From 65241635b29f5f11cd3e27a468f6ee7bd00e3d38 Mon Sep 17 00:00:00 2001 From: Daniel Flanagan Date: Wed, 21 Feb 2024 21:38:42 -0600 Subject: [PATCH] WIP --- flake.lock | 100 +++------------------------------------------ flake.nix | 6 ++- nixos/beefcake.nix | 50 ++++++++++++----------- nixos/default.nix | 2 + nixos/foxtrot.nix | 21 ++++++++++ 5 files changed, 59 insertions(+), 120 deletions(-) diff --git a/flake.lock b/flake.lock index f47431c..c9a364d 100644 --- a/flake.lock +++ b/flake.lock @@ -2,18 +2,16 @@ "nodes": { "api-lyte-dev": { "inputs": { - "flake-utils": "flake-utils", - "lexical": "lexical", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1699311919, - "narHash": "sha256-TvctRO/lO+lvjN6LbxJaj+jizFK+PoZqC1ZAYY2+GTo=", + "lastModified": 1708463499, + "narHash": "sha256-GvqU+Z3cZkgMXf41vfMELLKPk+EVUl1UMW56Gz5ccrU=", "ref": "refs/heads/master", - "rev": "5096ec7e3a7f9ba4ea661d089e6b0fc4f7ab2992", - "revCount": 78, + "rev": "e3f0cae4f75101706bc8b9a822f7d90b03a91702", + "revCount": 80, "type": "git", "url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git" }, @@ -68,42 +66,6 @@ "inputs": { "systems": "systems" }, - "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1692799911, - "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { - "inputs": { - "systems": "systems_3" - }, "locked": { "lastModified": 1694529238, "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", @@ -136,7 +98,7 @@ "helix": { "inputs": { "crane": "crane", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", "rust-overlay": "rust-overlay" }, @@ -176,28 +138,6 @@ "type": "github" } }, - "lexical": { - "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": [ - "api-lyte-dev", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1699016103, - "narHash": "sha256-8uMDgg/YnyaSn8IvlG14PVSCHQl6ZHdgB8CWNDnYd5s=", - "owner": "lexical-lsp", - "repo": "lexical", - "rev": "059bbbe516a4dff66bc3febc953ac2eddabc78a4", - "type": "github" - }, - "original": { - "owner": "lexical-lsp", - "repo": "lexical", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1700794826, @@ -341,36 +281,6 @@ "repo": "default", "type": "github" } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 0c6d6e1..34af825 100644 --- a/flake.nix +++ b/flake.nix @@ -37,6 +37,7 @@ self, nixpkgs, home-manager, + api-lyte-dev, ... } @ inputs: let inherit (self) outputs; @@ -87,8 +88,11 @@ nixpkgs.lib.nixosSystem { inherit system; specialArgs = { - inherit inputs outputs system; + inherit inputs outputs system api-lyte-dev; }; + # extraSpecialArgs = { + # inherit inputs outputs system api-lyte-dev; + # }; modules = [ self.nixosModules.common diff --git a/nixos/beefcake.nix b/nixos/beefcake.nix index 4ba854f..b9faffd 100644 --- a/nixos/beefcake.nix +++ b/nixos/beefcake.nix @@ -8,7 +8,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00 sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00 */ { - inputs, + api-lyte-dev, + # inputs, # outputs, config, pkgs, @@ -22,12 +23,12 @@ in { ../modules/nixos/fonts.nix ] ++ [ - inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev - # inputs.nix-minecraft.nixosModules.minecraft-servers + # api-lyte-dev.nixosModules.api-lyte-dev + # nix-minecraft.nixosModules.minecraft-servers ]; nixpkgs.overlays = [ - # inputs.nix-minecraft.overlay + # nix-minecraft.overlay ]; boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod"]; @@ -60,16 +61,17 @@ in { secretKeyFile = "/var/cache-priv-key.pem"; }; - services.api-lyte-dev = rec { - enable = true; - port = 5757; - stateDir = "/var/lib/api-lyte-dev"; - configFile = config.sops.secrets."api.lyte.dev".path; - user = "api-lyte-dev"; - group = user; - }; + # services.api-lyte-dev = rec { + # enable = true; + # port = 5757; + # stateDir = "/var/lib/api-lyte-dev"; + # configFile = config.sops.secrets."api.lyte.dev".path; + # configFile = /dev/null; + # user = "api-lyte-dev"; + # group = user; + # }; - systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug"; + # systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug"; sops = { defaultSopsFile = ../secrets/beefcake/secrets.yml; @@ -105,8 +107,8 @@ in { # path = "${config.services.api-lyte-dev.stateDir}/secrets.json"; # TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook? mode = "0440"; - owner = config.services.api-lyte-dev.user; - group = config.services.api-lyte-dev.group; + # owner = config.services.api-lyte-dev.user; + # group = config.services.api-lyte-dev.group; }; "jland.env" = { @@ -130,12 +132,12 @@ in { owner = config.systemd.services.plausible.serviceConfig.User; group = config.systemd.services.plausible.serviceConfig.Group; }; - nextcloud-admin-password = { - path = "/var/lib/nextcloud/admin-password"; - mode = "0440"; - owner = config.services.nextcloud.serviceConfig.User; - group = config.services.nextcloud.serviceConfig.Group; - }; + # nextcloud-admin-password = { + # path = "/var/lib/nextcloud/admin-password"; + # mode = "0440"; + # owner = config.services.nextcloud.serviceConfig.User; + # group = config.services.nextcloud.serviceConfig.Group; + # }; }; }; @@ -314,7 +316,7 @@ in { } api.lyte.dev { - reverse_proxy :${toString config.services.api-lyte-dev.port} + reverse_proxy :$${toString config.services.api-lyte-dev.port} } a.lyte.dev { @@ -429,12 +431,12 @@ in { baseUrl = "http://beefcake.hare-cod.ts.net:8899"; disableRegistration = true; port = 8899; - # secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path; + secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path; }; adminUser = { activate = false; email = "daniel@lyte.dev"; - # passwordFile = config.sops.secrets.plausible-admin-password.path; + passwordFile = config.sops.secrets.plausible-admin-password.path; }; }; diff --git a/nixos/default.nix b/nixos/default.nix index 66cd29c..1ccd7d1 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -2,6 +2,8 @@ with builtins; (listToAttrs (map (name: { name = name; value = { system = "x86_64-linux"; + specialArgs = { + }; modules = [./${name}.nix]; }; }) [ diff --git a/nixos/foxtrot.nix b/nixos/foxtrot.nix index 4d3c1d2..0f0bd68 100644 --- a/nixos/foxtrot.nix +++ b/nixos/foxtrot.nix @@ -1,4 +1,5 @@ { + api-lyte-dev, inputs, outputs, pkgs, @@ -9,6 +10,26 @@ in { networking.hostName = "foxtrot"; imports = with outputs.nixosModules; [ + ({ + config, + pkgs, + ... + }: let + inherit (pkgs) lib; + cfg = config.services.myservice; + in { + options.services.myservice = { + enable = lib.mkEnableOption "Enables the api.lyte.dev service"; + }; + + config = + lib.mkIf cfg.enable { + }; + }) + { + services.myservice.enable = true; + } + outputs.diskoConfigurations.standard inputs.hardware.nixosModules.framework-13-7040-amd desktop-usage