From 315be52e34aead1a28189dd36ee00127f63baaf8 Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Tue, 31 Dec 2024 14:08:25 +0100 Subject: [PATCH] Chore: init settings submdule, move clanDir into settings submodule --- checks/backups/flake-module.nix | 2 +- checks/borgbackup/default.nix | 2 +- checks/deltachat/default.nix | 2 +- checks/matrix-synapse/default.nix | 2 +- checks/mumble/default.nix | 18 +++---- checks/nixos-documentation/flake-module.nix | 2 +- checks/postgresql/default.nix | 2 +- checks/secrets/default.nix | 2 +- checks/syncthing/default.nix | 6 +-- checks/wayland-proxy-virtwl/default.nix | 2 +- checks/zt-tcp-relay/default.nix | 2 +- clanModules/borgbackup-static/default.nix | 4 +- clanModules/borgbackup/roles/server.nix | 4 +- clanModules/mumble/default.nix | 4 +- clanModules/mumble/test.nix | 4 +- clanModules/static-hosts/default.nix | 4 +- .../syncthing-static-peers/default.nix | 4 +- clanModules/zerotier-static-peers/default.nix | 4 +- clanModules/zerotier/roles/controller.nix | 6 ++- clanModules/zerotier/shared.nix | 8 ++-- docs/site/getting-started/backups.md | 2 +- docs/site/getting-started/mesh-vpn.md | 8 ++-- lib/build-clan/module.nix | 5 +- lib/eval-clan-modules/default.nix | 4 +- nixosModules/clanCore/facts/compat.nix | 6 +-- nixosModules/clanCore/facts/default.nix | 7 +-- nixosModules/clanCore/facts/secret/sops.nix | 8 ++-- nixosModules/clanCore/metadata.nix | 47 ++++++++++++++----- nixosModules/clanCore/nixos-facter.nix | 2 +- nixosModules/clanCore/vars/public/in_repo.nix | 7 ++- .../clanCore/vars/secret/sops/default.nix | 6 +-- 31 files changed, 111 insertions(+), 75 deletions(-) diff --git a/checks/backups/flake-module.nix b/checks/backups/flake-module.nix index 9220163d5..a46f2c0aa 100644 --- a/checks/backups/flake-module.nix +++ b/checks/backups/flake-module.nix @@ -147,7 +147,7 @@ self.nixosModules.test-backup ]; virtualisation.emptyDiskImages = [ 256 ]; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; }; testScript = '' diff --git a/checks/borgbackup/default.nix b/checks/borgbackup/default.nix index d376b354b..aaac67945 100644 --- a/checks/borgbackup/default.nix +++ b/checks/borgbackup/default.nix @@ -17,7 +17,7 @@ } { clan.core.machineName = "machine"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; clan.core.state.testState.folders = [ "/etc/state" ]; environment.etc.state.text = "hello world"; systemd.tmpfiles.settings."vmsecrets" = { diff --git a/checks/deltachat/default.nix b/checks/deltachat/default.nix index 04ad3ad64..3f9b3f2d3 100644 --- a/checks/deltachat/default.nix +++ b/checks/deltachat/default.nix @@ -11,7 +11,7 @@ self.nixosModules.clanCore { clan.core.machineName = "machine"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; } ]; }; diff --git a/checks/matrix-synapse/default.nix b/checks/matrix-synapse/default.nix index 9e6143e3f..db5bc5183 100644 --- a/checks/matrix-synapse/default.nix +++ b/checks/matrix-synapse/default.nix @@ -16,7 +16,7 @@ self.nixosModules.clanCore { clan.core.machineName = "machine"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; services.nginx.virtualHosts."matrix.clan.test" = { enableACME = lib.mkForce false; diff --git a/checks/mumble/default.nix b/checks/mumble/default.nix index 627e21416..d460e7ed4 100644 --- a/checks/mumble/default.nix +++ b/checks/mumble/default.nix @@ -12,7 +12,7 @@ self.nixosModules.clanCore (self.inputs.nixpkgs + "/nixos/tests/common/x11.nix") { - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; environment.systemPackages = [ pkgs.killall ]; clan.core.facts.services.mumble.secret."mumble-key".path = "/etc/mumble-key"; clan.core.facts.services.mumble.public."mumble-cert".path = "/etc/mumble-cert"; @@ -111,12 +111,12 @@ with subtest("Wait for certificate creation"): peer1.wait_for_window(r"^Mumble$") peer1.sleep(3) # mumble is slow to register handlers - peer1.send_chars("\n") - peer1.send_chars("\n") + peer1.send_chars("\n") + peer1.send_chars("\n") peer2.wait_for_window(r"^Mumble$") peer2.sleep(3) # mumble is slow to register handlers - peer2.send_chars("\n") - peer2.send_chars("\n") + peer2.send_chars("\n") + peer2.send_chars("\n") with subtest("Wait for server connect"): peer1.wait_for_window(r"^Mumble Server Connect$") @@ -128,8 +128,8 @@ peer1.execute("mumble mumble://peer2 >&2 &") peer1.wait_for_window(r"^Mumble$") peer1.sleep(3) # mumble is slow to register handlers - peer1.send_chars("\n") - peer1.send_chars("\n") + peer1.send_chars("\n") + peer1.send_chars("\n") peer1.wait_for_text("Connected.") peer2.execute("killall .mumble-wrapped") @@ -137,8 +137,8 @@ peer2.execute("mumble mumble://peer1 >&2 &") peer2.wait_for_window(r"^Mumble$") peer2.sleep(3) # mumble is slow to register handlers - peer2.send_chars("\n") - peer2.send_chars("\n") + peer2.send_chars("\n") + peer2.send_chars("\n") peer2.wait_for_text("Connected.") ''; } diff --git a/checks/nixos-documentation/flake-module.nix b/checks/nixos-documentation/flake-module.nix index b8351ac67..c7671e3b0 100644 --- a/checks/nixos-documentation/flake-module.nix +++ b/checks/nixos-documentation/flake-module.nix @@ -8,7 +8,7 @@ let self.nixosModules.clanCore # This is the only option that is not part of the # module because it is usually set by flake-parts - { clan.core.clanDir = ./.; } + { clan.core.settings.directory = ./.; } ]; }; in diff --git a/checks/postgresql/default.nix b/checks/postgresql/default.nix index 595e00203..aba573c28 100644 --- a/checks/postgresql/default.nix +++ b/checks/postgresql/default.nix @@ -13,7 +13,7 @@ clan.postgresql.databases.test.create.options.OWNER = "test"; clan.postgresql.databases.test.restore.stopOnRestore = [ "sample-service" ]; clan.localbackup.targets.hdd.directory = "/mnt/external-disk"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; systemd.services.sample-service = { wantedBy = [ "multi-user.target" ]; diff --git a/checks/secrets/default.nix b/checks/secrets/default.nix index 034625de2..22a70a3ad 100644 --- a/checks/secrets/default.nix +++ b/checks/secrets/default.nix @@ -10,7 +10,7 @@ environment.etc."group-secret".source = config.sops.secrets.group-secret.path; sops.age.keyFile = "/etc/privkey.age"; - clan.core.clanDir = "${./.}"; + clan.core.settings.directory = "${./.}"; clan.core.machineName = "machine"; networking.hostName = "machine"; diff --git a/checks/syncthing/default.nix b/checks/syncthing/default.nix index 75d9447c4..45aac4338 100644 --- a/checks/syncthing/default.nix +++ b/checks/syncthing/default.nix @@ -13,7 +13,7 @@ self.nixosModules.clanCore { clan.core.machineName = "introducer"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; environment.etc = { "syncthing.pam".source = ./introducer/introducer_test_cert; "syncthing.key".source = ./introducer/introducer_test_key; @@ -54,7 +54,7 @@ self.nixosModules.clanCore { clan.core.machineName = "peer1"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( builtins.readFile ./introducer/introducer_device_id ); @@ -76,7 +76,7 @@ self.nixosModules.clanCore { clan.core.machineName = "peer2"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( builtins.readFile ./introducer/introducer_device_id ); diff --git a/checks/wayland-proxy-virtwl/default.nix b/checks/wayland-proxy-virtwl/default.nix index e09e85cc6..430640333 100644 --- a/checks/wayland-proxy-virtwl/default.nix +++ b/checks/wayland-proxy-virtwl/default.nix @@ -15,7 +15,7 @@ import ../lib/test-base.nix ( self.nixosModules.clanCore { clan.core.machineName = "machine"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; } ]; services.wayland-proxy-virtwl.enable = true; diff --git a/checks/zt-tcp-relay/default.nix b/checks/zt-tcp-relay/default.nix index 08f616bfc..c8bd62212 100644 --- a/checks/zt-tcp-relay/default.nix +++ b/checks/zt-tcp-relay/default.nix @@ -11,7 +11,7 @@ self.clanModules.zt-tcp-relay { clan.core.machineName = "machine"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; } ]; }; diff --git a/clanModules/borgbackup-static/default.nix b/clanModules/borgbackup-static/default.nix index 05853276a..45e07eb62 100644 --- a/clanModules/borgbackup-static/default.nix +++ b/clanModules/borgbackup-static/default.nix @@ -1,7 +1,7 @@ { lib, config, ... }: let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; in { imports = [ ../borgbackup ]; diff --git a/clanModules/borgbackup/roles/server.nix b/clanModules/borgbackup/roles/server.nix index c891fd4e7..4c6442efb 100644 --- a/clanModules/borgbackup/roles/server.nix +++ b/clanModules/borgbackup/roles/server.nix @@ -1,7 +1,7 @@ { config, lib, ... }: let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; inherit (config.clan.core) machineName; # Instances might be empty, if the module is not used via the inventory diff --git a/clanModules/mumble/default.nix b/clanModules/mumble/default.nix index 065bf7315..f8f77b598 100644 --- a/clanModules/mumble/default.nix +++ b/clanModules/mumble/default.nix @@ -5,8 +5,8 @@ ... }: let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; machinesFileSet = builtins.readDir machineDir; machines = lib.mapAttrsToList (name: _: name) machinesFileSet; machineJson = builtins.toJSON machines; diff --git a/clanModules/mumble/test.nix b/clanModules/mumble/test.nix index d2d115810..7edc1421c 100644 --- a/clanModules/mumble/test.nix +++ b/clanModules/mumble/test.nix @@ -10,7 +10,7 @@ pkgs.nixosTest { { config = { clan.core.machineName = "peer1"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; documentation.enable = false; }; @@ -27,7 +27,7 @@ pkgs.nixosTest { config = { clan.core.machineName = "peer2"; - clan.core.clanDir = ./.; + clan.core.settings.directory = ./.; documentation.enable = false; }; diff --git a/clanModules/static-hosts/default.nix b/clanModules/static-hosts/default.nix index 89e443a57..3208f4c6d 100644 --- a/clanModules/static-hosts/default.nix +++ b/clanModules/static-hosts/default.nix @@ -16,8 +16,8 @@ config.networking.hosts = let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; zerotierIpMachinePath = machines: machineDir + machines + "/facts/zerotier-ip"; machinesFileSet = builtins.readDir machineDir; machines = lib.mapAttrsToList (name: _: name) machinesFileSet; diff --git a/clanModules/syncthing-static-peers/default.nix b/clanModules/syncthing-static-peers/default.nix index 137aa340c..111e93af8 100644 --- a/clanModules/syncthing-static-peers/default.nix +++ b/clanModules/syncthing-static-peers/default.nix @@ -5,8 +5,8 @@ ... }: let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; syncthingPublicKeyPath = machines: machineDir + machines + "/facts/syncthing.pub"; machinesFileSet = builtins.readDir machineDir; machines = lib.mapAttrsToList (name: _: name) machinesFileSet; diff --git a/clanModules/zerotier-static-peers/default.nix b/clanModules/zerotier-static-peers/default.nix index c613e42df..a9377bed6 100644 --- a/clanModules/zerotier-static-peers/default.nix +++ b/clanModules/zerotier-static-peers/default.nix @@ -5,8 +5,8 @@ ... }: let - clanDir = config.clan.core.clanDir; - machineDir = clanDir + "/machines/"; + dir = config.clan.core.settings.directory; + machineDir = dir + "/machines/"; machinesFileSet = builtins.readDir machineDir; machines = lib.mapAttrsToList (name: _: name) machinesFileSet; diff --git a/clanModules/zerotier/roles/controller.nix b/clanModules/zerotier/roles/controller.nix index b364f76d6..2396789e0 100644 --- a/clanModules/zerotier/roles/controller.nix +++ b/clanModules/zerotier/roles/controller.nix @@ -22,10 +22,12 @@ in machines = uniqueStrings (roles.moon.machines ++ roles.controller.machines ++ roles.peer.machines); networkIps = builtins.foldl' ( ips: name: - if builtins.pathExists "${config.clan.core.clanDir}/machines/${name}/facts/zerotier-ip" then + if + builtins.pathExists "${config.clan.core.settings.directory}/machines/${name}/facts/zerotier-ip" + then ips ++ [ - (builtins.readFile "${config.clan.core.clanDir}/machines/${name}/facts/zerotier-ip") + (builtins.readFile "${config.clan.core.settings.directory}/machines/${name}/facts/zerotier-ip") ] else ips diff --git a/clanModules/zerotier/shared.nix b/clanModules/zerotier/shared.nix index daaf779b4..aa3748cba 100644 --- a/clanModules/zerotier/shared.nix +++ b/clanModules/zerotier/shared.nix @@ -10,15 +10,17 @@ let zeroTierInstance = config.clan.inventory.services.zerotier.${instanceName}; roles = zeroTierInstance.roles; controllerMachine = builtins.head roles.controller.machines; - networkIdPath = "${config.clan.core.clanDir}/machines/${controllerMachine}/facts/zerotier-network-id"; + networkIdPath = "${config.clan.core.settings.directory}/machines/${controllerMachine}/facts/zerotier-network-id"; networkId = if builtins.pathExists networkIdPath then builtins.readFile networkIdPath else null; moons = roles.moon.machines; moonIps = builtins.foldl' ( ips: name: - if builtins.pathExists "${config.clan.core.clanDir}/machines/${name}/facts/zerotier-ip" then + if + builtins.pathExists "${config.clan.core.settings.directory}/machines/${name}/facts/zerotier-ip" + then ips ++ [ - (builtins.readFile "${config.clan.core.clanDir}/machines/${name}/facts/zerotier-ip") + (builtins.readFile "${config.clan.core.settings.directory}/machines/${name}/facts/zerotier-ip") ] else ips diff --git a/docs/site/getting-started/backups.md b/docs/site/getting-started/backups.md index a58563f66..90fb8a628 100644 --- a/docs/site/getting-started/backups.md +++ b/docs/site/getting-started/backups.md @@ -116,7 +116,7 @@ On the server where backups will be stored, enable the SSH daemon and set up a r services.borgbackup.repos.myhostname = { path = "/var/lib/borgbackup/myhostname"; authorizedKeys = [ - (builtins.readFile (config.clan.core.clanDir + "/machines/myhostname/facts/borgbackup.ssh.pub")) + (builtins.readFile (config.clan.core.settings.directory + "/machines/myhostname/facts/borgbackup.ssh.pub")) ]; }; } diff --git a/docs/site/getting-started/mesh-vpn.md b/docs/site/getting-started/mesh-vpn.md index ca17dc90f..35c84d6d4 100644 --- a/docs/site/getting-started/mesh-vpn.md +++ b/docs/site/getting-started/mesh-vpn.md @@ -10,7 +10,7 @@ include a new machine into the VPN. By default all machines within one clan are connected via a chosen network technology. ```{.no-copy} -Clan +Clan Node A <-> (zerotier / mycelium / ...) Node B @@ -48,7 +48,7 @@ To introduce a new machine to the VPN, adhere to the following steps: configuration, substituting `` with the controller machine name: ```nix { config, ... }: { - clan.core.networking.zerotier.networkId = builtins.readFile (config.clan.core.clanDir + "/machines//facts/zerotier-network-id"); + clan.core.networking.zerotier.networkId = builtins.readFile (config.clan.core.settings.directory + "/machines//facts/zerotier-network-id"); } ``` 1. **Update the New Machine**: Execute: @@ -73,13 +73,13 @@ To introduce a new machine to the VPN, adhere to the following steps: ```bash $ sudo zerotier-cli info ``` - Example Output: + Example Output: ```{.console, .no-copy} 200 info d2c71971db 1.12.1 OFFLINE ``` , where `d2c71971db` is the ZeroTier ID. - + 2. **Authorize the New Machine on the Controller**: On the controller machine, execute: diff --git a/lib/build-clan/module.nix b/lib/build-clan/module.nix index 937925c8e..2b28edbe5 100644 --- a/lib/build-clan/module.nix +++ b/lib/build-clan/module.nix @@ -80,7 +80,10 @@ let ( { # Settings - clan.core.clanDir = directory; + clan.core.settings = { + inherit directory; + }; + # clan.core.settings.directory = directory; # Inherited from clan wide settings # TODO: remove these clan.core.name = config.inventory.meta.name; diff --git a/lib/eval-clan-modules/default.nix b/lib/eval-clan-modules/default.nix index b12e910de..1fd93e042 100644 --- a/lib/eval-clan-modules/default.nix +++ b/lib/eval-clan-modules/default.nix @@ -23,7 +23,7 @@ let modules = [ baseModule { - clan.core.clanDir = clan-core; + clan.core.settings.directory = clan-core; } clan-core.nixosModules.clanCore ] ++ modules; @@ -75,7 +75,7 @@ let baseModule clan-core.nixosModules.clanCore { - clan.core.clanDir = clan-core; + clan.core.settings.directory = clan-core; } # Role interface (module + "/roles/${role}.nix") diff --git a/nixosModules/clanCore/facts/compat.nix b/nixosModules/clanCore/facts/compat.nix index bc2690fe2..6b840efe4 100644 --- a/nixosModules/clanCore/facts/compat.nix +++ b/nixosModules/clanCore/facts/compat.nix @@ -140,12 +140,12 @@ path to a fact which is generated by the generator ''; default = - config.clan.core.clanDir + config.clan.core.settings.directory + "/machines/${config.clan.core.machineName}/facts/${fact.config._module.args.name}"; - defaultText = lib.literalExpression "\${config.clan.core.clanDir}/machines/\${config.clan.core.machineName}/facts/\${fact.config._module.args.name}"; + defaultText = lib.literalExpression "\${config.clan.core.settings.directory}/machines/\${config.clan.core.machineName}/facts/\${fact.config._module.args.name}"; }; value = lib.mkOption { - defaultText = lib.literalExpression "\${config.clan.core.clanDir}/\${fact.config.path}"; + defaultText = lib.literalExpression "\${config.clan.core.settings.directory}/\${fact.config.path}"; type = lib.types.nullOr lib.types.str; default = if builtins.pathExists fact.config.path then lib.strings.fileContents fact.config.path else null; diff --git a/nixosModules/clanCore/facts/default.nix b/nixosModules/clanCore/facts/default.nix index bb0a505ef..b9f4019ae 100644 --- a/nixosModules/clanCore/facts/default.nix +++ b/nixosModules/clanCore/facts/default.nix @@ -219,15 +219,16 @@ description = '' path to a fact which is generated by the generator ''; - defaultText = lib.literalExpression "\${config.clan.core.clanDir}/machines/\${config.clan.core.machineName}/facts/\${fact.config.name}"; + defaultText = lib.literalExpression "\${config.clan.core.settings.directory}/machines/\${config.clan.core.machineName}/facts/\${fact.config.name}"; default = - config.clan.core.clanDir + "/machines/${config.clan.core.machineName}/facts/${fact.config.name}"; + config.clan.core.settings.directory + + "/machines/${config.clan.core.machineName}/facts/${fact.config.name}"; }; value = lib.mkOption { description = '' The value of the public fact. ''; - defaultText = lib.literalExpression "\${config.clan.core.clanDir}/\${fact.config.path}"; + defaultText = lib.literalExpression "\${config.clan.core.settings.directory}/\${fact.config.path}"; type = lib.types.nullOr lib.types.str; default = if builtins.pathExists fact.config.path then lib.strings.fileContents fact.config.path else null; diff --git a/nixosModules/clanCore/facts/secret/sops.nix b/nixosModules/clanCore/facts/secret/sops.nix index eb9caa307..b2e2b92b2 100644 --- a/nixosModules/clanCore/facts/secret/sops.nix +++ b/nixosModules/clanCore/facts/secret/sops.nix @@ -5,8 +5,8 @@ ... }: let - secretsDir = config.clan.core.clanDir + "/sops/secrets"; - groupsDir = config.clan.core.clanDir + "/sops/groups"; + secretsDir = config.clan.core.settings.directory + "/sops/secrets"; + groupsDir = config.clan.core.settings.directory + "/sops/groups"; # My symlink is in the nixos module detected as a directory also it works in the repl. Is this because of pure evaluation? containsSymlink = @@ -42,7 +42,7 @@ in clan.core.facts.secretModule = "clan_cli.facts.secret_modules.sops"; clan.core.facts.secretUploadDirectory = lib.mkDefault "/var/lib/sops-nix"; sops.secrets = builtins.mapAttrs (name: _: { - sopsFile = config.clan.core.clanDir + "/sops/secrets/${name}/secret"; + sopsFile = config.clan.core.settings.directory + "/sops/secrets/${name}/secret"; format = "binary"; }) secrets; # To get proper error messages about missing secrets we need a dummy secret file that is always present @@ -51,7 +51,7 @@ in ); sops.age.keyFile = lib.mkIf (builtins.pathExists ( - config.clan.core.clanDir + "/sops/secrets/${config.clan.core.machineName}-age.key/secret" + config.clan.core.settings.directory + "/sops/secrets/${config.clan.core.machineName}-age.key/secret" )) (lib.mkDefault "/var/lib/sops-nix/key.txt"); }; } diff --git a/nixosModules/clanCore/metadata.nix b/nixosModules/clanCore/metadata.nix index 2e5fb7188..2dc605436 100644 --- a/nixosModules/clanCore/metadata.nix +++ b/nixosModules/clanCore/metadata.nix @@ -1,4 +1,7 @@ { lib, pkgs, ... }: +let + inherit (lib) mkOption types; +in { imports = [ (lib.mkRemovedOptionModule [ @@ -11,8 +14,41 @@ "core" "clanIcon" ] "clanIcon has been removed. Use clan.core.icon instead.") + + (lib.mkRenamedOptionModule + [ "clan" "core" "clanDir" ] + [ + "clan" + "core" + "settings" + "directory" + ] + ) ]; options.clan.core = { + settings = mkOption { + description = '' + Settings of the clan. + + This is a read-only attribute-set available to the machines of the clan. + ''; + type = types.submodule { + options = { + directory = lib.mkOption { + type = lib.types.path; + # documentation.nixos.extraModules = [ + # ... + # clan-core.nixosModules.clanCore + # { clan.core.settings.directory = ./path/to/flake; } + # ]; + description = '' + the location of the flake repo, used to calculate the location of facts and secrets + ''; + }; + }; + }; + }; + name = lib.mkOption { type = lib.types.str; description = '' @@ -43,17 +79,6 @@ the description of the machine ''; }; - clanDir = lib.mkOption { - type = lib.types.path; - # documentation.nixos.extraModules = [ - # ... - # clan-core.nixosModules.clanCore - # { clan.core.clanDir = ./path/to/flake; } - # ]; - description = '' - the location of the flake repo, used to calculate the location of facts and secrets - ''; - }; machineName = lib.mkOption { type = lib.types.str; default = "nixos"; diff --git a/nixosModules/clanCore/nixos-facter.nix b/nixosModules/clanCore/nixos-facter.nix index dbbb852c6..890238040 100644 --- a/nixosModules/clanCore/nixos-facter.nix +++ b/nixosModules/clanCore/nixos-facter.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - directory = config.clan.core.clanDir; + directory = config.clan.core.settings.directory; inherit (config.clan.core) machineName; facterJson = "${directory}/machines/${machineName}/facter.json"; hwConfig = "${directory}/machines/${machineName}/hardware-configuration.nix"; diff --git a/nixosModules/clanCore/vars/public/in_repo.nix b/nixosModules/clanCore/vars/public/in_repo.nix index f2fafa58b..399c03be1 100644 --- a/nixosModules/clanCore/vars/public/in_repo.nix +++ b/nixosModules/clanCore/vars/public/in_repo.nix @@ -13,10 +13,13 @@ in fileModule = file: { path = mkIf (file.config.secret == false) ( if file.config.share then - (config.clan.core.clanDir + "/vars/shared/${file.config.generatorName}/${file.config.name}/value") + ( + config.clan.core.settings.directory + + "/vars/shared/${file.config.generatorName}/${file.config.name}/value" + ) else ( - config.clan.core.clanDir + config.clan.core.settings.directory + "/vars/per-machine/${config.clan.core.machineName}/${file.config.generatorName}/${file.config.name}/value" ) ); diff --git a/nixosModules/clanCore/vars/secret/sops/default.nix b/nixosModules/clanCore/vars/secret/sops/default.nix index 8d9c00e30..1b4893164 100644 --- a/nixosModules/clanCore/vars/secret/sops/default.nix +++ b/nixosModules/clanCore/vars/secret/sops/default.nix @@ -15,9 +15,9 @@ let secretPath = secret: if secret.share then - config.clan.core.clanDir + "/vars/shared/${secret.generator}/${secret.name}/secret" + config.clan.core.settings.directory + "/vars/shared/${secret.generator}/${secret.name}/secret" else - config.clan.core.clanDir + config.clan.core.settings.directory + "/vars/per-machine/${machineName}/${secret.generator}/${secret.name}/secret"; vars = collectFiles config.clan.core.vars; @@ -53,7 +53,7 @@ in lib.mkDefault (builtins.toString (pkgs.writeText "dummy.yaml" "")) ); age.keyFile = lib.mkIf (builtins.pathExists ( - config.clan.core.clanDir + "/sops/secrets/${machineName}-age.key/secret" + config.clan.core.settings.directory + "/sops/secrets/${machineName}-age.key/secret" )) (lib.mkDefault "/var/lib/sops-nix/key.txt"); }; }