nixos, terraform: minor updates

2021-11-24 22:41:26 +01:00 · 2021-11-24 22:41:26 +01:00 · 6bfb0bbd7d
parent db847545b3
commit 6bfb0bbd7d
5 changed files with 11 additions and 10 deletions
--- a/flake.lock
+++ b/flake.lock
@ -196,11 +196,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1637509688,
-        "narHash": "sha256-NcKdyLZflWeSrwgavNGIG7LcP6XBcYGne04HIzWP1D4=",
+        "lastModified": 1637605846,
+        "narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "53edfe1d1c51c38e2adc4d8eb37a7a2657e3fe01",
+        "rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -25,7 +25,7 @@
        "${profile}" = lib.nixosSystem {
          inherit system;
          modules =
-            [ ./nixos/common ./nixos/hosts/${profile}/configuration.nix  ]
+            [ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" ]
            ++ (if lxc then [
              "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
              ./nixos/common/generic-lxc.nix
@ -54,7 +54,7 @@
      pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ];

      deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib;
-      checks = {};
+      checks = { };
    in {
      # Make the config and deploy sets
      nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts;
@ -84,8 +84,8 @@
          nixfmt
          nixUnstable
          vault
-          (vault-push-approle-envs self { })
          (vault-push-approles self { })
+          (vault-push-approle-envs self { })
        ];
      };

--- a/hosts.nix
+++ b/hosts.nix
@ -20,8 +20,8 @@
  {
    hostname = "bastion";
    ip = "10.42.42.4";
-    mac = "82:F0:7C:CB:BD:6D";
    ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d";
+    mac = "82:F0:7C:CB:BD:6D";
    lxc = false;
  }
  {
@ -85,6 +85,7 @@
  {
    hostname = "nuc";
    ip = "10.42.42.42";
+    ip6 = "2001:41f0:9639:1::42";
    mac = "1C:69:7A:62:30:88";
    nix = false;
  }
--- a/nixos/common/default.nix
+++ b/nixos/common/default.nix
@ -52,7 +52,7 @@
  };

  vault-secrets = {
-    vaultPrefix = "nixos";
+    vaultPrefix = "secrets/nixos";
    vaultAddress = "http://vault.olympus:8200/";
    approlePrefix = "olympus-${config.networking.hostName}";
  };
--- a/terraform/vault.tf
+++ b/terraform/vault.tf
@ -1,9 +1,9 @@
 provider "vault" {
-  address = "http://10.42.42.6:8200"
+  address = "http://vault:8200"
  skip_tls_verify = true
 }

 # Proxmox authentication for terraform
 data "vault_generic_secret" "proxmox_auth" {
-    path = "secrets/proxmox/terraform_auth"
+    path = "secrets/terraform/proxmox_credentials"
 }