66 lines
1.6 KiB
Nix
66 lines
1.6 KiB
Nix
{
|
|
inputs,
|
|
homelabConfig,
|
|
...
|
|
}:
|
|
{
|
|
mkSystem =
|
|
{ hostConfig }:
|
|
{
|
|
deployment = {
|
|
targetHost = hostConfig.ip;
|
|
targetUser = "maintenance";
|
|
};
|
|
|
|
imports = [
|
|
inputs.impermanence.nixosModules.impermanence
|
|
inputs.sops-nix.nixosModules.sops
|
|
|
|
./systems/base/configuration.nix
|
|
(
|
|
{ ... }:
|
|
{
|
|
sops.defaultSopsFile = ./secrets + "/${hostConfig.hostname}.yaml";
|
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
# Disable automatic pgp key generation based on ssh keys
|
|
sops.gnupg.sshKeyPaths = [ ];
|
|
|
|
networking = {
|
|
hostName = hostConfig.hostname;
|
|
interfaces.eth0.ipv4.addresses = [
|
|
{
|
|
address = hostConfig.ip;
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
nameservers = homelabConfig.defaultDNS;
|
|
defaultGateway = {
|
|
address = homelabConfig.defaultGateway;
|
|
interface = "eth0";
|
|
};
|
|
};
|
|
system.stateVersion = hostConfig.stateVersion;
|
|
}
|
|
)
|
|
({ ... }: hostConfig.config)
|
|
] ++ builtins.map (role: role.nixosModule) hostConfig.roles;
|
|
};
|
|
|
|
mkRole = cfg: {
|
|
inherit (cfg) name description nixosModule;
|
|
traefikRoutes = cfg.traefikRoutes or ({ ... }: [ ]);
|
|
};
|
|
|
|
mkHost = cfg: {
|
|
inherit (cfg)
|
|
hostname
|
|
managed
|
|
ip
|
|
stateVersion
|
|
;
|
|
traefikRoutes = cfg.traefikRoutes or [ ];
|
|
roles = cfg.roles or [ ];
|
|
config = cfg.config or { };
|
|
};
|
|
}
|