diff --git a/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py b/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py index 74030e868..8cda0d002 100644 --- a/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py +++ b/pkgs/clan-cli/clan_cli/tests/test_clan_nix_attrset.py @@ -93,7 +93,7 @@ def test_clan_core_templates( ] clan_core_template_keys = list(clan_core_templates.keys()) - expected_templates = ["classic", "default", "minimal"] + expected_templates = ["default", "flake-parts", "minimal", "minimal-flake-parts"] assert clan_core_template_keys == expected_templates vlist_temps = list_templates("clan", clan_dir) @@ -112,16 +112,17 @@ def test_clan_core_templates( Path(default_template.src["path"]), new_clan, ) - flake_file = new_clan / "flake.nix" + assert (new_clan / "flake.nix").exists() + assert (new_clan / "machines").is_dir() + assert (new_clan / "machines" / "jon").is_dir() + config_nix_p = new_clan / "machines" / "jon" / "configuration.nix" + assert (config_nix_p).is_file() - assert (flake_file).exists() - # Test if we can read + write files after the template was copied - with flake_file.open("r+") as f: + # Test if we can write to the configuration.nix file + with config_nix_p.open("r+") as f: data = f.read() f.write(data) - assert (new_clan / "machines").is_dir() - # Test Case 1: Minimal input with empty templates @pytest.mark.with_core diff --git a/pkgs/clan-cli/clan_cli/tests/test_create_flake.py b/pkgs/clan-cli/clan_cli/tests/test_create_flake.py index af46752cd..eb8aaa45c 100644 --- a/pkgs/clan-cli/clan_cli/tests/test_create_flake.py +++ b/pkgs/clan-cli/clan_cli/tests/test_create_flake.py @@ -23,7 +23,8 @@ def test_create_flake( cli.run(["flakes", "create", str(flake_dir), "--template=default", "--no-update"]) - # Replace the inputs.clan-core.url in the template flake.nix + assert (flake_dir / ".clan-flake").exists() + # Replace the inputs.clan.url in the template flake.nix substitute( flake_dir / "flake.nix", clan_core, @@ -34,6 +35,13 @@ def test_create_flake( cli.run(["machines", "create", "machine1"]) + # create a hardware-configuration.nix that doesn't throw an eval error + + for patch_machine in ["jon", "sara"]: + ( + flake_dir / "machines" / f"{patch_machine}/hardware-configuration.nix" + ).write_text("{}") + with capture_output as output: cli.run(["machines", "list"]) assert "machine1" in output.out @@ -60,7 +68,8 @@ def test_create_flake_existing_git( cli.run(["flakes", "create", str(flake_dir), "--template=default", "--no-update"]) - # Replace the inputs.clan-core.url in the template flake.nix + assert (flake_dir / ".clan-flake").exists() + # Replace the inputs.clan.url in the template flake.nix substitute( flake_dir / "flake.nix", clan_core, @@ -70,6 +79,13 @@ def test_create_flake_existing_git( monkeypatch.chdir(flake_dir) cli.run(["machines", "create", "machine1"]) + # create a hardware-configuration.nix that doesn't throw an eval error + + for patch_machine in ["jon", "sara"]: + ( + flake_dir / "machines" / f"{patch_machine}/hardware-configuration.nix" + ).write_text("{}") + with capture_output as output: cli.run(["machines", "list"]) assert "machine1" in output.out @@ -95,7 +111,7 @@ def test_ui_template( cli.run(["flakes", "create", str(flake_dir), "--template=minimal", "--no-update"]) - # Replace the inputs.clan-core.url in the template flake.nix + # Replace the inputs.clan.url in the template flake.nix substitute( flake_dir / "flake.nix", clan_core, diff --git a/templates/clan/classic/flake.nix b/templates/clan/classic/flake.nix deleted file mode 100644 index 6cdbfbe86..000000000 --- a/templates/clan/classic/flake.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - inputs.nixpkgs.follows = "clan-core/nixpkgs"; - - outputs = - { self, clan-core, ... }: - let - # Usage see: https://docs.clan.lol - clan = clan-core.clanLib.buildClan { - inherit self; - - # Ensure this is unique among all clans you want to use. - meta.name = "__CHANGE_ME__"; - - # Information about your machines. Machines under ./machines will be auto-imported. - inventory.machines = { - somemachine.tags = [ "desktop" ]; - somemachine.deploy.targetHost = "root@somemachine"; - }; - - # Clan services to use. See https://docs.clan.lol/reference/clanServices - inventory.instances = { - - admin = { - module = { - name = "admin"; - input = "clan"; - }; - roles.default.tags.all = { }; - }; - - zerotier = { - module = { - name = "zerotier"; - input = "clan"; - }; - roles.peer.tags.all = { }; - }; - }; - - # A mapping of machine names to their nixos configuration. Allows specifying - # additional configuration. - machines = { - somemachine = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ asciinema ]; - }; - }; - }; - in - { - - # Expose clan structures as flake outputs. clanInternals is needed for - # the clan-cli. Exposing nixosConfigurations allows using `nixos-rebuild` as before. - inherit (clan) - nixosConfigurations - nixosModules - clanInternals - darwinConfigurations - darwinModules - ; - - # Add the Clan cli tool to the dev shell. - # Use "nix develop" to enter the dev shell. - devShells = - clan-core.inputs.nixpkgs.lib.genAttrs - [ - "x86_64-linux" - "aarch64-linux" - "aarch64-darwin" - "x86_64-darwin" - ] - (system: { - default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell { - packages = [ clan-core.packages.${system}.clan-cli ]; - }; - }); - }; -} diff --git a/templates/clan/classic/machines/.gitkeep b/templates/clan/classic/machines/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/templates/clan/default/flake.nix b/templates/clan/default/flake.nix deleted file mode 100644 index c7150275b..000000000 --- a/templates/clan/default/flake.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ - inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - inputs.nixpkgs.follows = "clan-core/nixpkgs"; - inputs.flake-parts.follows = "clan-core/flake-parts"; - inputs.flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; - - outputs = - inputs@{ flake-parts, ... }: - flake-parts.lib.mkFlake { inherit inputs; } { - systems = [ - "x86_64-linux" - "aarch64-linux" - "x86_64-darwin" - "aarch64-darwin" - ]; - imports = [ inputs.clan-core.flakeModules.default ]; - # https://docs.clan.lol/guides/getting-started/flake-parts/ - clan = { - - # Ensure this is unique among all clans you want to use. - meta.name = "__CHANGE_ME__"; - - # Information about your machines. Machines under ./machines will be auto-imported. - inventory.machines = { - somemachine.tags = [ "desktop" ]; - somemachine.deploy.targetHost = "root@somemachine"; - }; - - # Clan services to use. See https://docs.clan.lol/reference/clanServices - inventory.instances = { - - admin = { - module = { - name = "admin"; - input = "clan"; - }; - roles.default.tags.all = { }; - }; - - zerotier = { - module = { - name = "zerotier"; - input = "clan"; - }; - roles.peer.tags.all = { }; - }; - }; - - # A mapping of machine names to their nixos configuration. Allows specifying - # additional configuration. - machines = { - somemachine = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ asciinema ]; - }; - }; - }; - perSystem = - { pkgs, inputs', ... }: - { - devShells.default = pkgs.mkShell { packages = [ inputs'.clan-core.packages.clan-cli ]; }; - }; - }; -} diff --git a/templates/clan/default/machines/.gitkeep b/templates/clan/default/machines/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/templates/clan/classic/.envrc b/templates/clan/flake-parts/.envrc similarity index 100% rename from templates/clan/classic/.envrc rename to templates/clan/flake-parts/.envrc diff --git a/templates/clan/flake-parts/flake.nix b/templates/clan/flake-parts/flake.nix new file mode 100644 index 000000000..2d61576bc --- /dev/null +++ b/templates/clan/flake-parts/flake.nix @@ -0,0 +1,108 @@ +{ + inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + inputs.nixpkgs.follows = "clan-core/nixpkgs"; + inputs.flake-parts.url = "github:hercules-ci/flake-parts"; + inputs.flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; + + outputs = + inputs@{ + self, + flake-parts, + ... + }: + flake-parts.lib.mkFlake { inherit inputs; } { + systems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + imports = [ inputs.clan-core.flakeModules.default ]; + # https://docs.clan.lol/guides/getting-started/flake-parts/ + clan = { + meta.name = "__CHANGE_ME__"; # Ensure this is unique among all clans you want to use. + + inherit self; + machines = { + # "jon" will be the hostname of the machine + jon = + { pkgs, ... }: + { + imports = [ + ./modules/shared.nix + ./modules/disko.nix + ./machines/jon/configuration.nix + ]; + + nixpkgs.hostPlatform = "x86_64-linux"; + + # Set this for clan commands use ssh i.e. `clan machines update` + # If you change the hostname, you need to update this line to root@ + # This only works however if you have avahi running on your admin machine else use IP + clan.core.networking.targetHost = pkgs.lib.mkDefault "root@jon"; + + # You can get your disk id by running the following command on the installer: + # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. + # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT + disko.devices.disk.main = { + device = "/dev/disk/by-id/__CHANGE_ME__"; + }; + + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = throw '' + Don't forget to add your SSH key here! + users.users.root.openssh.authorizedKeys.keys = [ "" ] + ''; + + # Zerotier needs one controller to accept new nodes. Once accepted + # the controller can be offline and routing still works. + clan.core.networking.zerotier.controller.enable = true; + }; + # "sara" will be the hostname of the machine + sara = + { pkgs, ... }: + { + imports = [ + ./modules/shared.nix + ./modules/disko.nix + ./machines/sara/configuration.nix + ]; + + nixpkgs.hostPlatform = "x86_64-linux"; + + # Set this for clan commands use ssh i.e. `clan machines update` + # If you change the hostname, you need to update this line to root@ + # This only works however if you have avahi running on your admin machine else use IP + clan.core.networking.targetHost = pkgs.lib.mkDefault "root@sara"; + + # You can get your disk id by running the following command on the installer: + # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. + # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT + disko.devices.disk.main = { + device = "/dev/disk/by-id/__CHANGE_ME__"; + }; + + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = throw '' + Don't forget to add your SSH key here! + users.users.root.openssh.authorizedKeys.keys = [ "" ] + ''; + + /* + After jon is deployed, uncomment the following line + This will allow sara to share the VPN overlay network with jon + The networkId is generated by the first deployment of jon + */ + # clan.core.networking.zerotier.networkId = builtins.readFile ../../vars/per-machine/jon/zerotier/zerotier-network-id/value; + }; + }; + }; + perSystem = + { pkgs, inputs', ... }: + { + devShells.default = pkgs.mkShell { packages = [ inputs'.clan-core.packages.clan-cli ]; }; + }; + }; +} diff --git a/templates/clan/flake-parts/machines/jon/configuration.nix b/templates/clan/flake-parts/machines/jon/configuration.nix new file mode 100644 index 000000000..9fa9a41cd --- /dev/null +++ b/templates/clan/flake-parts/machines/jon/configuration.nix @@ -0,0 +1,38 @@ +{ config, ... }: +let + username = config.networking.hostName; +in +{ + imports = [ ./hardware-configuration.nix ]; + + # Locale service discovery and mDNS + services.avahi.enable = true; + + services.xserver.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.displayManager.gdm.enable = true; + # Disable the default gnome apps to speed up deployment + services.gnome.core-utilities.enable = false; + + # Enable automatic login for the user. + services.displayManager.autoLogin = { + enable = true; + user = username; + }; + + users.users.${username} = { + initialPassword = username; + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "audio" + "input" + "dialout" + "disk" + ]; + uid = 1000; + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + }; +} diff --git a/templates/clan/flake-parts/machines/sara/configuration.nix b/templates/clan/flake-parts/machines/sara/configuration.nix new file mode 100644 index 000000000..df02f6cad --- /dev/null +++ b/templates/clan/flake-parts/machines/sara/configuration.nix @@ -0,0 +1,39 @@ +{ config, ... }: + +let + username = config.networking.hostName; +in +{ + imports = [ ./hardware-configuration.nix ]; + + # Locale service discovery and mDNS + services.avahi.enable = true; + + services.xserver.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.displayManager.gdm.enable = true; + # Disable the default gnome apps to speed up deployment + services.gnome.core-utilities.enable = false; + + # Enable automatic login for the user. + services.displayManager.autoLogin = { + enable = true; + user = username; + }; + + users.users.${username} = { + initialPassword = username; + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "audio" + "input" + "dialout" + "disk" + ]; + uid = 1000; + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + }; +} diff --git a/templates/clan/flake-parts/modules/disko.nix b/templates/clan/flake-parts/modules/disko.nix new file mode 100644 index 000000000..5bc1e84bd --- /dev/null +++ b/templates/clan/flake-parts/modules/disko.nix @@ -0,0 +1,51 @@ +{ lib, clan-core, ... }: + +let + suffix = config.clan.core.vars.generators.disk-id.files.diskId.value; +in +{ + imports = [ + clan-core.clanModules.disk-id + ]; + + boot.loader.grub.efiSupport = lib.mkDefault true; + boot.loader.grub.efiInstallAsRemovable = lib.mkDefault true; + disko.devices = { + disk = { + "main" = { + # suffix is to prevent disk name collisions + name = "main-" + suffix; + type = "disk"; + # Set the following in flake.nix for each maschine: + # device = ; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + "ESP" = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + "root" = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/templates/clan/flake-parts/modules/shared.nix b/templates/clan/flake-parts/modules/shared.nix new file mode 100644 index 000000000..5b30638a9 --- /dev/null +++ b/templates/clan/flake-parts/modules/shared.nix @@ -0,0 +1,14 @@ +{ + clan-core, + # Optional, if you want to access other flakes: + # self, + ... +}: +{ + imports = [ + clan-core.clanModules.sshd + clan-core.clanModules.root-password + # You can access other flakes imported in your flake via `self` like this: + # self.inputs.nix-index-database.nixosModules.nix-index + ]; +} diff --git a/templates/clan/minimal/.gitignore b/templates/clan/minimal-flake-parts/.gitignore similarity index 100% rename from templates/clan/minimal/.gitignore rename to templates/clan/minimal-flake-parts/.gitignore diff --git a/templates/clan/minimal-flake-parts/checks.nix b/templates/clan/minimal-flake-parts/checks.nix new file mode 100644 index 000000000..8de32fa02 --- /dev/null +++ b/templates/clan/minimal-flake-parts/checks.nix @@ -0,0 +1,22 @@ +{ self, ... }: +{ + perSystem = + { + self', + lib, + system, + ... + }: + { + checks = + let + nixosMachines = lib.mapAttrs' ( + name: config: lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel + ) ((lib.filterAttrs (_: config: config.pkgs.system == system)) self.nixosConfigurations); + + packages = lib.mapAttrs' (n: lib.nameValuePair "package-${n}") self'.packages; + devShells = lib.mapAttrs' (n: lib.nameValuePair "devShell-${n}") self'.devShells; + in + nixosMachines // packages // devShells; + }; +} diff --git a/templates/clan/minimal-flake-parts/clan.nix b/templates/clan/minimal-flake-parts/clan.nix new file mode 100644 index 000000000..507900c94 --- /dev/null +++ b/templates/clan/minimal-flake-parts/clan.nix @@ -0,0 +1,13 @@ +{ self, inputs, ... }: +{ + imports = [ + inputs.clan.flakeModules.default + ]; + clan = { + meta.name = "__CHANGE_ME__"; + inherit self; + specialArgs = { + inherit inputs; + }; + }; +} diff --git a/templates/clan/minimal-flake-parts/devshells.nix b/templates/clan/minimal-flake-parts/devshells.nix new file mode 100644 index 000000000..43a2d86db --- /dev/null +++ b/templates/clan/minimal-flake-parts/devshells.nix @@ -0,0 +1,17 @@ +_: { + perSystem = + { + pkgs, + inputs', + ... + }: + { + devShells = { + default = pkgs.mkShellNoCC { + packages = [ + inputs'.clan.packages.default + ]; + }; + }; + }; +} diff --git a/templates/clan/minimal-flake-parts/flake.nix b/templates/clan/minimal-flake-parts/flake.nix new file mode 100644 index 000000000..63afbb405 --- /dev/null +++ b/templates/clan/minimal-flake-parts/flake.nix @@ -0,0 +1,31 @@ +{ + + inputs = { + clan.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + nixpkgs.follows = "clan/nixpkgs"; + + flake-parts.url = "github:hercules-ci/flake-parts"; + flake-parts.inputs.nixpkgs-lib.follows = "clan/nixpkgs"; + }; + + outputs = + inputs@{ flake-parts, ... }: + flake-parts.lib.mkFlake { inherit inputs; } ( + { ... }: + { + systems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + + imports = [ + ./checks.nix + ./clan.nix + ./devshells.nix + ./formatter.nix + ]; + } + ); +} diff --git a/templates/clan/minimal-flake-parts/formatter.nix b/templates/clan/minimal-flake-parts/formatter.nix new file mode 100644 index 000000000..ec092fae4 --- /dev/null +++ b/templates/clan/minimal-flake-parts/formatter.nix @@ -0,0 +1,10 @@ +_: { + perSystem = + { + pkgs, + ... + }: + { + formatter = pkgs.nixfmt; + }; +} diff --git a/templates/clan/minimal/flake.nix b/templates/clan/minimal/flake.nix index 433b02c8d..bc7e4b895 100644 --- a/templates/clan/minimal/flake.nix +++ b/templates/clan/minimal/flake.nix @@ -1,35 +1,15 @@ { - inputs = { - clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - nixpkgs.follows = "clan-core/nixpkgs"; - - flake-parts.follows = "clan-core/flake-parts"; - flake-parts.inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; - }; + inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + inputs.nixpkgs.follows = "clan-core/nixpkgs"; outputs = - inputs@{ flake-parts, ... }: - flake-parts.lib.mkFlake { inherit inputs; } ( - { self, lib, ... }: - { - - imports = [ - inputs.clan-core.flakeModules.default - ]; - - clan = { - inherit self; - specialArgs = { inherit inputs; }; - # Ensure this is unique among all clans you want to use. - meta.name = lib.mkDefault "__CHANGE_ME__"; - }; - - systems = [ - "x86_64-linux" - "aarch64-linux" - "x86_64-darwin" - "aarch64-darwin" - ]; - } - ); + { self, clan-core, ... }: + let + # Usage see: https://docs.clan.lol + clan = clan-core.clanLib.buildClan { inherit self; }; + in + { + # all machines managed by Clan + inherit (clan) nixosConfigurations nixosModules clanInternals; + }; } diff --git a/templates/clan/minimal/inventory.json b/templates/clan/minimal/inventory.json new file mode 100644 index 000000000..40109ebd5 --- /dev/null +++ b/templates/clan/minimal/inventory.json @@ -0,0 +1,5 @@ +{ + "meta": { "name": "__CHANGE_ME__" }, + "machines": {}, + "services": {} +} diff --git a/templates/clan/new-clan/.clan-flake b/templates/clan/new-clan/.clan-flake new file mode 100644 index 000000000..406fcfebe --- /dev/null +++ b/templates/clan/new-clan/.clan-flake @@ -0,0 +1,2 @@ +# DO NOT DELETE +# This file is used by the clan cli to discover a clan flake diff --git a/templates/clan/default/.envrc b/templates/clan/new-clan/.envrc similarity index 100% rename from templates/clan/default/.envrc rename to templates/clan/new-clan/.envrc diff --git a/templates/clan/new-clan/flake.nix b/templates/clan/new-clan/flake.nix new file mode 100644 index 000000000..846a81081 --- /dev/null +++ b/templates/clan/new-clan/flake.nix @@ -0,0 +1,46 @@ +{ + inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + inputs.nixpkgs.follows = "clan-core/nixpkgs"; + + outputs = + { self, clan-core, ... }: + let + # Usage see: https://docs.clan.lol + clan = clan-core.clanLib.buildClan { + inherit self; + # Ensure this is unique among all clans you want to use. + meta.name = "__CHANGE_ME__"; + + # All machines in ./machines will be imported. + + # Prerequisite: boot into the installer. + # See: https://docs.clan.lol/guides/getting-started/installer + # local> mkdir -p ./machines/machine1 + # local> Edit ./machines//configuration.nix to your liking. + machines = { + # You can also specify additional machines here. + # somemachine = { + # imports = [ ./some-machine/configuration.nix ]; + # } + }; + }; + in + { + inherit (clan) nixosConfigurations nixosModules clanInternals; + # Add the Clan cli tool to the dev shell. + # Use "nix develop" to enter the dev shell. + devShells = + clan-core.inputs.nixpkgs.lib.genAttrs + [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + "x86_64-darwin" + ] + (system: { + default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell { + packages = [ clan-core.packages.${system}.clan-cli ]; + }; + }); + }; +} diff --git a/templates/clan/new-clan/machines/jon/configuration.nix b/templates/clan/new-clan/machines/jon/configuration.nix new file mode 100644 index 000000000..a675ce882 --- /dev/null +++ b/templates/clan/new-clan/machines/jon/configuration.nix @@ -0,0 +1,35 @@ +{ + imports = [ + # contains your disk format and partitioning configuration. + ../../modules/disko.nix + # this file is shared among all machines + ../../modules/shared.nix + # enables GNOME desktop (optional) + ../../modules/gnome.nix + ]; + + # This is your user login name. + users.users.user.name = ""; + + # Set this for clan commands use ssh i.e. `clan machines update` + # If you change the hostname, you need to update this line to root@ + # This only works however if you have avahi running on your admin machine else use IP + clan.core.networking.targetHost = "root@"; + + # You can get your disk id by running the following command on the installer: + # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. + # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT + disko.devices.disk.main.device = "/dev/disk/by-id/__CHANGE_ME__"; + + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ + '' + __YOUR_SSH_KEY__ + '' + ]; + + # Zerotier needs one controller to accept new nodes. Once accepted + # the controller can be offline and routing still works. + clan.core.networking.zerotier.controller.enable = true; +} diff --git a/templates/clan/new-clan/machines/sara/configuration.nix b/templates/clan/new-clan/machines/sara/configuration.nix new file mode 100644 index 000000000..66da728a1 --- /dev/null +++ b/templates/clan/new-clan/machines/sara/configuration.nix @@ -0,0 +1,34 @@ +{ + imports = [ + ../../modules/disko.nix + ../../modules/shared.nix + # enables GNOME desktop (optional) + ../../modules/gnome.nix + ]; + # Put your username here for login + users.users.user.name = ""; + + # Set this for clan commands use ssh i.e. `clan machines update` + # If you change the hostname, you need to update this line to root@ + # This only works however if you have avahi running on your admin machine else use IP + clan.core.networking.targetHost = "root@"; + + # You can get your disk id by running the following command on the installer: + # Replace with the IP of the installer printed on the screen or by running the `ip addr` command. + # ssh root@ lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT + disko.devices.disk.main.device = "/dev/disk/by-id/__CHANGE_ME__"; + + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ + '' + __YOUR_SSH_KEY__ + '' + ]; + /* + After jon is deployed, uncomment the following line + This will allow sara to share the VPN overlay network with jon + The networkId is generated by the first deployment of jon + */ + # clan.core.networking.zerotier.networkId = builtins.readFile ../../vars/per-machine/jon/zerotier/zerotier-network-id/value; +} diff --git a/templates/clan/new-clan/modules/disko.nix b/templates/clan/new-clan/modules/disko.nix new file mode 100644 index 000000000..d42864893 --- /dev/null +++ b/templates/clan/new-clan/modules/disko.nix @@ -0,0 +1,61 @@ +{ + lib, + clan-core, + config, + ... +}: + +let + suffix = config.clan.core.vars.generators.disk-id.files.diskId.value; +in +{ + imports = [ + clan-core.clanModules.disk-id + ]; + + # DO NOT EDIT THIS FILE AFTER INSTALLATION of a machine + # Otherwise your system might not boot because of missing partitions / filesystems + boot.loader.grub.efiSupport = lib.mkDefault true; + boot.loader.grub.efiInstallAsRemovable = lib.mkDefault true; + disko.devices = { + disk = { + "main" = { + # suffix is to prevent disk name collisions + name = "main-" + suffix; + type = "disk"; + # Set the following in flake.nix for each maschine: + # device = ; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + "ESP" = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "nofail" ]; + }; + }; + "root" = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + # format = "btrfs"; + # format = "bcachefs"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/templates/clan/new-clan/modules/gnome.nix b/templates/clan/new-clan/modules/gnome.nix new file mode 100644 index 000000000..bcbc5a148 --- /dev/null +++ b/templates/clan/new-clan/modules/gnome.nix @@ -0,0 +1,5 @@ +{ + services.xserver.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.displayManager.gdm.enable = true; +} diff --git a/templates/clan/new-clan/modules/shared.nix b/templates/clan/new-clan/modules/shared.nix new file mode 100644 index 000000000..23f8a3fb3 --- /dev/null +++ b/templates/clan/new-clan/modules/shared.nix @@ -0,0 +1,38 @@ +{ + config, + clan-core, + # Optional, if you want to access other flakes: + # self, + ... +}: +{ + imports = [ + # Enables the OpenSSH server for remote access + clan-core.clanModules.sshd + # Set a root password + clan-core.clanModules.root-password + clan-core.clanModules.user-password + clan-core.clanModules.state-version + + # You can access other flakes imported in your flake via `self` like this: + # self.inputs.nix-index-database.nixosModules.nix-index + ]; + + # Locale service discovery and mDNS + services.avahi.enable = true; + + # generate a random password for our user below + # can be read using `clan secrets get -user-password` command + clan.user-password.user = "user"; + users.users.user = { + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "input" + ]; + uid = 1000; + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + }; +} diff --git a/templates/flake-module.nix b/templates/flake-module.nix index c36f3097d..366fd7ef7 100644 --- a/templates/flake-module.nix +++ b/templates/flake-module.nix @@ -26,7 +26,6 @@ EOF ''; evaled = (import "${initialized}/flake.nix").outputs { - flake-parts = inputs.flake-parts; self = evaled // { outPath = initialized; }; diff --git a/templates/flake.nix b/templates/flake.nix index df9045be6..e349af18b 100644 --- a/templates/flake.nix +++ b/templates/flake.nix @@ -25,18 +25,20 @@ clan = { default = { description = "Initialize a new clan flake"; - path = ./clan/default; + path = ./clan/new-clan; }; - - classic = { - description = "Initialize a new clan flake (no flake-parts)"; - path = ./clan/classic; - }; - minimal = { description = "for clans managed via (G)UI"; path = ./clan/minimal; }; + flake-parts = { + description = "Flake-parts"; + path = ./clan/flake-parts; + }; + minimal-flake-parts = { + description = "Minimal flake-parts clan template"; + path = ./clan/minimal-flake-parts; + }; }; }; };