From 424d48bdb1ffde31d75407fae682434cd76e73b6 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 26 Dec 2022 15:13:04 +0100 Subject: [PATCH] refactor nix config a bit --- flake.nix | 3 +- nixos/hosts/hades/default.nix | 204 +++++++++------------ nixos/hosts/olympus/default.nix | 159 +++++++--------- nixos/hosts/olympus/dhcp/configuration.nix | 5 +- nixos/hosts/thalassa/aoife/README.md | 15 ++ nixos/hosts/thalassa/aoife/networking.nix | 2 +- nixos/hosts/thalassa/default.nix | 14 +- nixos/util.nix | 17 +- notes/ideas.md | 1 - 9 files changed, 182 insertions(+), 238 deletions(-) create mode 100644 nixos/hosts/thalassa/aoife/README.md diff --git a/flake.nix b/flake.nix index d47edf8..9b92479 100644 --- a/flake.nix +++ b/flake.nix @@ -53,13 +53,12 @@ , ... }@inputs: let inherit (nixpkgs) lib; - inherit (builtins) mapAttrs; util = import ./nixos/util.nix inputs; system = "x86_64-linux"; # import and add realm to list of tags - hosts = mapAttrs util.add_realm_to_tags (import ./nixos/hosts); + hosts = util.add_realm_to_tags (import ./nixos/hosts); # flatten hosts to single list flat_hosts = util.flatten_hosts hosts; # Filter out all non-nixos hosts diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 0ae9655..519f6c7 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -1,228 +1,188 @@ -[ - { - hostname = "opnsense"; +{ + "opnsense" = { ip = "192.168.0.1"; mac = "00:0d:b9:56:b1:d8"; nix = false; - } - { - hostname = "nyx-bmc"; + }; + "nyx-bmc" = { ip = "192.168.0.99"; mac = "d0:50:99:f3:fa:42"; nix = false; - } - { - hostname = "nyx"; + }; + "nyx" = { ip = "192.168.0.100"; mac = "d0:50:99:de:99:4c"; nix = false; - } - { - hostname = "unifi"; + }; + "unifi" = { ip = "192.168.0.101"; mac = "5a:00:b7:6c:d1:e2"; - } - { - hostname = "plex"; + }; + "plex" = { ip = "192.168.0.102"; mac = "00:0c:29:a1:4e:28"; nix = false; - } - { - hostname = "vault-0"; + }; + "vault-0" = { ip = "192.168.0.103"; mac = "7A:14:15:ED:D1:E6"; tags = [ "vault" ]; - } - { - hostname = "pmm"; + }; + "pmm" = { ip = "192.168.0.104"; mac = "7A:A3:59:1D:69:07"; - } - { - hostname = "overseerr"; + }; + "overseerr" = { ip = "192.168.0.105"; mac = "8E:21:7F:88:3A:83"; - } - { - hostname = "tautulli"; + }; + "tautulli" = { ip = "192.168.0.106"; mac = "BE:30:DB:F8:C6:55"; - } - { - hostname = "MariaDB"; + }; + "MariaDB" = { ip = "192.168.0.109"; mac = "00:0c:29:23:4f:12"; nix = false; - } - { - hostname = "bitwarden_rs"; + }; + "bitwarden_rs" = { ip = "192.168.0.110"; mac = "00:0c:29:f5:98:00"; nix = false; - } - { - hostname = "rtorrent"; + }; + "rtorrent" = { ip = "192.168.0.111"; mac = "7a:5f:9b:62:49:91"; - } - { - hostname = "minio"; + }; + "minio" = { ip = "192.168.0.112"; mac = "ae:c6:94:bb:c5:d9"; - } - { - hostname = "cshub2"; + }; + "cshub2" = { ip = "192.168.0.113"; mac = "26:8c:f6:f4:21:76"; nix = false; - } - { - hostname = "bastion"; + }; + "bastion" = { ip = "192.168.0.114"; mac = "66:14:8e:b2:50:c4"; - } - { - hostname = "storage"; + }; + "storage" = { ip = "192.168.0.115"; mac = "00:50:56:91:0d:69"; nix = false; - } - { - hostname = "unpackerr"; + }; + "unpackerr" = { ip = "192.168.0.116"; mac = "06:8a:8e:3e:43:45"; - } - { - hostname = "thelounge"; + }; + "thelounge" = { ip = "192.168.0.117"; mac = "00:0c:29:2a:69:8f"; nix = false; - } - { - hostname = "mail"; + }; + "mail" = { ip = "192.168.0.118"; mac = "00:50:56:91:3b:03"; nix = false; - } - { - hostname = "bazarr"; + }; + "bazarr" = { ip = "192.168.0.119"; mac = "DE:7C:32:7E:DD:A1"; - } - { - hostname = "radarr2"; + }; + "radarr2" = { ip = "192.168.0.120"; mac = "5e:d3:75:93:56:ee"; profile = "radarr"; - } - { - hostname = "jackett2"; + }; + "jackett2" = { ip = "192.168.0.121"; mac = "4e:e7:64:b7:88:b8"; profile = "jackett"; nix = false; # superseded by prowlarr - } - { - hostname = "nginx"; + }; + "nginx" = { ip = "192.168.0.123"; mac = "00:0c:29:9b:10:82"; nix = false; - } - { - hostname = "pve-storage"; + }; + "pve-storage" = { ip = "192.168.0.124"; mac = "d4:3d:7e:35:0a:bf"; nix = false; - } - { - hostname = "database"; + }; + "database" = { ip = "192.168.0.126"; mac = "82:e8:71:7f:37:b4"; - } - { - hostname = "dn42"; + }; + "dn42" = { ip = "192.168.0.127"; mac = "12:fa:24:02:65:e6"; nix = false; - } - { - hostname = "docker-registry-proxy"; + }; + "docker-registry-proxy" = { ip = "192.168.0.128"; mac = "0e:11:65:62:66:9f"; - } - { - hostname = "hassio"; + }; + "hassio" = { ip = "192.168.0.129"; mac = "e6:80:32:fb:00:75"; nix = false; - } - { - hostname = "docker-registry"; + }; + "docker-registry" = { ip = "192.168.0.130"; mac = "5e:0e:a6:cf:64:70"; - } - { - hostname = "minecraft"; + }; + "minecraft" = { ip = "192.168.0.131"; mac = "00:0c:29:9b:e1:c4"; nix = false; - } - { - hostname = "sonarr2"; + }; + "sonarr2" = { ip = "192.168.0.132"; mac = "ea:ac:be:53:18:27"; profile = "sonarr"; - } - { - hostname = "postgres"; + }; + "postgres" = { ip = "192.168.0.133"; mac = "6e:92:a9:5e:4c:e2"; nix = false; - } - { - hostname = "vault"; + }; + "vault" = { ip = "192.168.0.134"; mac = "56:20:62:16:8a:11"; nix = false; - } - { - hostname = "vmetrics"; + }; + "vmetrics" = { ip = "192.168.0.135"; mac = "96:10:41:fd:2a:0a"; nix = false; - } - { - hostname = "mastodon"; + }; + "mastodon" = { ip = "192.168.0.138"; mac = "52:60:8a:06:86:9c"; - } - { - hostname = "lidarr"; + }; + "lidarr" = { ip = "192.168.0.139"; mac = "7a:0f:25:e5:7f:e5"; nix = false; - } - { - hostname = "prowlarr"; + }; + "prowlarr" = { ip = "192.168.0.140"; mac = "3a:67:8e:98:0c:a2"; - } - { - hostname = "readarr"; + }; + "readarr" = { ip = "192.168.0.141"; mac = "E6:A2:37:4A:7C:87"; - } - { - hostname = "archlinux"; + }; + "archlinux" = { ip = "192.168.0.200"; mac = "00:0c:29:e4:0d:17"; nix = false; - } - { - hostname = "HP781AFC"; + }; + "HP781AFC" = { ip = "192.168.0.201"; mac = "f4:ce:46:78:1a:fc"; nix = false; - } -] + }; +} \ No newline at end of file diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 20ee135..db19c10 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -1,56 +1,48 @@ -[ - { - hostname = "edgerouter"; +{ + "edgerouter" = { ip = "10.42.42.1"; ip6 = "2001:41f0:9639:1:b6fb:e4ff:fe53:9c0"; mac = "B4:FB:E4:53:9C:0A"; nix = false; - } - { - hostname = "unifi-ap"; + }; + "unifi-ap" = { ip = "10.42.42.2"; mac = "b4:fb:e4:f3:ff:1b"; nix = false; - } - { - hostname = "dhcp"; + }; + "dhcp" = { ip = "10.42.42.3"; mac = "3E:2D:E8:AA:E2:81"; tags = [ "networking" ]; - } - { - hostname = "bastion"; + }; + "bastion" = { ip = "10.42.42.4"; ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; mac = "82:F0:7C:CB:BD:6D"; type = "vm"; - } - { - hostname = "vault"; + }; + "vault" = { ip = "10.42.42.6"; mac = "16:2B:87:55:0C:0C"; profile = "vault-0"; tags = [ "vault" ]; - } - { - hostname = "mosquitto"; + }; + "mosquitto" = { ip = "10.42.42.7"; mac = "C6:F9:8B:3D:9E:37"; - } - { - hostname = "home-assistant"; + }; + "home-assistant" = { ip = "10.42.42.8"; ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee"; mac = "9E:60:78:ED:81:B4"; nix = false; - } - { - hostname = "nginx"; + }; + "nginx" = { ip = "10.42.42.9"; ip6 = "2001:41f0:9639:1:68c2:89ff:fe85:cfa6"; mac = "6A:C2:89:85:CF:A6"; tags = [ "web" ]; - } + }; # { # hostname = "k3s-node1"; # profile = "k3s"; @@ -58,133 +50,110 @@ # mac = "2E:F8:55:23:D9:9B"; # type = "vm"; # } - { - hostname = "WoolooTV"; + "WoolooTV" = { ip = "10.42.42.13"; mac = "74:40:be:48:85:a4"; nix = false; - } - { - hostname = "outline"; + }; + "outline" = { mac = "52:13:EB:FD:87:F0"; ip = "10.42.42.14"; - } - { - hostname = "dns-1"; + }; + "dns-1" = { profile = "dns"; ip = "10.42.42.15"; mac = "5E:F6:36:23:16:E3"; tags = [ "dns" "networking" ]; - } - { - hostname = "dns-2"; + }; + "dns-2" = { profile = "dns"; ip = "10.42.42.16"; mac = "B6:04:0B:CD:0F:9F"; tags = [ "dns" "networking" ]; - } - { - hostname = "minio"; + }; + "minio" = { ip = "10.42.42.17"; mac = "0A:06:5E:E7:9A:0C"; - } - { - hostname = "mailserver"; + }; + "mailserver" = { ip = "10.42.42.18"; mac = "AA:F2:3D:5E:B3:40"; - } - { - hostname = "victoriametrics"; + }; + "victoriametrics" = { ip = "10.42.42.19"; mac = "9E:91:61:35:84:1F"; - } - { - hostname = "unifi"; + }; + "unifi" = { ip = "10.42.42.20"; mac = "1A:88:A0:B0:65:B4"; - } - { - hostname = "minecraft"; + }; + "minecraft" = { ip = "10.42.42.21"; mac = "EA:30:73:E4:B6:69"; nix = false; - } - { - hostname = "gitea"; + }; + "gitea" = { ip = "10.42.42.22"; mac = "DE:5F:B0:83:6F:34"; - } - { - hostname = "hedgedoc"; + }; + "hedgedoc" = { ip = "10.42.42.23"; mac = "86:BC:0C:18:BC:9B"; - } - { - hostname = "zmeura"; + }; + "zmeura" = { ip = "10.42.42.24"; mac = "b8:27:eb:d5:e0:f5"; nix = false; - } - { - hostname = "wireguard"; + }; + "wireguard" = { ip = "10.42.42.25"; mac = "1E:ED:97:2C:C3:9D"; - } - { - hostname = "database"; + }; + "database" = { ip = "10.42.42.26"; mac = "CE:6E:96:87:18:1B"; - } - { - hostname = "bookwyrm"; + }; + "bookwyrm" = { ip = "10.42.42.27"; mac = "9E:8A:6C:39:27:DE"; nix = false; - } - { - hostname = "synapse"; + }; + "synapse" = { ip = "10.42.42.28"; mac = "9E:86:D3:46:EE:AE"; - } - { - hostname = "keycloak"; + }; + "keycloak" = { ip = "10.42.42.29"; mac = "A6:09:1D:A8:81:28"; - } - { - hostname = "vault-1"; + }; + "vault-1" = { ip = "10.42.42.30"; mac = "26:69:0E:7C:B3:79"; profile = "vault-1"; tags = [ "vault" ]; - } - { - hostname = "vaultwarden"; + }; + "vaultwarden" = { ip = "10.42.42.31"; mac = "96:61:03:16:63:98"; - } - { - hostname = "ntfy"; + }; + "ntfy" = { ip = "10.42.42.32"; mac = "7A:17:9E:80:72:01"; - } - { - hostname = "woodpecker"; + }; + "woodpecker" = { ip = "10.42.42.33"; mac = "1E:24:DA:DB:4A:1A"; - } - { - hostname = "nuc"; + }; + "nuc" = { ip = "10.42.42.42"; ip6 = "2001:41f0:9639:1::42"; mac = "1C:69:7A:62:30:88"; nix = false; - } - { - hostname = "eevee"; + }; + "eevee" = { ip = "10.42.42.69"; ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3"; mac = "34:97:f6:93:9A:AA"; nix = false; - } -] + }; +} diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index 8639082..cc36022 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -1,13 +1,16 @@ { config, pkgs, hosts, ... }: let inherit (builtins) filter hasAttr; + inherit (pkgs.lib.attrsets) mapAttrsToList; hostToDhcp = { hostname, mac, ip, ... }: { ethernetAddress = mac; hostName = hostname; ipAddress = ip; }; localDomain = config.networking.domain; - hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) hosts.${localDomain}; + # TODO: Alternatively filter on flat_hosts where realm == localDomain + local_hosts = mapAttrsToList (name: value: value // { hostname = name; }) hosts.${localDomain}; + hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) local_hosts; in { imports = [ ]; diff --git a/nixos/hosts/thalassa/aoife/README.md b/nixos/hosts/thalassa/aoife/README.md new file mode 100644 index 0000000..9ecd689 --- /dev/null +++ b/nixos/hosts/thalassa/aoife/README.md @@ -0,0 +1,15 @@ +# Aoife +This is the NixOS config for my laptop `aoife`. + +## Hardware +This is a Thinkpad Z16 Gen 1. + +**CPU**: AMD Ryzen 9 PRO 6950H (16 cores) @ 4.935GHz +**RAM**: 32GB LPDDR5 6400MHz +**SCREEN**: 16" 3840 x 2400 OLED +**GPU**: AMD Radeon™ RX 6500M, 4 GB, GDDR6 + +## Software +**OS**: NixOS +**DE**: Gnome +**Shell**: ZSH (grml) diff --git a/nixos/hosts/thalassa/aoife/networking.nix b/nixos/hosts/thalassa/aoife/networking.nix index 0769977..16d4e07 100644 --- a/nixos/hosts/thalassa/aoife/networking.nix +++ b/nixos/hosts/thalassa/aoife/networking.nix @@ -1,4 +1,4 @@ -{ ... }: { +_: { networking.networkmanager.enable = true; networking.firewall.checkReversePath = false; # networking.firewall.enable = false; diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index d477aa2..61fc396 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,10 +1,4 @@ -[ - { - hostname = "null"; - type = "local"; - } - { - hostname = "aoife"; - type = "local"; - } -] +{ + "null" = { type = "local"; }; + "aoife" = { type = "local"; }; +} diff --git a/nixos/util.nix b/nixos/util.nix index 7345fca..19c9dfe 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,7 +1,7 @@ { nixpkgs, home-manager, hyprland, mailserver, ... }: let - inherit (builtins) filter attrValues concatLists; - + inherit (builtins) filter attrValues concatMap mapAttrs; + inherit (nixpkgs.lib.attrsets) mapAttrsToList; # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal) resolve_imports = let # lookup table @@ -22,14 +22,19 @@ let ] ++ import_cases.${type}; in { # Add to whatever realm a host belong to its list of tags - add_realm_to_tags = realm: - map ({ tags ? [ ], ... }@host: + add_realm_to_tags = mapAttrs (realm: + mapAttrs (hostname: + { tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; - }); + })); + # Flatten all hosts to a single list - flatten_hosts = hosts: concatLists (attrValues hosts); + flatten_hosts = realms: + concatMap (mapAttrsToList (name: value: value // { hostname = name; })) + (attrValues realms); + # Filter out all hosts which aren't nixos filter_nix_hosts = filter ({ nix ? true, ... }: nix); diff --git a/notes/ideas.md b/notes/ideas.md index 455de91..505fc82 100644 --- a/notes/ideas.md +++ b/notes/ideas.md @@ -8,7 +8,6 @@ Re-use `hosts` setup and add domain and port information to each host # new stuff exposes = { requests = { - port = 3000; domain = "requests.xirion.net"; port = 3000; };