From 78b92f06ccec78f30dc0c6d8a8cdef31828c4779 Mon Sep 17 00:00:00 2001 From: oddlama Date: Sat, 1 Jun 2024 00:31:38 +0200 Subject: [PATCH] feat: finish transition to flake-parts --- README.md | 2 +- STRUCTURE.md | 2 - config/default.nix | 14 +- config/installer.nix | 43 ++++++ flake.lock | 6 +- flake.nix | 129 +----------------- hosts/envoy/default.nix | 1 + hosts/kroma/default.nix | 2 + hosts/nom/default.nix | 1 + hosts/sentinel/default.nix | 1 + hosts/sire/default.nix | 1 + .../secrets/influxdb}/github-access-token.age | Bin hosts/ward/default.nix | 1 + hosts/zackbiene/default.nix | 1 + lib/default.nix | 3 - lib/secrets.nix | 33 ----- nix/generate-installer-package.nix | 35 ----- nix/hosts.nix | 123 ++++++++--------- nix/iso.nix | 24 ++++ nix/pkgs.nix | 37 +++++ nix/storage-box.nix | 9 ++ ...ebe477f42c874adce8-github-access-token.age | 8 ++ ...4cc24a93a8f0382290-github-access-token.age | 8 -- topology/flake-module.nix | 30 ++++ 24 files changed, 237 insertions(+), 277 deletions(-) create mode 100644 config/installer.nix rename hosts/{ward/secrets/web-proxy => sire/secrets/influxdb}/github-access-token.age (100%) delete mode 100644 lib/default.nix delete mode 100644 lib/secrets.nix delete mode 100644 nix/generate-installer-package.nix create mode 100644 nix/iso.nix create mode 100644 nix/pkgs.nix create mode 100644 nix/storage-box.nix create mode 100644 secrets/rekeyed/sire-influxdb/d07a62d25f3f8febe477f42c874adce8-github-access-token.age delete mode 100644 secrets/rekeyed/ward-web-proxy/248016a36e45ca4cc24a93a8f0382290-github-access-token.age create mode 100644 topology/flake-module.nix diff --git a/README.md b/README.md index a561706..1f0a485 100644 --- a/README.md +++ b/README.md @@ -122,7 +122,7 @@ but here's a quick breakdown of the what you will find where. - Create a bootable iso disk image with `nix build --print-out-paths --no-link .#images..live-iso`, dd it to a stick and boot - (Alternative) Use an official NixOS live-iso and setup ssh manually -- Copy the installer from a local machine to the live system with `nix copy --to .#packages..installer-package.` +- Copy the installer from a local machine to the live system with `nix copy --to .#nixosConfigurationsMinimal.config.system.build.installFromLive` Afterwards: diff --git a/STRUCTURE.md b/STRUCTURE.md index 2019372..fe982e2 100644 --- a/STRUCTURE.md +++ b/STRUCTURE.md @@ -19,8 +19,6 @@ Make sure to utilize the github search if you know what you need! Some hosts define guests that run as containerized or virtualized guests. Their configuration is usually just a single file stored in `guests/.nix`. Their secrets are usually stored in a subfolder of the host's secrets folder. -- `lib/` contains extra library functions that are needed throughout the config. - - `modules/` contains modularized configuration. If you are interested in reusable parts of my configuration, this is probably the folder you are looking for. These will be regular reusable modules like those you would find in `nixpkgs/nixos/modules`. diff --git a/config/default.nix b/config/default.nix index 3f63bf3..e19fe98 100644 --- a/config/default.nix +++ b/config/default.nix @@ -23,6 +23,7 @@ ./home-manager.nix ./impermanence.nix ./inputrc.nix + ./installer.nix ./issue.nix ./net.nix ./nftables.nix @@ -35,8 +36,13 @@ ./users.nix ]; - nixpkgs.overlays = [ - inputs.nixvim.overlays.default - inputs.wired-notify.overlays.default - ]; + nixpkgs.config.allowUnfree = true; + nixpkgs.overlays = + import ../pkgs/default.nix + ++ [ + inputs.nix-topology.overlays.default + inputs.nixos-extra-modules.overlays.default + inputs.nixvim.overlays.default + inputs.wired-notify.overlays.default + ]; } diff --git a/config/installer.nix b/config/installer.nix new file mode 100644 index 0000000..6952913 --- /dev/null +++ b/config/installer.nix @@ -0,0 +1,43 @@ +{ + config, + lib, + pkgs, + ... +}: let + disko-script = pkgs.writeShellScriptBin "disko-script" "${config.system.build.diskoScript}"; + disko-mount = pkgs.writeShellScriptBin "disko-mount" "${config.system.build.mountScript}"; + disko-format = pkgs.writeShellScriptBin "disko-format" "${config.system.build.formatScript}"; + + install-system = pkgs.writeShellScriptBin "install-system" '' + set -euo pipefail + + echo "Formatting disks..." + ${disko-script}/bin/disko-script + + echo "Installing system..." + nixos-install --no-root-password --system ${config.system.build.toplevel} + + echo "Done!" + echo "DONT FORGET TO EXPORT YOUR ZFS POOL(S)!" + ''; + + installer-package = pkgs.symlinkJoin { + name = "installer-package-${config.node.name}"; + paths = [ + disko-script + disko-mount + disko-format + install-system + ]; + }; +in { + options.system.build.installFromLive = lib.mkOption { + type = lib.types.package; + description = '' + A single script that can be used from a live system, which will + format disks and copy the derivation. + ''; + default = installer-package; + readOnly = true; + }; +} diff --git a/flake.lock b/flake.lock index 31c1eac..046bc9f 100644 --- a/flake.lock +++ b/flake.lock @@ -51,11 +51,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1716983518, - "narHash": "sha256-LdiPzaq6IwCfEpjaZfndO1CtW1ah1ONwyXKPs7s6UVk=", + "lastModified": 1717022817, + "narHash": "sha256-PHyHgQL5/b0+A/kmNCHVOM/WSJSGe1jZ+LFWfYNx31E=", "owner": "oddlama", "repo": "agenix-rekey", - "rev": "8cf73841a6fa127a64392c8603ce51af1c63b33f", + "rev": "c6c1ca5b9ceaaa40fd979fb25bb7043adf4554ad", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0c21c92..24b0f04 100644 --- a/flake.nix +++ b/flake.nix @@ -96,136 +96,19 @@ outputs = inputs: inputs.flake-parts.lib.mkFlake {inherit inputs;} { imports = [ - ./nix/devshell.nix ./nix/agenix-rekey.nix + ./nix/devshell.nix ./nix/globals.nix - ( - { - lib, - flake-parts-lib, - ... - }: - flake-parts-lib.mkTransposedPerSystemModule { - name = "images"; - file = ./flake.nix; - option = lib.mkOption { - type = lib.types.unspecified; - }; - } - ) - ( - { - lib, - flake-parts-lib, - ... - }: - flake-parts-lib.mkTransposedPerSystemModule { - name = "pkgs"; - file = ./flake.nix; - option = lib.mkOption { - type = lib.types.unspecified; - }; - } - ) + ./nix/hosts.nix + ./nix/iso.nix + ./nix/pkgs.nix + ./nix/storage-box.nix + ./topology/flake-module.nix ]; - flake = { - config, - lib, - ... - }: let - inherit - (lib) - foldl' - mapAttrs - mapAttrsToList - recursiveUpdate - ; - in { - inherit - (import ./nix/hosts.nix inputs) - hosts - guestConfigs - nixosConfigurations - nixosConfigurationsMinimal - ; - - # All nixosSystem instanciations are collected here, so that we can refer - # to any system via nodes. - nodes = config.nixosConfigurations // config.guestConfigs; - # Add a shorthand to easily target toplevel derivations - "@" = mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; - - # For each true NixOS system, we want to expose an installer package that - # can be used to do the initial setup on the node from a live environment. - # We use the minimal sibling configuration to reduce the amount of stuff - # we have to copy to the live system. - inherit - (foldl' recursiveUpdate {} - (mapAttrsToList - (import ./nix/generate-installer-package.nix inputs) - config.nixosConfigurationsMinimal)) - packages - ; - }; - systems = [ "x86_64-linux" "aarch64-linux" ]; - - perSystem = { - config, - pkgs, - system, - ... - }: { - _module.args.pkgs = import inputs.nixpkgs { - inherit system; - config.allowUnfree = true; - overlays = - import ./lib inputs - ++ import ./pkgs/default.nix - ++ [ - inputs.nix-topology.overlays.default - inputs.nixos-extra-modules.overlays.default - ]; - }; - - inherit pkgs; - - apps.setupHetznerStorageBoxes = import (inputs.nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix") { - inherit pkgs; - nixosConfigurations = config.nodes; - decryptIdentity = builtins.head config.secretsConfig.masterIdentities; - }; - - #topology = import inputs.nix-topology { - # inherit pkgs; - # modules = [ - # ./topology - # { - # inherit (inputs.self) nixosConfigurations; - # } - # ]; - #}; - - # For each major system, we provide a customized installer image that - # has ssh and some other convenience stuff preconfigured. - # Not strictly necessary for new setups. - images.live-iso = inputs.nixos-generators.nixosGenerate { - inherit pkgs; - modules = [ - ./nix/installer-configuration.nix - ./config/ssh.nix - ]; - format = - { - x86_64-linux = "install-iso"; - aarch64-linux = "sd-aarch64-installer"; - } - .${system}; - }; - }; }; } diff --git a/hosts/envoy/default.nix b/hosts/envoy/default.nix index ca50fcb..f3df9ad 100644 --- a/hosts/envoy/default.nix +++ b/hosts/envoy/default.nix @@ -12,6 +12,7 @@ #./stalwart-mail.nix ]; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "bios"; users.groups.acme.members = ["nginx"]; diff --git a/hosts/kroma/default.nix b/hosts/kroma/default.nix index 3f5a074..5f3a1a8 100644 --- a/hosts/kroma/default.nix +++ b/hosts/kroma/default.nix @@ -32,7 +32,9 @@ ./net.nix ]; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "efi"; + boot.kernelModules = ["nvidia_uvm"]; # FIXME: For some reason this doesn't load automatically for me, causing CUDA_ERROR_UNKNOWN (999) issues when trying to cuInit boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; boot.binfmt.emulatedSystems = ["aarch64-linux"]; } diff --git a/hosts/nom/default.nix b/hosts/nom/default.nix index 9b8e37b..c5f69c1 100644 --- a/hosts/nom/default.nix +++ b/hosts/nom/default.nix @@ -27,6 +27,7 @@ ./net.nix ]; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "efi"; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; diff --git a/hosts/sentinel/default.nix b/hosts/sentinel/default.nix index b7d4fd7..0dc7d3c 100644 --- a/hosts/sentinel/default.nix +++ b/hosts/sentinel/default.nix @@ -16,6 +16,7 @@ ./oauth2.nix ]; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "bios"; wireguard.proxy-sentinel.firewallRuleForAll.allowedTCPPorts = [80 443]; diff --git a/hosts/sire/default.nix b/hosts/sire/default.nix index 431d1e3..d15d15d 100644 --- a/hosts/sire/default.nix +++ b/hosts/sire/default.nix @@ -22,6 +22,7 @@ topology.self.hardware.info = "AMD Ryzen Threadripper 1950X, 96GB RAM"; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "efi"; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "e1000e" "alx"]; diff --git a/hosts/ward/secrets/web-proxy/github-access-token.age b/hosts/sire/secrets/influxdb/github-access-token.age similarity index 100% rename from hosts/ward/secrets/web-proxy/github-access-token.age rename to hosts/sire/secrets/influxdb/github-access-token.age diff --git a/hosts/ward/default.nix b/hosts/ward/default.nix index b4e77b0..c1a117a 100644 --- a/hosts/ward/default.nix +++ b/hosts/ward/default.nix @@ -24,6 +24,7 @@ topology.self.hardware.image = ../../topology/images/odroid-h3.png; topology.self.hardware.info = "O-Droid H3, 64GB RAM"; + nixpkgs.hostPlatform = "x86_64-linux"; boot.mode = "efi"; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" "r8169"]; diff --git a/hosts/zackbiene/default.nix b/hosts/zackbiene/default.nix index a26a573..77d9c09 100644 --- a/hosts/zackbiene/default.nix +++ b/hosts/zackbiene/default.nix @@ -28,6 +28,7 @@ in { topology.self.hardware.image = ../../topology/images/odroid-n2plus.png; topology.self.hardware.info = "O-Droid N2+"; + nixpkgs.hostPlatform = "aarch64-linux"; boot.mode = "efi"; meta.promtail = { diff --git a/lib/default.nix b/lib/default.nix deleted file mode 100644 index 8505ac0..0000000 --- a/lib/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -inputs: [ - (import ./secrets.nix inputs) -] diff --git a/lib/secrets.nix b/lib/secrets.nix deleted file mode 100644 index ff8f064..0000000 --- a/lib/secrets.nix +++ /dev/null @@ -1,33 +0,0 @@ -inputs: final: prev: let - inherit - (prev.lib) - concatMapStrings - escapeShellArg - ; - - inherit - (final.lib) - isAbsolutePath - ; -in { - lib = - prev.lib - // { - secrets = let - rageMasterIdentityArgs = concatMapStrings (x: "-i ${escapeShellArg x} ") inputs.self.secretsConfig.masterIdentities; - rageExtraEncryptionPubkeys = - concatMapStrings ( - x: - if isAbsolutePath x - then "-R ${escapeShellArg x} " - else "-r ${escapeShellArg x} " - ) - inputs.self.secretsConfig.extraEncryptionPubkeys; - in { - # TODO replace these by lib.agenix-rekey - # The arguments required to de-/encrypt a secret in this repository - rageDecryptArgs = "${rageMasterIdentityArgs}"; - rageEncryptArgs = "${rageMasterIdentityArgs} ${rageExtraEncryptionPubkeys}"; - }; - }; -} diff --git a/nix/generate-installer-package.nix b/nix/generate-installer-package.nix deleted file mode 100644 index d302ff3..0000000 --- a/nix/generate-installer-package.nix +++ /dev/null @@ -1,35 +0,0 @@ -{self, ...}: nodeName: nodeAttrs: let - inherit (self.hosts.${nodeName}) system; - pkgs = self.pkgs.${system}; - - disko-script = pkgs.writeShellScriptBin "disko-script" "${nodeAttrs.config.system.build.diskoScript}"; - disko-mount = pkgs.writeShellScriptBin "disko-mount" "${nodeAttrs.config.system.build.mountScript}"; - disko-format = pkgs.writeShellScriptBin "disko-format" "${nodeAttrs.config.system.build.formatScript}"; - - install-system = pkgs.writeShellScriptBin "install-system" '' - set -euo pipefail - - echo "Formatting disks..." - ${disko-script}/bin/disko-script - - echo "Installing system..." - nixos-install --no-root-password --system ${nodeAttrs.config.system.build.toplevel} - - echo "Done!" - echo "DONT FORGET TO EXPORT YOUR ZFS POOL(S)!" - ''; - - installer-package = pkgs.symlinkJoin { - name = "installer-package-${nodeName}"; - paths = [ - disko-script - disko-mount - disko-format - install-system - ]; - }; -in { - # Everything required for the installer as a single package, - # so it can be used from an existing live system by copying the derivation. - packages.${system}.installer-package.${nodeName} = installer-package; -} diff --git a/nix/hosts.nix b/nix/hosts.nix index 231db53..f2276d1 100644 --- a/nix/hosts.nix +++ b/nix/hosts.nix @@ -1,70 +1,63 @@ -inputs: let - inherit (inputs) self; - inherit - (inputs.nixpkgs.lib) - concatMapAttrs - filterAttrs - flip - mapAttrs - mapAttrs' - nameValuePair - nixosSystem - ; +{inputs, ...}: { + flake = { + config, + lib, + ... + }: let + inherit + (lib) + concatMapAttrs + filterAttrs + flip + genAttrs + mapAttrs + mapAttrs' + nameValuePair + ; - # Creates a new nixosSystem with the correct specialArgs, pkgs and name definition - mkHost = {minimal}: name: hostCfg: let - pkgs = self.pkgs.${hostCfg.system}; - in - nixosSystem { - specialArgs = { - # Use the correct instance lib that has our overlays - inherit (pkgs) lib; - inherit (self) nodes globals; - inherit inputs minimal; + # Creates a new nixosSystem with the correct specialArgs, pkgs and name definition + mkHost = {minimal}: name: let + pkgs = config.pkgs.x86_64-linux; # FIXME: NOOOOOOOOOOOOOOOOOOOOOOO + in + inputs.nixpkgs.lib.nixosSystem { + specialArgs = { + # Use the correct instance lib that has our overlays + inherit (pkgs) lib; + inherit (config) nodes globals; + inherit inputs minimal; + }; + modules = [ + { + node.name = name; + node.secretsDir = ../hosts/${name}/secrets; + } + ../hosts/${name} + ]; }; - modules = [ - { - # We cannot force the package set via nixpkgs.pkgs and - # inputs.nixpkgs.nixosModules.readOnlyPkgs, since some nixosModules - # like nixseparatedebuginfod depend on adding packages via nixpkgs.overlays. - # So we just mimic the options and overlays defined by the passed pkgs set. - nixpkgs.hostPlatform = hostCfg.system; - nixpkgs.overlays = pkgs.overlays; - nixpkgs.config = pkgs.config; - node.name = name; - node.secretsDir = ../hosts/${name}/secrets; - } - ../hosts/${name} - ]; - }; - # Load the list of hosts that this flake defines, which - # associates the minimum amount of metadata that is necessary - # to instanciate hosts correctly. - hosts = builtins.fromTOML (builtins.readFile ../hosts.toml); - # Get all hosts of type "nixos" - nixosHosts = filterAttrs (_: x: x.type == "nixos") hosts; - # Process each nixosHosts declaration and generatea nixosSystem definitions - nixosConfigurations = flip mapAttrs nixosHosts (mkHost {minimal = false;}); - nixosConfigurationsMinimal = flip mapAttrs nixosHosts (mkHost {minimal = true;}); + # Get all folders in hosts/ + hosts = builtins.attrNames (filterAttrs (_: type: type == "directory") (builtins.readDir ../hosts)); + in { + nixosConfigurations = genAttrs hosts (mkHost {minimal = false;}); + nixosConfigurationsMinimal = genAttrs hosts (mkHost {minimal = true;}); - # True NixOS nodes can define additional guest nodes that are built - # together with it. We collect all defined guests from each node here - # to allow accessing any node via the unified attribute `nodes`. - guestConfigs = flip concatMapAttrs self.nixosConfigurations (_: node: - flip mapAttrs' (node.config.guests or {}) ( - guestName: guestDef: - nameValuePair guestDef.nodeName ( - if guestDef.backend == "microvm" - then node.config.microvm.vms.${guestName}.config - else node.config.containers.${guestName}.nixosConfiguration - ) - )); -in { - inherit - hosts - guestConfigs - nixosConfigurations - nixosConfigurationsMinimal - ; + # True NixOS nodes can define additional guest nodes that are built + # together with it. We collect all defined guests from each node here + # to allow accessing any node via the unified attribute `nodes`. + guestConfigs = flip concatMapAttrs config.nixosConfigurations (_: node: + flip mapAttrs' (node.config.guests or {}) ( + guestName: guestDef: + nameValuePair guestDef.nodeName ( + if guestDef.backend == "microvm" + then node.config.microvm.vms.${guestName}.config + else node.config.containers.${guestName}.nixosConfiguration + ) + )); + + # All nixosSystem instanciations are collected here, so that we can refer + # to any system via nodes. + nodes = config.nixosConfigurations // config.guestConfigs; + # Add a shorthand to easily target toplevel derivations + "@" = mapAttrs (_: v: v.config.system.build.toplevel) config.nodes; + }; } diff --git a/nix/iso.nix b/nix/iso.nix new file mode 100644 index 0000000..c6d7fec --- /dev/null +++ b/nix/iso.nix @@ -0,0 +1,24 @@ +{inputs, ...}: { + perSystem = { + pkgs, + system, + ... + }: { + # For each major system, we provide a customized installer image that + # has ssh and some other convenience stuff preconfigured. + # Not strictly necessary for new setups. + packages.live-iso = inputs.nixos-generators.nixosGenerate { + inherit pkgs; + modules = [ + ./installer-configuration.nix + ../config/ssh.nix + ]; + format = + { + x86_64-linux = "install-iso"; + aarch64-linux = "sd-aarch64-installer"; + } + .${system}; + }; + }; +} diff --git a/nix/pkgs.nix b/nix/pkgs.nix new file mode 100644 index 0000000..87b3ef9 --- /dev/null +++ b/nix/pkgs.nix @@ -0,0 +1,37 @@ +{inputs, ...}: { + imports = [ + ( + { + lib, + flake-parts-lib, + ... + }: + flake-parts-lib.mkTransposedPerSystemModule { + name = "pkgs"; + file = ./pkgs.nix; + option = lib.mkOption { + type = lib.types.unspecified; + }; + } + ) + ]; + + perSystem = { + pkgs, + system, + ... + }: { + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + config.allowUnfree = true; + overlays = + import ../pkgs/default.nix + ++ [ + inputs.nix-topology.overlays.default + inputs.nixos-extra-modules.overlays.default + ]; + }; + + inherit pkgs; + }; +} diff --git a/nix/storage-box.nix b/nix/storage-box.nix new file mode 100644 index 0000000..e1be2fd --- /dev/null +++ b/nix/storage-box.nix @@ -0,0 +1,9 @@ +{inputs, ...}: { + perSystem = {pkgs, ...}: { + apps.setupHetznerStorageBoxes = import (inputs.nixos-extra-modules + "/apps/setup-hetzner-storage-boxes.nix") { + inherit pkgs; + nixosConfigurations = inputs.self.nodes; + decryptIdentity = builtins.head inputs.self.secretsConfig.masterIdentities; + }; + }; +} diff --git a/secrets/rekeyed/sire-influxdb/d07a62d25f3f8febe477f42c874adce8-github-access-token.age b/secrets/rekeyed/sire-influxdb/d07a62d25f3f8febe477f42c874adce8-github-access-token.age new file mode 100644 index 0000000..d66d971 --- /dev/null +++ b/secrets/rekeyed/sire-influxdb/d07a62d25f3f8febe477f42c874adce8-github-access-token.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 1tdZKQ 0RQGWMKdlizirGx6o2XbuYXsefdLosiN/8qCokgA/ng +q73P4XM9fPNJnviWcy/ibcaarU5+CZpRQbJq250BhVs +-> t'#gZ,S-grease _M} rhid"l +sjt6COcSzS4Tem2vMhAxhp4ewtoylcYC0RUgdTc8U5X0spJL+ckRzxI7z1gqnQCp +dxdWGpYRQp0 +--- k6eZqMwv+RK28dHW9Q+mYXUhkYFOTRtHu2eUHskOhJg +^z$FPnעМTZ;}E2͙Pzv^.:L97r*2.U3` \ No newline at end of file diff --git a/secrets/rekeyed/ward-web-proxy/248016a36e45ca4cc24a93a8f0382290-github-access-token.age b/secrets/rekeyed/ward-web-proxy/248016a36e45ca4cc24a93a8f0382290-github-access-token.age deleted file mode 100644 index 80dfdde..0000000 --- a/secrets/rekeyed/ward-web-proxy/248016a36e45ca4cc24a93a8f0382290-github-access-token.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 NwOpTA Rq5PyLLJdiYKkL+9vW+BS7sbFHBFoLwdxxWgPTH+0wU -wr1wRFGKYVgziwtzOm95pO4ZPnzF+pTuXlhedNd7HoU --> Or$Ir-grease =Z{2b= (FvA*6m iV4)_ -tePL0HELOtPx9UAsd0K7CvKv/56vQP++Y/PI5LMIl1IP7Opv2tiOqlB+R5bqWClO -lzV5jX+CVtQNABFgyDrQDfeqUgrw ---- YYlss0gmwNI2pNYbukrJl0hZpdCC8xKh+trLpAeTqFg -?17刧d=2P(Uu/98.;gyN]kd|L/QJޅ6MU$rs9 \ No newline at end of file diff --git a/topology/flake-module.nix b/topology/flake-module.nix new file mode 100644 index 0000000..58cd2c5 --- /dev/null +++ b/topology/flake-module.nix @@ -0,0 +1,30 @@ +{inputs, ...}: { + imports = [ + ( + { + lib, + flake-parts-lib, + ... + }: + flake-parts-lib.mkTransposedPerSystemModule { + name = "topology"; + file = ./flake-module.nix; + option = lib.mkOption { + type = lib.types.unspecified; + }; + } + ) + ]; + + perSystem = {pkgs, ...}: { + topology = import inputs.nix-topology { + inherit pkgs; + modules = [ + ./topology + { + inherit (inputs.self) nixosConfigurations; + } + ]; + }; + }; +}