zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Compare commits

base: zuckerberg:e72e19b7e82e79aa0b7a10894906c82bced33fb8
Branches Tags
zuckerberg:master
zuckerberg:stage
zuckerberg:rpi-hotspot
zuckerberg:attic
zuckerberg:kexec_luks2
zuckerberg:pia-client
..
compare: zuckerberg:71baa09bd2a17919aa62c4678187ebba28b925a4
Branches Tags
zuckerberg:stage
zuckerberg:master
zuckerberg:rpi-hotspot
zuckerberg:attic
zuckerberg:kexec_luks2
zuckerberg:pia-client

No commits in common. "e72e19b7e82e79aa0b7a10894906c82bced33fb8" and "71baa09bd2a17919aa62c4678187ebba28b925a4" have entirely different histories.
e72e19b7e8 ... 71baa09bd2

4 changed files with 95 additions and 113 deletions
Show Stats Expand all files Collapse all files

2
common/auto-update.nix
View File

@ -9,7 +9,7 @@ in
config = lib.mkIf cfg.enable {
system.autoUpgrade = {
flake = "git+https://git.neet.dev/zuckerberg/nix-config.git";
flags = [ "--recreate-lock-file" "--no-write-lock-file" ]; # ignore lock file, just pull the latest
flags = [ "--recreate-lock-file" ]; # ignore lock file, just pull the latest
};
};
}

14
common/machine-info/default.nix
View File

@ -12,16 +12,7 @@ in
./roles.nix
];
options.machines = {
# For some reason (presumably a bug), using the best value of "../../machines"
# as the path causes nix to search for invalid paths for flake imports but *not*
# secrets.nix for agenix.
machinesPath = lib.mkOption {
type = lib.types.path;
default = ../..;
};
hosts = lib.mkOption {
options.machines.hosts = lib.mkOption {
type = lib.types.attrsOf
(lib.types.submodule {
options = {
@ -116,7 +107,6 @@ in
};
});
};
};
config = {
assertions = (lib.concatLists (lib.mapAttrsToList
@ -203,6 +193,6 @@ in
in
lib.concatMap (d: propertiesFiles' "${dir}/${d}" d) dirPaths ++ builtins.map (p: { "${dirName}" = p; }) propFiles;
in
properties config.machines.machinesPath;
properties ../../machines;
};
}

6
common/machine-info/moduleless.nix
View File

@ -2,7 +2,6 @@
{ nixpkgs ? import <nixpkgs> { }
, assertionsModule ? <nixpkgs/nixos/modules/misc/assertions.nix>
, machinesPath ? null
}:
{
@ -11,11 +10,6 @@
modules = [
./default.nix
assertionsModule
{
config = nixpkgs.lib.mkIf (machinesPath != null) {
machines.machinesPath = machinesPath;
};
}
];
}).config.machines;
}

4
secrets/secrets.nix
View File

@ -1,8 +1,6 @@
let
lib = (import <nixpkgs> { }).lib;
sshKeys = (import ../common/machine-info/moduleless.nix {
machinesPath = ../machines;
}).machines.ssh;
sshKeys = (import ../common/machine-info/moduleless.nix { }).machines.ssh;
# add userkeys to all roles so that I can r/w the secrets from my personal computers
roles = lib.mapAttrs (role: hosts: hosts ++ sshKeys.userKeys) sshKeys.hostKeysByRole;