From ac745a1740f04c28b706149c9dd226a3d1ac110b Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Fri, 11 Jul 2025 16:19:01 +0200 Subject: [PATCH] Templates/flake-parts: consistent default clan --- templates/clan/flake-parts/clan.nix | 116 +++++++++------------------ templates/clan/flake-parts/flake.nix | 4 +- 2 files changed, 43 insertions(+), 77 deletions(-) diff --git a/templates/clan/flake-parts/clan.nix b/templates/clan/flake-parts/clan.nix index a29e89894..f18dd7a8a 100644 --- a/templates/clan/flake-parts/clan.nix +++ b/templates/clan/flake-parts/clan.nix @@ -1,81 +1,45 @@ -{ self }: { - meta.name = "__CHANGE_ME__"; # Ensure this is unique among all clans you want to use. + # Ensure this is unique among all clans you want to use. + meta.name = "__CHANGE_ME__"; - inherit self; + # Docs: See https://docs.clan.lol/reference/clanServices + inventory.instances = { + + # Docs: https://docs.clan.lol/reference/clanServices/admin/ + # Admin service for managing machines + # This service adds a root password and SSH access. + admin = { + roles.default.tags.all = { }; + roles.default.settings.allowedKeys = { + # Insert the public key that you want to use for SSH access. + # All keys will have ssh access to all machines ("tags.all" means 'all machines'). + # Alternatively set 'users.users.root.openssh.authorizedKeys.keys' in each machine + "admin-machine-1" = "__YOUR_PUBLIC_KEY__"; + }; + }; + + # Docs: https://docs.clan.lol/reference/clanServices/zerotier/ + # The lines below will define a zerotier network and add all machines as 'peer' to it. + # !!! Manual steps required: + # - Define a controller machine for the zerotier network. + # - Deploy the controller machine first to initilize the network. + zerotier = { + # Replace with the name (string) of your machine that you will use as zerotier-controller + # See: https://docs.zerotier.com/controller/ + # Deploy this machine first to create the network secrets + roles.controller.machines."__YOUR_CONTROLLER__" = { }; + # Peers of the network + # tags.all means 'all machines' will joined + roles.peer.tags.all = { }; + }; + }; + + # Additional NixOS configuration can be added here. + # machines/jon/configuration.nix will be automatically imported. + # See: https://docs.clan.lol/guides/more-machines/#automatic-registration machines = { - # "jon" will be the hostname of the machine - jon = - { pkgs, ... }: - { - imports = [ - ./modules/shared.nix - ./modules/disko.nix - ./machines/jon/configuration.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - - # Set this for clan commands use ssh i.e. `clan machines update` - # If you change the hostname, you need to update this line to root@ - # This only works however if you have avahi running on your admin machine else use IP - clan.core.networking.targetHost = pkgs.lib.mkDefault "root@jon"; - - # You can get your disk id by running the following command on the installer: - # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. - # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT - disko.devices.disk.main = { - device = "/dev/disk/by-id/__CHANGE_ME__"; - }; - - # IMPORTANT! Add your SSH key here - # e.g. > cat ~/.ssh/id_ed25519.pub - users.users.root.openssh.authorizedKeys.keys = throw '' - Don't forget to add your SSH key here! - users.users.root.openssh.authorizedKeys.keys = [ "" ] - ''; - - # Zerotier needs one controller to accept new nodes. Once accepted - # the controller can be offline and routing still works. - clan.core.networking.zerotier.controller.enable = true; - }; - # "sara" will be the hostname of the machine - sara = - { pkgs, ... }: - { - imports = [ - ./modules/shared.nix - ./modules/disko.nix - ./machines/sara/configuration.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - - # Set this for clan commands use ssh i.e. `clan machines update` - # If you change the hostname, you need to update this line to root@ - # This only works however if you have avahi running on your admin machine else use IP - clan.core.networking.targetHost = pkgs.lib.mkDefault "root@sara"; - - # You can get your disk id by running the following command on the installer: - # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. - # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT - disko.devices.disk.main = { - device = "/dev/disk/by-id/__CHANGE_ME__"; - }; - - # IMPORTANT! Add your SSH key here - # e.g. > cat ~/.ssh/id_ed25519.pub - users.users.root.openssh.authorizedKeys.keys = throw '' - Don't forget to add your SSH key here! - users.users.root.openssh.authorizedKeys.keys = [ "" ] - ''; - - /* - After jon is deployed, uncomment the following line - This will allow sara to share the VPN overlay network with jon - The networkId is generated by the first deployment of jon - */ - # clan.core.networking.zerotier.networkId = builtins.readFile ../../vars/per-machine/jon/zerotier/zerotier-network-id/value; - }; + # jon = { config, ... }: { + # environment.systemPackages = [ pkgs.asciinema ]; + # }; }; } diff --git a/templates/clan/flake-parts/flake.nix b/templates/clan/flake-parts/flake.nix index 340c9b2a2..d87eafb62 100644 --- a/templates/clan/flake-parts/flake.nix +++ b/templates/clan/flake-parts/flake.nix @@ -22,7 +22,9 @@ ]; # https://docs.clan.lol/guides/getting-started/flake-parts/ - clan = import ./clan.nix { inherit self; }; + clan = { + imports = [ ./clan.nix ]; + }; perSystem = { pkgs, inputs', ... }: