yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix template. Improve docu. Add disko as default imported module.

Browse Source
This commit is contained in:
Qubasa
2024-05-10 15:39:46 +02:00
parent 56d6329e22
commit a60978240c
9 changed files with 46 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
clanModules/flake-module.nix
View File

@@ -1,11 +1,8 @@
{ inputs, ... }: { ... }:
{ {
flake.clanModules = { flake.clanModules = {
disk-layouts = { disk-layouts = {
imports = [ imports = [ ./disk-layouts ];
./disk-layouts
inputs.disko.nixosModules.default
];
}; };
borgbackup = ./borgbackup; borgbackup = ./borgbackup;
ergochat = ./ergochat; ergochat = ./ergochat;

2
docs/mkdocs.yml
View File

@@ -27,6 +27,8 @@ markdown_extensions:
- pymdownx.details - pymdownx.details
- pymdownx.highlight: - pymdownx.highlight:
use_pygments: true use_pygments: true
anchor_linenums: true
linenums: true
- toc: - toc:
title: On this page title: On this page

10
docs/site/getting-started/configure.md
View File

@@ -63,12 +63,12 @@ Adding or configuring a new machine requires two simple steps:
1. Find the remote disk id by executing: 1. Find the remote disk id by executing:
```bash title="setup computer" ```bash title="setup computer"
ssh root@<target-computer> lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
``` ```
Which should show something like: Which should show something like:
```bash ```bash hl_lines="6"
NAME ID-LINK FSTYPE SIZE MOUNTPOINT NAME ID-LINK FSTYPE SIZE MOUNTPOINT
sda usb-ST_16GB_AA6271026J1000000509-0:0 14.9G sda usb-ST_16GB_AA6271026J1000000509-0:0 14.9G
├─sda1 usb-ST_16GB_AA6271026J1000000509-0:0-part1 1M ├─sda1 usb-ST_16GB_AA6271026J1000000509-0:0-part1 1M
@@ -84,7 +84,7 @@ Adding or configuring a new machine requires two simple steps:
=== "**buildClan**" === "**buildClan**"
```nix title="clan-core.lib.buildClan" ```nix title="clan-core.lib.buildClan" hl_lines="17 13"
buildClan { buildClan {
# ... # ...
machines = { machines = {
@@ -114,7 +114,7 @@ Adding or configuring a new machine requires two simple steps:
```nix title="clan-core.flakeModules.default" ```nix title="clan-core.flakeModules.default" hl_lines="17,13"
clan = { clan = {
# ... # ...
machines = { machines = {
@@ -148,7 +148,7 @@ Adding or configuring a new machine requires two simple steps:
1. Generate a `hardware-configuration.nix` for your target computer 1. Generate a `hardware-configuration.nix` for your target computer
```bash ```bash
ssh root@<target-computer> nixos-generate-config --no-filesystems --show-hardware-config > machines/jon/hardware-configuration.nix ssh root@flash-installer.local nixos-generate-config --no-filesystems --show-hardware-config > machines/jon/hardware-configuration.nix
``` ```
### Initialize the facts ### Initialize the facts

2
docs/site/getting-started/machines.md
View File

@@ -25,7 +25,7 @@ This process involves preparing a suitable hardware and disk partitioning config
2. Boot the target machine and connect it to a network that makes it reachable from your setup computer. 2. Boot the target machine and connect it to a network that makes it reachable from your setup computer.
=== "**Baremetal Machines**" === "**Remote Machines**"
- [x] **Two Computers**: You need one computer that you're getting ready (we'll call this the Target Computer) and another one to set it up from (we'll call this the Setup Computer). Make sure both can talk to each other over the network using SSH. - [x] **Two Computers**: You need one computer that you're getting ready (we'll call this the Target Computer) and another one to set it up from (we'll call this the Setup Computer). Make sure both can talk to each other over the network using SSH.
- [x] **Machine configuration**: See our basic [configuration guide](./configure.md) - [x] **Machine configuration**: See our basic [configuration guide](./configure.md)

2
nixosModules/flake-module.nix
View File

@@ -5,10 +5,10 @@
installer.imports = [ installer.imports = [
./installer ./installer
self.nixosModules.hidden-ssh-announce self.nixosModules.hidden-ssh-announce
inputs.disko.nixosModules.disko
]; ];
clanCore.imports = [ clanCore.imports = [
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.disko.nixosModules.default
./clanCore ./clanCore
./iso ./iso
( (

37
pkgs/clan-cli/clan_cli/secrets/key.py
View File

@@ -1,19 +1,44 @@
import argparse import argparse
import logging
from pathlib import Path from pathlib import Path
from clan_cli.git import commit_files from clan_cli.git import commit_files
from .. import tty
from ..errors import ClanError from ..errors import ClanError
from .secrets import update_secrets from .secrets import update_secrets
from .sops import default_sops_key_path, generate_private_key, get_public_key from .sops import default_sops_key_path, generate_private_key, get_public_key
log = logging.getLogger(__name__)
def extract_public_key(filepath: Path) -> str:
"""
Extracts the public key from a given text file.
"""
try:
with open(filepath) as file:
for line in file:
# Check if the line contains the public key
if line.startswith("# public key:"):
# Extract and return the public key part after the prefix
return line.strip().split(": ")[1]
except FileNotFoundError:
raise ClanError(f"The file at {filepath} was not found.")
except Exception as e:
raise ClanError(f"An error occurred while extracting the public key: {e}")
raise ClanError(f"Could not find the public key in the file at {filepath}.")
def generate_key() -> str: def generate_key() -> str:
path = default_sops_key_path() path = default_sops_key_path()
if path.exists(): if path.exists():
raise ClanError(f"Key already exists at {path}") log.info(f"Key already exists at {path}")
return extract_public_key(path)
priv_key, pub_key = generate_private_key(out_file=path) priv_key, pub_key = generate_private_key(out_file=path)
log.info(
f"Generated age private key at '{default_sops_key_path()}' for your user. Please back it up on a secure location or you will lose access to your secrets."
)
return pub_key return pub_key
@@ -23,13 +48,9 @@ def show_key() -> str:
def generate_command(args: argparse.Namespace) -> None: def generate_command(args: argparse.Namespace) -> None:
pub_key = generate_key() pub_key = generate_key()
tty.info( log.info(
f"Generated age private key at '{default_sops_key_path()}' for your user. Please back it up on a secure location or you will lose access to your secrets." f"Also add your age public key to the repository with: \nclan secrets users add <username> {pub_key}"
) )
tty.info(
f"Also add your age public key to the repository with 'clan secrets users add youruser {pub_key}' (replace youruser with your user name)"
)
pass
def show_command(args: argparse.Namespace) -> None: def show_command(args: argparse.Namespace) -> None:

3
pkgs/installer/flake-module.nix
View File

@@ -1,7 +1,7 @@
{ self, lib, ... }: { self, lib, ... }:
let let
installerModule = installerModule =
{ config, pkgs, ... }: { config, ... }:
{ {
imports = [ imports = [
self.nixosModules.installer self.nixosModules.installer
@@ -29,6 +29,7 @@ let
installer = lib.nixosSystem { installer = lib.nixosSystem {
modules = [ modules = [
self.inputs.disko.nixosModules.default
installerModule installerModule
{ disko.memSize = 4096; } # FIXME: otherwise the image builder goes OOM { disko.memSize = 4096; } # FIXME: otherwise the image builder goes OOM
]; ];

8
templates/new-clan/flake.nix
View File

@@ -35,8 +35,8 @@
# TODO: Example how to use disko for more complicated setups # TODO: Example how to use disko for more complicated setups
# remote> lsblk --output NAME,PTUUID,FSTYPE,SIZE,MOUNTPOINT # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
clan.disk-layouts.singleDiskExt4 = { disko.devices.disk.main = {
device = "/dev/disk/by-id/__CHANGE_ME__"; device = "/dev/disk/by-id/__CHANGE_ME__";
}; };
@@ -59,8 +59,8 @@
# local> clan facts generate # local> clan facts generate
# remote> lsblk --output NAME,PTUUID,FSTYPE,SIZE,MOUNTPOINT # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
clan.disk-layouts.singleDiskExt4 = { disko.devices.disk.main = {
device = "/dev/disk/by-id/__CHANGE_ME__"; device = "/dev/disk/by-id/__CHANGE_ME__";
}; };
/* /*

1
templates/new-clan/modules/shared.nix
View File

@@ -2,7 +2,6 @@
{ {
imports = [ imports = [
clan-core.clanModules.sshd clan-core.clanModules.sshd
clan-core.clanModules.disk-layouts
clan-core.clanModules.root-password clan-core.clanModules.root-password
]; ];
} }