++ b/kartei/jan/default.nix @@ -1,5 +1,5 @@ -{ config, ... }: let - lib = import ../../lib; +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; in { users.jan = { @@ -67,7 +67,7 @@ in { nets.retiolum = { aliases = [ "grill.r" ]; ip4.addr = "10.243.217.217"; - ip6.addr = (lib.krebs.genipv6 "retiolum" "jan" { hostName = "grill"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "jan" { hostName = "grill"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAs4P6CfRcwFGCqkfv1tyTbbk2eHh08kEqxPNQ655sMKWxMhgRnRII diff --git a/kartei/jeschli/default.nix b/kartei/jeschli/default.nix index fe12c16a4..a53ff7a22 100644 --- a/kartei/jeschli/default.nix +++ b/kartei/jeschli/default.nix @@ -1,12 +1,12 @@ -with import ../../lib; -{ config, ... }: let - +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = true; owner = config.krebs.users.jeschli; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "jeschli" { inherit hostName; }).address; }); in { diff --git a/kartei/kmein/default.nix b/kartei/kmein/default.nix index 1a5a57d1a..b096e2843 100644 --- a/kartei/kmein/default.nix +++ b/kartei/kmein/default.nix @@ -1,6 +1,7 @@ -with import ../../lib; -{ config, ... }: +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else []; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; @@ -9,11 +10,11 @@ let owner = config.krebs.users.kmein; } // optionalAttrs (host.nets?retiolum) { nets.retiolum = { - ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill = { - ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }; }); ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); diff --git a/kartei/krebs/default.nix b/kartei/krebs/default.nix index 414b66e9f..8a12d6f24 100644 --- a/kartei/krebs/default.nix +++ b/kartei/krebs/default.nix @@ -1,11 +1,12 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip genAttrs mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ owner = config.krebs.users.krebs; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "krebs" { inherit hostName; }).address; }); testHosts = genAttrs [ @@ -66,7 +67,6 @@ in { tinc.pubkey_ed25519 = "D5TYSZW9OAkdnvQ/NL98UgheRC2Zg4SMNZ8M4/KwdeL"; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKRpjW68lSlTL8jBQcXKOTdGa+olQw5ghaU5df2yAE64"; }; hotdog = { @@ -100,7 +100,6 @@ in { tinc.pubkey_ed25519 = "ugy/sGReVro3YzjDuroV/5hdeBdqD18no9dMhTy9DYL"; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; news = { @@ -133,7 +132,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; }; onebutton = { @@ -161,7 +159,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe "; }; ponte = { @@ -208,7 +205,6 @@ in { }; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEw9fo8Qtb/DTLacdrJP7Ti7c4UXTm6wUUX+iRFweEo "; }; puyak = { @@ -234,7 +230,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR"; }; @@ -259,7 +254,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc"; }; wolf = { @@ -296,7 +290,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR"; }; } // testHosts); diff --git a/kartei/lass/default.nix b/kartei/lass/default.nix index de776fca0..e5b12f1cb 100644 --- a/kartei/lass/default.nix +++ b/kartei/lass/default.nix @@ -1,8 +1,8 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; - r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address; - w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address; + r6 = ip: (slib.krebs.genipv6 "retiolum" "lass" ip).address; + w6 = ip: (slib.krebs.genipv6 "wiregrill" "lass" ip).address; hostFiles = builtins.map (lib.removeSuffix ".nix") ( builtins.filter @@ -14,14 +14,17 @@ in { dns.providers = { "lassul.us" = "zones"; }; - hosts = mapAttrs (_: recursiveUpdate { + hosts = lib.mapAttrs (_: lib.recursiveUpdate { owner = config.krebs.users.lass; consul = true; ci = true; monitoring = true; ssh.privkey.path = <secrets/ssh.id_ed25519>; }) ( - lib.genAttrs hostFiles (host: import (./. + "/${host}.nix") { inherit config krebs lib r6 w6; }) + lib.genAttrs hostFiles (host: import (./. + "/${host}.nix") { + inherit config lib r6 w6; + inherit (slib) krebs; + }) ); users = rec { lass = lass-yubikey; diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index 5e236d574..5148e7c09 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -2,8 +2,10 @@ # tinc generate-keys # ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (builtins) foldl' mapAttrs pathExists readFile; + inherit (lib) optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: foldl' recursiveUpdate {} [ { @@ -19,7 +21,7 @@ with import ../../lib; "${hostName}.r" ]; ip6.addr = - (krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address; }; }) # Retiolum ed25519 keys @@ -37,7 +39,7 @@ with import ../../lib; "${hostName}.w" ]; ip6.addr = - (krebs.genipv6 "wiregrill" "makefu" { inherit hostName; }).address; + (slib.krebs.genipv6 "wiregrill" "makefu" { inherit hostName; }).address; wireguard.pubkey = readFile pubkey-path; }; }) @@ -54,7 +56,7 @@ with import ../../lib; ]; pub-for = name: builtins.readFile (./ssh + "/${name}.pub"); - w6 = ip: (krebs.genipv6 "wiregrill" "makefu" ip).address; + w6 = ip: (slib.krebs.genipv6 "wiregrill" "makefu" ip).address; in { hosts = mapAttrs hostDefaults { cake = rec { @@ -149,7 +151,7 @@ in { # pixel3a telex.nets.wiregrill = { aliases = ["telex.w"]; - ip6.addr = (krebs.genipv6 "wiregrill" "makefu" { hostName = "telex"; }).address; + ip6.addr = (slib.krebs.genipv6 "wiregrill" "makefu" { hostName = "telex"; }).address; ip4.addr = "10.244.245.4"; }; @@ -255,7 +257,7 @@ in { ip6.addr = w6 "1"; wireguard.port = 51821; wireguard.subnets = [ - (krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR + (slib.krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR "10.244.245.0/24" # required for routing directly to gum via rockit ]; }; diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 003c66c66..5b9d41413 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -1,12 +1,13 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; external = true; monitoring = false; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }); in { hosts = mapAttrs hostDefaults { diff --git a/kartei/others/default.nix b/kartei/others/default.nix index 68097cdf8..fc4f8644d 100644 --- a/kartei/others/default.nix +++ b/kartei/others/default.nix @@ -1,5 +1,6 @@ -with import ../../lib; -{ config, ... }: let +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; @@ -7,10 +8,10 @@ with import ../../lib; monitoring = false; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill.ip6.addr = - (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); diff --git a/kartei/oxzi/default.nix b/kartei/oxzi/default.nix index a4d23b01a..a1b5a766d 100644 --- a/kartei/oxzi/default.nix +++ b/kartei/oxzi/default.nix @@ -1,5 +1,5 @@ -{ config, ... }: let - lib = import ../../lib; +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; in { users.oxzi = { mail = "post@0x21.biz"; @@ -13,7 +13,7 @@ in { "gosh.r" ]; ip4.addr = "10.243.32.1"; - ip6.addr = (lib.krebs.genipv6 "retiolum" "oxzi" { hostName = "ancha"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "oxzi" { hostName = "ancha"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA5RSP7nWZ1c04kvQBxoHqcdRKpJuRDzD3f0Nl2KhS7QsAqHJGdK7T @@ -39,7 +39,7 @@ in { "marohu.oxzi.r" ]; ip4.addr = "10.243.32.2"; - ip6.addr = (lib.krebs.genipv6 "retiolum" "oxzi" { hostName = "marohu"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "oxzi" { hostName = "marohu"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAxHLkvuH9JMXay/fEmoWTEqLHg9A50EzkxPVBn4nyezgp5vxsUqJz diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix index 6fc9a594f..487261acf 100644 --- a/kartei/palo/default.nix +++ b/kartei/palo/default.nix @@ -1,6 +1,7 @@ -with import ../../lib; -{ config, ... }: +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; @@ -8,10 +9,10 @@ let monitoring = false; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill.ip6.addr = - (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); in diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix index 9d57c0fce..de6c528fa 100644 --- a/kartei/rtunreal/default.nix +++ b/kartei/rtunreal/default.nix @@ -1,6 +1,8 @@ -with import ../../lib; -{ config, ... }: +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; + hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; external = true; @@ -8,11 +10,11 @@ let owner = config.krebs.users.rtunreal; } // optionalAttrs (host.nets?retiolum) { nets.retiolum = { - ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill = { - ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }; }); ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); diff --git a/kartei/srounce/default.nix b/kartei/srounce/default.nix index ef37cbcd1..e0c1be963 100644 --- a/kartei/srounce/default.nix +++ b/kartei/srounce/default.nix @@ -1,13 +1,12 @@ -{ config, ... }: let - lib = import ../../lib; - +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; hostDefaults = hostName: host: lib.flip lib.recursiveUpdate host ({ ci = false; external = true; monitoring = false; } // lib.optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = - (lib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }); in { diff --git a/kartei/template/default.nix b/kartei/template/default.nix index 2acf78d38..2d595f9b4 100644 --- a/kartei/template/default.nix +++ b/kartei/template/default.nix @@ -1,5 +1,5 @@ -{ config, ... }: let - lib = import ../../lib; +{ config, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; in { users.DUMMYUSER = { mail = "DUMMYUSER@example.ork"; @@ -8,7 +8,7 @@ in { owner = config.krebs.users.DUMMYUSER; nets.retiolum = { aliases = [ "DUMMYHOST.DUMMYUSER.r" ]; - ip6.addr = (lib.krebs.genipv6 "retiolum" "DUMMYUSER" { hostName = "DUMMYHOST"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "DUMMYUSER" { hostName = "DUMMYHOST"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- DUMMYTINCPUBKEYRSA diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index eacb40af3..2f23324cc 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,5 +1,11 @@ -with import ../../lib; -{ config, ... }: { +{ config, lib, ... }@attrs: let + inherit (builtins) + getAttr head mapAttrs match pathExists readDir readFile typeOf; + inherit (lib) + const hasAttrByPath mapAttrs' mkDefault mkIf optionalAttrs removeSuffix + toList; + slib = import ../../lib/pure.nix { inherit lib; }; +in { dns.providers = { "viljetic.de" = "regfish"; }; @@ -8,10 +14,10 @@ with import ../../lib; (hostName: hostFile: let hostSource = import hostFile; hostConfig = getAttr (typeOf hostSource) { - lambda = hostSource { inherit config lib; }; + lambda = hostSource attrs; set = hostSource; }; - in evalSubmodule types.host [ + in slib.evalSubmodule slib.types.host [ hostConfig { name = hostName; @@ -20,7 +26,7 @@ with import ../../lib; (optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { nets.retiolum = { ip6.addr = - (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; + (slib.krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; }; }) (let @@ -31,14 +37,14 @@ with import ../../lib; "${hostName}.w" ]; ip6.addr = - (krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; + (slib.krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; wireguard.pubkey = readFile pubkey-path; }; }) (host: mkIf (host.config.ssh.pubkey != null) { ssh.privkey = mapAttrs (const mkDefault) { path = config.krebs.secret.file "ssh.id_${host.config.ssh.privkey.type}"; - type = head (toList (match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); + type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); }; }) ]) diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix index aae5c5cd4..d64874d9c 100644 --- a/kartei/tv/hosts/ni.nix +++ b/kartei/tv/hosts/ni.nix @@ -1,4 +1,6 @@ -{ config, lib, ... }: { +{ config, lib, ... }: let + slib = import ../../../lib/pure.nix { inherit lib; }; +in { extraZones = { "krebsco.de" = '' ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} @@ -60,7 +62,7 @@ via = config.krebs.hosts.ni.nets.internet; ip4.addr = "10.244.3.1"; wireguard.subnets = [ - (lib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR + (slib.krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR ]; }; }; diff --git a/kartei/xkey/default.nix b/kartei/xkey/default.nix index 939e04c7b..9f80288f6 100644 --- a/kartei/xkey/default.nix +++ b/kartei/xkey/default.nix @@ -1,6 +1,7 @@ -with import ../../lib; -{ config, ... }: +{ config, lib, ... }: let + inherit (lib) flip mapAttrs optionalAttrs recursiveUpdate; + slib = import ../../lib/pure.nix { inherit lib; }; maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else []; hostDefaults = hostName: host: flip recursiveUpdate host ({ ci = false; @@ -9,11 +10,11 @@ let owner = config.krebs.users.xkey; } // optionalAttrs (host.nets?retiolum) { nets.retiolum = { - ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; }; } // optionalAttrs (host.nets?wiregrill) { nets.wiregrill = { - ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + ip6.addr = (slib.krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }; }); ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); diff --git a/kartei/ynnel/default.nix b/kartei/ynnel/default.nix index e7d985278..9d8b80a2f 100644 --- a/kartei/ynnel/default.nix +++ b/kartei/ynnel/default.nix @@ -1,6 +1,6 @@ -{ config, ... }: +{ config, lib, ... }: let - lib = import ../../lib; + slib = import ../../lib/pure.nix { inherit lib; }; in { users.ynnel = { @@ -10,7 +10,7 @@ in owner = config.krebs.users.ynnel; nets.retiolum = { aliases = [ "mokemoke.ynnel.r" ]; - ip6.addr = (lib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address; + ip6.addr = (slib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA7rS560SZEPcSekW30dRF6ZTHOnb8WvuVgt3BFLRWhTgV5DqLqFa8 |