test
This commit is contained in:
parent
dd2e858b64
commit
78c70dc4ef
6 changed files with 38 additions and 18 deletions
|
@ -29,6 +29,12 @@ creation_rules:
|
|||
- *host_framework-server
|
||||
- *host_backups-rpi4
|
||||
|
||||
- path_regex: secrets\/containers\/rdesktop\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *user_albert
|
||||
- *host_framework-server
|
||||
|
||||
- path_regex: secrets\/hosts\/milan-linode-01\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
|
|
|
@ -66,8 +66,8 @@
|
|||
quitman-rpi4 = libx.mkHost { hostname = "quitman-rpi4"; system = "aarch64-linux"; type = "small"; };
|
||||
};
|
||||
homeConfigurations = {
|
||||
"albert@osaka-linode-01" = libx.mkHome { hostname = "osaka-linode-01"; };
|
||||
"albert@milan-linode-01" = libx.mkHome { hostname = "milan-linode-01"; };
|
||||
"albert@osaka-linode-01" = libx.mkHome { hostname = "osaka-linode-01"; type = "small"; };
|
||||
"albert@milan-linode-01" = libx.mkHome { hostname = "milan-linode-01"; type = "small"; };
|
||||
"albert@framework-server" = libx.mkHome { hostname = "framework-server"; };
|
||||
"albert@nuc-server" = libx.mkHome { hostname = "nuc-server"; };
|
||||
"albert@nixos-desktop" = libx.mkHome { hostname = "nixos-desktop"; desktop = "hyprland"; theme = "tokyo-night"; };
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ self, inputs, outputs, stateVersion, hmStateVersion , ... }: {
|
||||
{ lib ? lib, self, inputs, outputs, stateVersion, hmStateVersion , ... }: {
|
||||
deploy = {
|
||||
hostname,
|
||||
system ? "x86_64-linux",
|
||||
|
@ -44,7 +44,10 @@
|
|||
pkgs-unstable ? import inputs.nixpkgs-unstable
|
||||
{ inherit system; config.allowUnfree = unfree; hostPlatform = system; }
|
||||
}: {
|
||||
bindMounts = import ../nixos/containers/${hostname}/mounts.nix;
|
||||
bindMounts = lib.mkMerge [
|
||||
( import ../nixos/containers/mounts.nix )
|
||||
( import ../nixos/containers/${hostname}/mounts.nix )
|
||||
];
|
||||
autoStart = true;
|
||||
privateNetwork = false;
|
||||
specialArgs = { inherit pkgs-unstable hostname username desktop theme system repo unfree stateVersion; };
|
||||
|
|
|
@ -4,6 +4,21 @@
|
|||
../users/${username}
|
||||
../common/modules/nixos.nix
|
||||
../common/modules/networking.nix
|
||||
# Services
|
||||
../common/services/promtail.nix
|
||||
../common/services/telegraf.nix
|
||||
../common/services/tailscale.nix
|
||||
];
|
||||
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix
|
||||
# Set up the secrets file:
|
||||
sops.secrets."tailscale_key" = {
|
||||
owner = "root";
|
||||
sopsFile = ../../../secrets/containers/${hostname}.yaml;
|
||||
restartUnits = [
|
||||
"tailscaled.service"
|
||||
"tailscaled-autoconnect.service"
|
||||
];
|
||||
};
|
||||
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
||||
networking.hostName = "${hostname}";
|
||||
}
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
{
|
||||
"/etc/nixos/git" = {
|
||||
"/etc/nixos/git" = {
|
||||
hostPath = "/etc/nixos/git";
|
||||
mountPoint = "/etc/nixos/git";
|
||||
isReadOnly = false;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +1,7 @@
|
|||
{ self, inputs, outputs, stateVersion, hmStateVersion, pkgs, pkgs-unstable, ... }:
|
||||
{ lib, self, inputs, outputs, stateVersion, hmStateVersion, pkgs, pkgs-unstable, ... }:
|
||||
let
|
||||
libx = import ../../../lib { inherit self inputs outputs stateVersion hmStateVersion; };
|
||||
libx = import ../../../lib { inherit lib self inputs outputs stateVersion hmStateVersion; };
|
||||
in {
|
||||
# TODO: Set up Tailscale key
|
||||
|
||||
# Set up the bridge network:
|
||||
containers = {
|
||||
rdesktop = libx.mkContainer { hostname = "rdesktop"; unfree = true; repo = "nixpkgs-unstable"; desktop = "xfce"; };
|
||||
|
|
Loading…
Reference in a new issue