v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions

Merge branch 'main' of ssh://git.0x76.dev:42/v/infrastructure

Browse source
This commit is contained in:
Vivian 2023-05-25 20:05:27 +02:00
commit 820fd3fadc
23 changed files with 1240 additions and 1321 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/nixos.yml vendored
View file

@ -21,7 +21,7 @@ jobs:
large-packages: true large-packages: true
swap-storage: true swap-storage: true
- name: "Install Nix ❄️" - name: "Install Nix ❄️"
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v21
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"
uses: cachix/cachix-action@v12 uses: cachix/cachix-action@v12
with: with:
@ -37,7 +37,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: "Install Nix ❄️" - name: "Install Nix ❄️"
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v21
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"
uses: cachix/cachix-action@v12 uses: cachix/cachix-action@v12
@ -54,7 +54,7 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: "Install Nix ❄️" - name: "Install Nix ❄️"
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v21
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"
uses: cachix/cachix-action@v12 uses: cachix/cachix-action@v12
@ -85,7 +85,7 @@ jobs:
swap-storage: true swap-storage: true
- name: "Install Nix ❄️" - name: "Install Nix ❄️"
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v21
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"
uses: cachix/cachix-action@v12 uses: cachix/cachix-action@v12
with: with:
@ -116,7 +116,7 @@ jobs:
swap-storage: true swap-storage: true
- name: "Install Nix ❄️" - name: "Install Nix ❄️"
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v21
- name: "Install Cachix ❄️" - name: "Install Cachix ❄️"
uses: cachix/cachix-action@v12 uses: cachix/cachix-action@v12

3
.woodpecker.yml
View file

@ -1,11 +1,12 @@
pipeline: pipeline:
check: check:
image: nixos/nix:2.15.0 image: nixos/nix:2.15.1
commands: commands:
- echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf - echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf
- echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf - echo "store = unix:///mnt/nix/var/nix/daemon-socket/socket?root=/mnt" >> /etc/nix/nix.conf
- nix run 'nixpkgs#statix' check - nix run 'nixpkgs#statix' check
- nix run 'nixpkgs#deadnix' -- -f - nix run 'nixpkgs#deadnix' -- -f
- nix run 'nixpkgs#yamllint' . - nix run 'nixpkgs#yamllint' .
- nix run '.#' -- build --on 'bastion*'
volumes: volumes:
- /nix:/mnt/nix:ro - /nix:/mnt/nix:ro

54
flake.lock generated
View file

@ -502,11 +502,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1684484967, "lastModified": 1684824189,
"narHash": "sha256-P3ftCqeJmDYS9LSr2gGC4XGGcp5vv8TOasJX6fVHWsw=", "narHash": "sha256-k3nCkn5Qy67rCguuw6YkGuL6hOUNRKxQoKOjnapk5sU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "b9a52ad20e58ebd003444915e35e3dd2c18fc715", "rev": "58eb968c21d309a6c2b020ea8d64e25c38ceebba",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -557,11 +557,11 @@
"utils": "utils_2" "utils": "utils_2"
}, },
"locked": { "locked": {
"lastModified": 1684048308, "lastModified": 1684874496,
"narHash": "sha256-JcQe0Zmov/32L+GQ+O+H8Qoll+jjvkcrd8/TNtE6TBY=", "narHash": "sha256-UinOcfH+PvkYsnpsty8uIUrag62Yre2jlBjP2h70dI8=",
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"rev": "c04e4f22da48319d15593a2c942431744c12f27c", "rev": "d8131ffc61553df6137b382eec380689596cae3d",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -671,11 +671,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1683530131, "lastModified": 1684751352,
"narHash": "sha256-R0RSqj6JdZfru2x/cM19KJMHsU52OjtyxI5cccd+uFc=", "narHash": "sha256-CI7V/2aSBXsefcqX+IhL9zYayL4dPLucymlMCzVxyP4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "10079333313ff62446e6f2b0e7c5231c7431d269", "rev": "a9933ffcbc91688a4bc7dc427f454069a423343f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -799,11 +799,11 @@
}, },
"nixpkgs_22-11": { "nixpkgs_22-11": {
"locked": { "locked": {
"lastModified": 1684398685, "lastModified": 1684858140,
"narHash": "sha256-TRE62m91iZ5ArVMgA+uj22Yda8JoQuuhc9uwZ+NoX+0=", "narHash": "sha256-dQStox5GYrVlVNMvxxXs3xX9bXG7J7ttSjqUcVm8EaA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "628d4bb6e9f4f0c30cfd9b23d3c1cdcec9d3cb5c", "rev": "a17f99dfcb9643200b3884ca195c69ae41d7f059",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -815,11 +815,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1684502756, "lastModified": 1684944540,
"narHash": "sha256-7ssIPaLW2ncTApmExLSoqomPBlubNyUWm/SZYVgKhpI=", "narHash": "sha256-Ws79+cNBR/2tqEf3Md+Ok03avJOXAykpRRvkaerkTCQ=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a13191189f5d8a7e515155c24eb4e346aa4752f4", "rev": "178b88e3aee997935c6a81a72f2726ae86dffa0d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -831,11 +831,11 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1684385584, "lastModified": 1684754342,
"narHash": "sha256-O7y0gK8OLIDqz+LaHJJyeu09IGiXlZIS3+JgEzGmmJA=", "narHash": "sha256-plGnjnbnPLoZCTdQX21oT7xliQhFtgcWlkuDHgtEb1o=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a", "rev": "7084250df3d7f9735087d3234407f3c1fc2400e3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -931,11 +931,11 @@
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks"
}, },
"locked": { "locked": {
"lastModified": 1684488481, "lastModified": 1684856421,
"narHash": "sha256-NLHSxDUxw/Epw8CRk2cDPt3Zaaw1Zvbgvr2axNGQHds=", "narHash": "sha256-7iieAuQOeTo2FjGJjqpEhSFvZJDb9pSo7taAzNw4ZqI=",
"owner": "pta2002", "owner": "pta2002",
"repo": "nixvim", "repo": "nixvim",
"rev": "1d478841f8bf84f3b69095984aa74c56abb86ffa", "rev": "55415979af3fb850e54663a3804848cdc87803ae",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -946,11 +946,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1684500955, "lastModified": 1684921791,
"narHash": "sha256-EJUdpm4lkMn+/HUl3NSHutK+jDLdOHvGBWgz8RlT6Ck=", "narHash": "sha256-H0zNiMCtAUnRHyo06OaCpZEoP95WlEKVp+hpELTJXw0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "98294130adb4c09ac5f66e83bf98d80b7853f1d3", "rev": "9cacf444463dc574f0e9f6c0bc748f939b34a958",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1015,11 +1015,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1684195081, "lastModified": 1684763926,
"narHash": "sha256-IKnQUSBhQTChFERxW2AzuauVpY1HRgeVzAjNMAA4B6I=", "narHash": "sha256-1pSTzogoCmZc7JB3VrFFgFoj5lNXIIWwkVReFVMHDT8=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "96eabec58248ed8f4b0ad59e7ce9398018684fdc", "rev": "df448ffc5d244f52261d05894c5a96af7f3758a1",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View file

@ -54,6 +54,7 @@
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
config.allowUnfree = true;
overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ]; overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ];
}; };
@ -147,6 +148,7 @@
nil nil
vault vault
yamllint yamllint
jq
(vault-push-approle-envs self { }) (vault-push-approle-envs self { })
(vault-push-approles self { }) (vault-push-approles self { })
fast-repl fast-repl

2
flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml
View file

@ -42,7 +42,7 @@ spec:
- path: / - path: /
pathType: ImplementationSpecific pathType: ImplementationSpecific
adminUser: adminUser:
create: false create: true
passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC
username: admin username: admin

2
flux/olympus/core/external-secrets/helm-release.yaml
View file

@ -9,7 +9,7 @@ spec:
chart: chart:
spec: spec:
chart: external-secrets chart: external-secrets
version: 0.8.1 version: 0.8.2
interval: 30m interval: 30m
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository

7
nixos/common/common.nix
View file

@ -57,6 +57,13 @@
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"nodejs-14.21.3"
"openssl-1.1.1t"
"nodejs-16.20.0"
];
# Limit the systemd journal to 100 MB of disk or the # Limit the systemd journal to 100 MB of disk or the
# last 7 days of logs, whichever happens first. # last 7 days of logs, whichever happens first.
services.journald.extraConfig = '' services.journald.extraConfig = ''

3
nixos/common/desktop/home.nix
View file

@ -16,8 +16,7 @@ in {
gimp gimp
inputs.comma.packages.${pkgs.system}.default inputs.comma.packages.${pkgs.system}.default
inputs.webcord.packages.${pkgs.system}.default inputs.webcord.packages.${pkgs.system}.default
jetbrains.clion # jetbrains.clion
jetbrains.idea-ultimate
kdenlive kdenlive
mullvad-vpn mullvad-vpn
neofetch neofetch

4
nixos/hosts/hades/immich/configuration.nix
View file

@ -2,10 +2,10 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ pkgs, config, lib, ... }: { pkgs, config, ... }:
let let
# https://github.com/immich-app/immich/releases # https://github.com/immich-app/immich/releases
version = "1.55.1"; # version = "1.55.1";
dataDir = "/var/lib/immich"; dataDir = "/var/lib/immich";
in { in {
imports = [ ]; imports = [ ];

8
nixos/hosts/hades/mastodon/configuration.nix
View file

@ -7,9 +7,17 @@ in {
# Use DHCP with static leases # Use DHCP with static leases
networking.interfaces.eth0.useDHCP = true; networking.interfaces.eth0.useDHCP = true;
nixpkgs.config.permittedInsecurePackages = [
"openssl-1.1.1t"
];
# Better cache hits # Better cache hits
environment.noXlibs = lib.mkForce false; environment.noXlibs = lib.mkForce false;
networking.hosts = {
"192.168.0.122" = [ "xirion.net" "o.xirion.net" ];
};
services.elasticsearch = { services.elasticsearch = {
enable = true; enable = true;
cluster_name = "mastodon-es"; cluster_name = "mastodon-es";

5
nixos/hosts/hades/nginx/configuration.nix
View file

@ -15,6 +15,8 @@ let
in { in {
imports = [ ]; imports = [ ];
nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1t" ];
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave
@ -70,6 +72,7 @@ in {
allow 10.10.10.1/24; allow 10.10.10.1/24;
allow 192.168.0.0/23; allow 192.168.0.0/23;
allow 80.60.83.220; allow 80.60.83.220;
allow 83.128.154.23;
allow 195.85.167.32/29; allow 195.85.167.32/29;
deny all; deny all;
''; '';
@ -152,7 +155,7 @@ in {
proxyWebsockets = true; proxyWebsockets = true;
}; };
locations."api/v1/streaming" = { locations."/api/v1/streaming" = {
proxyPass = "http://192.168.0.138:55000"; proxyPass = "http://192.168.0.138:55000";
proxyWebsockets = true; proxyWebsockets = true;
}; };

2
nixos/hosts/hades/overseerr/prowlarr.nix
View file

@ -5,7 +5,7 @@ _: {
}; };
virtualisation.oci-containers.containers.flaresolverr = { virtualisation.oci-containers.containers.flaresolverr = {
image = "flaresolverr/flaresolverr:v3.1.2"; image = "flaresolverr/flaresolverr:v3.2.0";
ports = [ "8191:8191" ]; ports = [ "8191:8191" ];
}; };
} }

1
nixos/hosts/olympus/nginx/configuration.nix
View file

@ -85,6 +85,7 @@ in {
allow 10.42.42.0/23; allow 10.42.42.0/23;
allow 192.168.0.0/23; allow 192.168.0.0/23;
allow 80.60.83.220; allow 80.60.83.220;
allow 83.128.154.23;
allow 195.85.167.32/29; allow 195.85.167.32/29;
deny all; deny all;
''; '';

2
nixos/hosts/olympus/wireguard/configuration.nix
View file

@ -77,7 +77,7 @@ in {
# https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html # https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI="; publicKey = "KgqLhmUMX6kyTjRoa/GOCrZOvXNE5HWYuOr/T3v8/VI=";
allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ]; allowedIPs = [ "10.100.0.5/32" "192.168.0.0/23" "10.10.10.0/24" ];
endpoint = "80.60.83.220:51820"; endpoint = "83.128.154.23:51820";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
]; ];

4
nixos/pkgs/default.nix
View file

@ -21,5 +21,9 @@ _final: prev: {
platformio.platformio-ide = platformio.platformio-ide =
prev.callPackage ./vscode-extensions/platformio.nix { }; prev.callPackage ./vscode-extensions/platformio.nix { };
}; };
}; };
plex-plexpass = prev.callPackage ./plex-pass { };
plexRaw-plexpass = prev.callPackage ./plex-pass/raw.nix { };
} }

2
nixos/pkgs/glitch-soc/default.nix
View file

@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
yarnOfflineCache = fetchYarnDeps { yarnOfflineCache = fetchYarnDeps {
yarnLock = "${src}/yarn.lock"; yarnLock = "${src}/yarn.lock";
# sha256 = lib.fakeSha256; # sha256 = lib.fakeSha256;
sha256 = "sha256-5KmPgKE1QRPoTjeSYidKt/z9vzWzTOoJVr5dNtofKJY="; sha256 = "sha256-+i5vejb1XWwNQffg9gzRY8FVOt8MK6ht4cxSSrGAS/Q=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

309
nixos/pkgs/glitch-soc/gemset.nix
View file

@ -11,14 +11,7 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
actionmailbox = { actionmailbox = {
dependencies = [ dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"];
"actionpack"
"activejob"
"activerecord"
"activestorage"
"activesupport"
"mail"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -29,14 +22,7 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
actionmailer = { actionmailer = {
dependencies = [ dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"];
"actionpack"
"actionview"
"activejob"
"activesupport"
"mail"
"rails-dom-testing"
];
groups = ["default" "development"]; groups = ["default" "development"];
platforms = []; platforms = [];
source = { source = {
@ -47,16 +33,8 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
actionpack = { actionpack = {
dependencies = [ dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"];
"actionview" groups = ["default" "development" "pam_authentication" "production" "test"];
"activesupport"
"rack"
"rack-test"
"rails-dom-testing"
"rails-html-sanitizer"
];
groups =
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -66,13 +44,7 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
actiontext = { actiontext = {
dependencies = [ dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"];
"actionpack"
"activerecord"
"activestorage"
"activesupport"
"nokogiri"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -83,15 +55,8 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
actionview = { actionview = {
dependencies = [ dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"];
"activesupport" groups = ["default" "development" "pam_authentication" "production" "test"];
"builder"
"erubi"
"rails-dom-testing"
"rails-html-sanitizer"
];
groups =
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -101,8 +66,7 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
active_model_serializers = { active_model_serializers = {
dependencies = dependencies = ["actionpack" "activemodel" "case_transform" "jsonapi-renderer"];
[ "actionpack" "activemodel" "case_transform" "jsonapi-renderer" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -146,14 +110,7 @@
version = "6.1.7.3"; version = "6.1.7.3";
}; };
activestorage = { activestorage = {
dependencies = [ dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"];
"actionpack"
"activejob"
"activerecord"
"activesupport"
"marcel"
"mini_mime"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -165,8 +122,7 @@
}; };
activesupport = { activesupport = {
dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -290,8 +246,7 @@
version = "1.752.0"; version = "1.752.0";
}; };
aws-sdk-core = { aws-sdk-core = {
dependencies = dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"];
[ "aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -356,14 +311,7 @@
version = "2.9.1"; version = "2.9.1";
}; };
better_html = { better_html = {
dependencies = [ dependencies = ["actionview" "activesupport" "ast" "erubi" "parser" "smart_properties"];
"actionview"
"activesupport"
"ast"
"erubi"
"parser"
"smart_properties"
];
groups = ["default" "development" "test"]; groups = ["default" "development" "test"];
platforms = []; platforms = [];
source = { source = {
@ -447,8 +395,7 @@
version = "0.1.3"; version = "0.1.3";
}; };
builder = { builder = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -524,16 +471,7 @@
version = "2.0.2"; version = "2.0.2";
}; };
capybara = { capybara = {
dependencies = [ dependencies = ["addressable" "matrix" "mini_mime" "nokogiri" "rack" "rack-test" "regexp_parser" "xpath"];
"addressable"
"matrix"
"mini_mime"
"nokogiri"
"rack"
"rack-test"
"regexp_parser"
"xpath"
];
groups = ["test"]; groups = ["test"];
platforms = []; platforms = [];
source = { source = {
@ -636,8 +574,7 @@
version = "0.1"; version = "0.1";
}; };
concurrent-ruby = { concurrent-ruby = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -679,8 +616,7 @@
version = "0.4.5"; version = "0.4.5";
}; };
crass = { crass = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -732,18 +668,15 @@
version = "4.9.2"; version = "4.9.2";
}; };
devise-two-factor = { devise-two-factor = {
dependencies = dependencies = ["activesupport" "attr_encrypted" "devise" "railties" "rotp"];
[ "activesupport" "attr_encrypted" "devise" "railties" "rotp" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
fetchSubmodules = false; remotes = ["https://rubygems.org"];
rev = "e685f91ce62d036259885fbe31fcb4fa930bcfcb"; sha256 = "1nk43p339zyp4y5vab3w3s0zbjd4xfs8qn0ymxdnz6d961dbbdm8";
sha256 = "1zdlhzm2m87xgzacmm68j51wpz7dcmg8wl1r9wxkhs51c90yvqla"; type = "gem";
type = "git";
url = "https://github.com/tinfoil/devise-two-factor.git";
}; };
version = "4.0.2"; version = "4.1.0";
}; };
devise_pam_authenticatable2 = { devise_pam_authenticatable2 = {
dependencies = ["devise" "rpam2"]; dependencies = ["devise" "rpam2"];
@ -894,8 +827,7 @@
version = "3.0.0"; version = "3.0.0";
}; };
erubi = { erubi = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -947,19 +879,7 @@
version = "3.2.0"; version = "3.2.0";
}; };
faraday = { faraday = {
dependencies = [ dependencies = ["faraday-em_http" "faraday-em_synchrony" "faraday-excon" "faraday-httpclient" "faraday-multipart" "faraday-net_http" "faraday-net_http_persistent" "faraday-patron" "faraday-rack" "faraday-retry" "ruby2_keywords"];
"faraday-em_http"
"faraday-em_synchrony"
"faraday-excon"
"faraday-httpclient"
"faraday-multipart"
"faraday-net_http"
"faraday-net_http_persistent"
"faraday-patron"
"faraday-rack"
"faraday-retry"
"ruby2_keywords"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -1292,8 +1212,7 @@
version = "4.3.4"; version = "4.3.4";
}; };
http = { http = {
dependencies = dependencies = ["addressable" "http-cookie" "http-form_data" "llhttp-ffi"];
[ "addressable" "http-cookie" "http-form_data" "llhttp-ffi" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -1357,8 +1276,7 @@
}; };
i18n = { i18n = {
dependencies = ["concurrent-ruby"]; dependencies = ["concurrent-ruby"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1368,18 +1286,7 @@
version = "1.12.0"; version = "1.12.0";
}; };
i18n-tasks = { i18n-tasks = {
dependencies = [ dependencies = ["activesupport" "ast" "better_html" "erubi" "highline" "i18n" "parser" "rails-i18n" "rainbow" "terminal-table"];
"activesupport"
"ast"
"better_html"
"erubi"
"highline"
"i18n"
"parser"
"rails-i18n"
"rainbow"
"terminal-table"
];
groups = ["development" "test"]; groups = ["development" "test"];
platforms = []; platforms = [];
source = { source = {
@ -1434,10 +1341,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "0zc3ndnp4rjqg98cy2dd9x266vk23rz4mpl8afwn26vj49si56av"; sha256 = "1rvsalsrs8njk2gqxgq0ydg5cd02jqdawskbq2ccz663qxz8wwq5";
type = "gem"; type = "gem";
}; };
version = "0.3.1"; version = "0.3.2";
}; };
json-jwt = { json-jwt = {
dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"]; dependencies = ["activesupport" "aes_key_wrap" "bindata" "httpclient"];
@ -1451,22 +1358,15 @@
version = "1.15.3"; version = "1.15.3";
}; };
json-ld = { json-ld = {
dependencies = [ dependencies = ["htmlentities" "json-canonicalization" "link_header" "multi_json" "rack" "rdf"];
"htmlentities"
"json-canonicalization"
"link_header"
"multi_json"
"rack"
"rdf"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "02lz2fgqmp3dr5q05hagk01knds69n33k0ljjgdj9a7ajapwgvhf"; sha256 = "1z3kqacjmqs02vwwqm9di7sw7f7nchxx99v84myrrzmh64c6zfcq";
type = "gem"; type = "gem";
}; };
version = "3.2.4"; version = "3.2.5";
}; };
json-ld-preloaded = { json-ld-preloaded = {
dependencies = ["json-ld" "rdf"]; dependencies = ["json-ld" "rdf"];
@ -1511,12 +1411,7 @@
version = "2.7.0"; version = "2.7.0";
}; };
kaminari = { kaminari = {
dependencies = [ dependencies = ["activesupport" "kaminari-actionview" "kaminari-activerecord" "kaminari-core"];
"activesupport"
"kaminari-actionview"
"kaminari-activerecord"
"kaminari-core"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -1559,8 +1454,7 @@
version = "1.2.2"; version = "1.2.2";
}; };
kt-paperclip = { kt-paperclip = {
dependencies = dependencies = ["activemodel" "activesupport" "marcel" "mime-types" "terrapin"];
[ "activemodel" "activesupport" "marcel" "mime-types" "terrapin" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -1639,8 +1533,7 @@
}; };
loofah = { loofah = {
dependencies = ["crass" "nokogiri"]; dependencies = ["crass" "nokogiri"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1713,8 +1606,7 @@
version = "1.0.1"; version = "1.0.1";
}; };
method_source = { method_source = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1755,8 +1647,7 @@
version = "1.1.2"; version = "1.1.2";
}; };
mini_portile2 = { mini_portile2 = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1766,8 +1657,7 @@
version = "2.8.1"; version = "2.8.1";
}; };
minitest = { minitest = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1904,8 +1794,7 @@
}; };
nokogiri = { nokogiri = {
dependencies = ["mini_portile2" "racc"]; dependencies = ["mini_portile2" "racc"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -1915,8 +1804,7 @@
version = "1.14.3"; version = "1.14.3";
}; };
nsa = { nsa = {
dependencies = dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"];
[ "activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -1992,18 +1880,7 @@
version = "0.6.1"; version = "0.6.1";
}; };
openid_connect = { openid_connect = {
dependencies = [ dependencies = ["activemodel" "attr_required" "json-jwt" "net-smtp" "rack-oauth2" "swd" "tzinfo" "validate_email" "validate_url" "webfinger"];
"activemodel"
"attr_required"
"json-jwt"
"net-smtp"
"rack-oauth2"
"swd"
"tzinfo"
"validate_email"
"validate_url"
"webfinger"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -2101,10 +1978,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "1qja5f6k9v3jjip7mv3qjgx7rwmk1663cxz8jnb589znvj4wxd9l"; sha256 = "1zcvxmfa8hxkhpp59fhxyxy1arp70f11zi1jh9c7bsdfspifb7kb";
type = "gem"; type = "gem";
}; };
version = "1.5.2"; version = "1.5.3";
}; };
pghero = { pghero = {
dependencies = ["activerecord"]; dependencies = ["activerecord"];
@ -2212,8 +2089,7 @@
version = "1.4.0"; version = "1.4.0";
}; };
racc = { racc = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2223,8 +2099,7 @@
version = "1.6.2"; version = "1.6.2";
}; };
rack = { rack = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2256,8 +2131,7 @@
version = "2.0.1"; version = "2.0.1";
}; };
rack-oauth2 = { rack-oauth2 = {
dependencies = dependencies = ["activesupport" "attr_required" "httpclient" "json-jwt" "rack"];
[ "activesupport" "attr_required" "httpclient" "json-jwt" "rack" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -2280,8 +2154,7 @@
}; };
rack-test = { rack-test = {
dependencies = ["rack"]; dependencies = ["rack"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2291,21 +2164,7 @@
version = "2.1.0"; version = "2.1.0";
}; };
rails = { rails = {
dependencies = [ dependencies = ["actioncable" "actionmailbox" "actionmailer" "actionpack" "actiontext" "actionview" "activejob" "activemodel" "activerecord" "activestorage" "activesupport" "railties" "sprockets-rails"];
"actioncable"
"actionmailbox"
"actionmailer"
"actionpack"
"actiontext"
"actionview"
"activejob"
"activemodel"
"activerecord"
"activestorage"
"activesupport"
"railties"
"sprockets-rails"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -2328,8 +2187,7 @@
}; };
rails-dom-testing = { rails-dom-testing = {
dependencies = ["activesupport" "nokogiri"]; dependencies = ["activesupport" "nokogiri"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2340,8 +2198,7 @@
}; };
rails-html-sanitizer = { rails-html-sanitizer = {
dependencies = ["loofah"]; dependencies = ["loofah"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2375,10 +2232,8 @@
version = "0.6.6"; version = "0.6.6";
}; };
railties = { railties = {
dependencies = dependencies = ["actionpack" "activesupport" "method_source" "rake" "thor"];
[ "actionpack" "activesupport" "method_source" "rake" "thor" ]; groups = ["default" "development" "pam_authentication" "production" "test"];
groups =
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2398,8 +2253,7 @@
version = "3.1.1"; version = "3.1.1";
}; };
rake = { rake = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -2589,15 +2443,7 @@
version = "3.12.5"; version = "3.12.5";
}; };
rspec-rails = { rspec-rails = {
dependencies = [ dependencies = ["actionpack" "activesupport" "railties" "rspec-core" "rspec-expectations" "rspec-mocks" "rspec-support"];
"actionpack"
"activesupport"
"railties"
"rspec-core"
"rspec-expectations"
"rspec-mocks"
"rspec-support"
];
groups = ["development" "test"]; groups = ["development" "test"];
platforms = []; platforms = [];
source = { source = {
@ -2650,17 +2496,7 @@
version = "0.6.0"; version = "0.6.0";
}; };
rubocop = { rubocop = {
dependencies = [ dependencies = ["json" "parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"];
"json"
"parallel"
"parser"
"rainbow"
"regexp_parser"
"rexml"
"rubocop-ast"
"ruby-progressbar"
"unicode-display_width"
];
groups = ["development" "test"]; groups = ["development" "test"];
platforms = []; platforms = [];
source = { source = {
@ -2709,10 +2545,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "13gx0dmi5jhs4x2617jclwc57sy4gvw3v8l91dpgc63b8dpmcim6"; sha256 = "0j6dn8pz70bngx6van8yzsimpdd93gm7c8lr93wz1j4ahm6q4hn9";
type = "gem"; type = "gem";
}; };
version = "2.18.0"; version = "2.19.1";
}; };
rubocop-rspec = { rubocop-rspec = {
dependencies = ["rubocop" "rubocop-capybara"]; dependencies = ["rubocop" "rubocop-capybara"];
@ -2756,6 +2592,16 @@
}; };
version = "0.0.5"; version = "0.0.5";
}; };
rubyzip = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz";
type = "gem";
};
version = "2.3.2";
};
rufus-scheduler = { rufus-scheduler = {
dependencies = ["fugit"]; dependencies = ["fugit"];
groups = ["default"]; groups = ["default"];
@ -2844,8 +2690,7 @@
version = "5.0.2"; version = "5.0.2";
}; };
sidekiq-unique-jobs = { sidekiq-unique-jobs = {
dependencies = dependencies = ["brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor"];
[ "brpoplpush-redis_script" "concurrent-ruby" "redis" "sidekiq" "thor" ];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -3047,8 +2892,7 @@
version = "0.6.0"; version = "0.6.0";
}; };
thor = { thor = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -3153,8 +2997,7 @@
}; };
tzinfo = { tzinfo = {
dependencies = ["concurrent-ruby"]; dependencies = ["concurrent-ruby"];
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
@ -3249,16 +3092,7 @@
version = "1.2.9"; version = "1.2.9";
}; };
webauthn = { webauthn = {
dependencies = [ dependencies = ["android_key_attestation" "awrence" "bindata" "cbor" "cose" "openssl" "safety_net_attestation" "tpm-key_attestation"];
"android_key_attestation"
"awrence"
"bindata"
"cbor"
"cose"
"openssl"
"safety_net_attestation"
"tpm-key_attestation"
];
groups = ["default"]; groups = ["default"];
platforms = []; platforms = [];
source = { source = {
@ -3367,8 +3201,7 @@
version = "3.2.0"; version = "3.2.0";
}; };
zeitwerk = { zeitwerk = {
groups = groups = ["default" "development" "pam_authentication" "production" "test"];
[ "default" "development" "pam_authentication" "production" "test" ];
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];

7
nixos/pkgs/glitch-soc/source.nix
View file

@ -1,10 +1,9 @@
# This file was generated by pkgs.mastodon.updateScript. # This file was generated by pkgs.mastodon.updateScript.
{ fetchgit, applyPatches }: { fetchgit, applyPatches }: let
let
src = fetchgit { src = fetchgit {
url = "https://github.com/glitch-soc/mastodon.git"; url = "https://github.com/glitch-soc/mastodon.git";
rev = "c18884de32b60152600ec95ed42cdf9c00fdab7a"; rev = "058898802a377877961ff3bfa7d5209a5e275545";
sha256 = "08b520wfs7hpi4jy9srynydkkh5b2wwnb2b3xxa843yialf0qmlh"; sha256 = "0rn7l94031yl1lyyz7yvky6bqshw4nllwissxlpyqcmii52gwp7y";
}; };
in applyPatches { in applyPatches {
inherit src; inherit src;

3
nixos/pkgs/plex-pass/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ plex, plexRaw-plexpass }:
# Copied from: https://github.com/tadfisher/flake/blob/ed949a619236ba30f0be614fed804abdf1e8005b/pkgs/plex-plexpass/default.nix
plex.override { plexRaw = plexRaw-plexpass; }

13
nixos/pkgs/plex-pass/raw.nix Normal file
View file

@ -0,0 +1,13 @@
{ lib, stdenv, plexRaw, fetchurl }:
let
sources = builtins.fromJSON (builtins.readFile ./sources.json);
source = lib.findFirst (x: x.platform == stdenv.hostPlatform.system)
(throw "unsupported platform: ${stdenv.hostPlatform.system}") sources;
in plexRaw.overrideAttrs (attrs: {
pname = attrs.pname + "-plexpass";
inherit (source) version;
src = fetchurl {
inherit (source) url;
sha256 = source.hash;
};
})

14
nixos/pkgs/plex-pass/sources.json Normal file
View file

@ -0,0 +1,14 @@
[
{
"version": "1.32.2.7100",
"platform": "aarch64-linux",
"url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_arm64.deb",
"hash": "1rs967n4vli7gba2137l5z6vrdcdxfy3hni21lay3ayyds3xmavd"
},
{
"version": "1.32.2.7100",
"platform": "x86_64-linux",
"url": "https://downloads.plex.tv/plex-media-server-new/1.32.2.7100-248a2daf0/debian/plexmediaserver_1.32.2.7100-248a2daf0_amd64.deb",
"hash": "0myr0nws0dhhkp9cc5zwxs4pigs7bmyf582fwskzjqm3d7phlwmi"
}
]

32
nixos/pkgs/plex-pass/update.sh Executable file
View file

@ -0,0 +1,32 @@
#!/usr/bin/env bash
set -x
shopt -s extglob
set -eu -o pipefail
path="$(realpath "$(dirname "$0")")"
declare -A platforms=(
[linux-x86_64]=x86_64-linux
[linux-aarch64]=aarch64-linux
)
token=$(vault kv get -field=plex_token hades_secrets/nixos/plex)
manifest=$(curl -s "https://plex.tv/api/downloads/5.json?channel=plexpass" -H "X-Plex-Token: ${token}")
version=$(echo "$manifest" | jq -r '.computer.Linux.version | split("-") | .[0]')
tmp="$path/sources.tmp.json"
echo '' >$tmp
for arch in "${!platforms[@]}"; do
url="$(echo "$manifest" | jq --arg arch "$arch" -r '.computer.Linux.releases[] | select(.distro == "debian" and .build == $arch) .url')"
hash="$(nix-prefetch-url "$url")"
nixPlatform=${platforms[$arch]}
jq --arg version $version \
--arg platform $nixPlatform \
--arg url "$url" \
--arg hash $hash \
-n '$ARGS.named' >>$tmp
done
jq -s '.' $tmp >"$path/sources.json"
rm $tmp

12
nixos/util.nix
View file

@ -24,9 +24,10 @@ let
# Add to whatever realm a host belong to its list of tags # Add to whatever realm a host belong to its list of tags
add_realm_to_tags = mapAttrs (realm: add_realm_to_tags = mapAttrs (realm:
mapAttrs (_hostname: mapAttrs (_hostname:
{ tags ? [ ], ... }@host: { type ? "lxc", tags ? [ ], ... }@host:
host // { host // {
tags = [ realm ] ++ tags; # Tags are for deployment, so don't add them to local machines
tags = tags ++ (if type == "local" then [ ] else [ realm ]);
inherit realm; inherit realm;
})); }));
@ -41,7 +42,8 @@ let
# outputs # outputs
# Helper function to build a colmena host definition # Helper function to build a colmena host definition
mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm, type ? "lxc", ... }@host: mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm
, type ? "lxc", ... }@host:
let let
# this makes local apply work a bit nicer # this makes local apply work a bit nicer
name = if type == "local" then hostname else "${hostname}.${realm}"; name = if type == "local" then hostname else "${hostname}.${realm}";
@ -67,6 +69,4 @@ let
hosts = add_realm_to_tags (import ./hosts); hosts = add_realm_to_tags (import ./hosts);
flat_hosts = flatten_hosts hosts; flat_hosts = flatten_hosts hosts;
nixHosts = filter_nix_hosts flat_hosts; nixHosts = filter_nix_hosts flat_hosts;
in { in { inherit base_imports mkColmenaHost hosts flat_hosts nixHosts; }
inherit base_imports mkColmenaHost hosts flat_hosts nixHosts;
}