From 7efa62f47d61cd7390c1993a8cad095a28c27568 Mon Sep 17 00:00:00 2001 From: Vivian Roest Date: Sun, 21 Aug 2022 11:42:17 +0200 Subject: [PATCH] refactor flake --- flake.nix | 68 ++++------------------ nixos/hosts/default.nix | 1 + nixos/hosts/olympus/default.nix | 4 +- nixos/hosts/olympus/dhcp/configuration.nix | 2 +- nixos/hosts/olympus/dns/configuration.nix | 17 +++--- nixos/hosts/thalassa/default.nix | 1 - util.nix | 51 ++++++++++++++++ 7 files changed, 75 insertions(+), 69 deletions(-) create mode 100644 util.nix diff --git a/flake.nix b/flake.nix index bab9c2e5..6a48d7df 100644 --- a/flake.nix +++ b/flake.nix @@ -31,73 +31,30 @@ let inherit (nixpkgs) lib; inherit (builtins) filter mapAttrs attrValues concatLists; + + util = import ./util.nix inputs; + system = "x86_64-linux"; - # import and add location qualifier to all hosts - hosts = mapAttrs (location: lhosts: map ({ tags ? [ ], ... }@x: x // { tags = [ location ] ++ tags; inherit location; }) lhosts) (import ./nixos/hosts); + # import and add realm to list of tags + hosts = mapAttrs util.add_realm_to_tags (import ./nixos/hosts); # flatten hosts to single list - flat_hosts = concatLists (attrValues hosts); - # Filter all nixos host definitions that are actual nix machines - nixHosts = filter ({ nix ? true, ... }: nix) flat_hosts; + flat_hosts = util.flatten_hosts hosts; + # Filter out all non-nixos hosts + nixHosts = util.filter_nix_hosts flat_hosts; + # Define args each module gets access to (access to hosts is useful for DNS/DHCP) specialArgs = { inherit hosts flat_hosts inputs; }; - - # Resolve imports based on a foldername (nixname) and if the host is an LXC container or a VM. - resolveImports = { hostname, location, profile ? hostname, lxc ? true, ... }: [ - ./nixos/common - "${./.}/nixos/hosts/${location}/${profile}/configuration.nix" - ] ++ (if lxc then [ - "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" - ./nixos/common/generic-lxc.nix - ] - else [ ./nixos/common/generic-vm.nix ]); - - mkConfig = { hostname, location, ... }@host: { - "${hostname}.${location}" = lib.nixosSystem { - inherit system specialArgs; - modules = resolveImports host; - }; - }; - - mkColmenaHost = { ip, hostname, tags, location, ... }@host: { - "${hostname}.${location}" = { - imports = resolveImports host; - networking = { - hostName = hostname; - domain = location; - }; - deployment = { - inherit tags; - targetHost = ip; - targetUser = null; # Defaults to $USER - }; - }; - }; - pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ]; in { # Make the nixosConfigurations, mostly for vault-secrets - nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts; + nixosConfigurations = util.mkNixosConfigurations specialArgs hosts; # Make the coleman configuration - colmena = lib.foldr (el: acc: acc // mkColmenaHost el) + colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) { - null = { ... }: { - networking.hostName = "null"; - - imports = [ - ./nixos/common - ./nixos/hosts/thalassa/null/configuration.nix - home-manager.nixosModules.home-manager - ]; - - deployment = { - allowLocalDeployment = true; - targetHost = null; - }; - }; - meta = { + inherit specialArgs; nixpkgs = import nixpkgs { inherit system; overlays = [ @@ -105,7 +62,6 @@ minecraft-servers.overlays.default ]; }; - inherit specialArgs; }; } nixHosts; diff --git a/nixos/hosts/default.nix b/nixos/hosts/default.nix index a09236d0..7859c057 100644 --- a/nixos/hosts/default.nix +++ b/nixos/hosts/default.nix @@ -1,4 +1,5 @@ { hades = import ./hades; olympus = import ./olympus; + thalassa = import ./thalassa; } diff --git a/nixos/hosts/olympus/default.nix b/nixos/hosts/olympus/default.nix index 980504ae..ceb5978d 100644 --- a/nixos/hosts/olympus/default.nix +++ b/nixos/hosts/olympus/default.nix @@ -22,7 +22,7 @@ ip = "10.42.42.4"; ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d"; mac = "82:F0:7C:CB:BD:6D"; - lxc = false; + type = "vm"; } { hostname = "vault"; @@ -53,7 +53,7 @@ profile = "k3s"; ip = "10.42.42.10"; mac = "2E:F8:55:23:D9:9B"; - lxc = false; + type = "vm"; } { hostname = "WoolooTV"; diff --git a/nixos/hosts/olympus/dhcp/configuration.nix b/nixos/hosts/olympus/dhcp/configuration.nix index afd5cf9f..43f735e8 100644 --- a/nixos/hosts/olympus/dhcp/configuration.nix +++ b/nixos/hosts/olympus/dhcp/configuration.nix @@ -6,7 +6,7 @@ let ipAddress = ip; }; localDomain = config.networking.domain; - hosts' = hosts.${localDomain}; + hosts' = builtins.filter (builtins.hasAttr "ip") hosts.${localDomain}; in { imports = [ ]; diff --git a/nixos/hosts/olympus/dns/configuration.nix b/nixos/hosts/olympus/dns/configuration.nix index 7173acc8..c794d89b 100644 --- a/nixos/hosts/olympus/dns/configuration.nix +++ b/nixos/hosts/olympus/dns/configuration.nix @@ -1,15 +1,14 @@ { config, pkgs, hosts, flat_hosts, ... }: let inherit (builtins) filter hasAttr attrNames; - hosts' = flat_hosts; domains = attrNames hosts; + ipv4Host = filter (hasAttr "ip") flat_hosts; + ipv6Hosts = filter (hasAttr "ip6") flat_hosts; - ipv6Hosts = filter (hasAttr "ip6") hosts'; - - localData = { hostname, location, ip, ... }: ''"${hostname}.${location}. A ${ip}"''; - local6Data = { hostname, location, ip6, ... }: ''"${hostname}.${location}. AAAA ${ip6}"''; - ptrData = { hostname, location, ip, ... }: ''"${ip} ${hostname}.${location}"''; - ptr6Data = { hostname, location, ip6, ... }: ''"${ip6} ${hostname}.${location}"''; + localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"''; + local6Data = { hostname, realm, ip6, ... }: ''"${hostname}.${realm}. AAAA ${ip6}"''; + ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"''; + ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"''; in { imports = [ ]; @@ -38,8 +37,8 @@ in { interface = [ "0.0.0.0" "::0" ]; local-zone = map (localdomain: ''"${localdomain}}." transparent'') domains; - local-data = (map localData hosts') ++ (map local6Data ipv6Hosts); - local-data-ptr = (map ptrData hosts') ++ (map ptr6Data ipv6Hosts); + local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts); + local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts); access-control = [ "127.0.0.1/32 allow_snoop" diff --git a/nixos/hosts/thalassa/default.nix b/nixos/hosts/thalassa/default.nix index 1c0f6778..54f43a97 100644 --- a/nixos/hosts/thalassa/default.nix +++ b/nixos/hosts/thalassa/default.nix @@ -1,7 +1,6 @@ [ { hostname = "null"; - mac = ""; type = "local"; } ] diff --git a/util.nix b/util.nix new file mode 100644 index 00000000..20eba700 --- /dev/null +++ b/util.nix @@ -0,0 +1,51 @@ +{ nixpkgs, home-manager, ... }: +let + inherit (nixpkgs) lib; + inherit (builtins) filter mapAttrs attrValues concatLists; + import_cases = { + "lxc" = [ + "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" + ./nixos/common/generic-lxc.nix + ]; + "vm" = [ + ./nixos/common/generic-vm.nix + ]; + "local" = [ + home-manager.nixosModules.home-manager + ]; + }; + resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }: [ + ./nixos/common + "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix" + ] ++ import_cases.${type}; +in +rec { + add_realm_to_tags = realm: hosts: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }) hosts; + flatten_hosts = hosts: concatLists (attrValues hosts); + filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts; + + mkNixosSystem = specialArgs: { hostname, realm, system ? "x86_64-linux", ... }@host: { + "${hostname}.${realm}" = lib.nixosSystem { + inherit system specialArgs; + modules = resolve_imports host; + }; + }; + + mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host: { + "${hostname}.${realm}" = { + imports = resolve_imports host; + networking = { + hostName = hostname; + domain = realm; + }; + deployment = { + inherit tags; + targetHost = ip; + allowLocalDeployment = (type == "local"); + targetUser = null; # Defaults to $USER + }; + }; + }; + + mkNixosConfigurations = specialArgs: hosts: lib.foldr (el: acc: acc // mkNixosSystem specialArgs el) { } hosts; +}