chore: format

2024-10-15 15:28:30 -04:00
parent 8ddb71850b
commit a426618383
7 changed files with 83 additions and 40 deletions
--- a/nixos/common/users.nix
+++ b/nixos/common/users.nix
@@ -1,10 +1,10 @@
 {
  users.users.yadunut = {
    isNormalUser = true;
-    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ];
+    extraGroups = ["wheel"]; # Enable ‘sudo’ for the user.
+    openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
  };
  security.sudo.wheelNeedsPassword = false;

-  users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ];
+  users.users.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
 }
--- a/nixos/flake.nix
+++ b/nixos/flake.nix
@@ -18,31 +18,63 @@
    };
  };

-  outputs = { self, flake-utils,nixpkgs, nixos-generators, disko, agenix, ... }: {
+  outputs = {
+    self,
+    nixpkgs,
+    disko,
+    agenix,
+    ...
+  }: {
+    formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.alejandra;
+    formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
    nixosConfigurations = let
      nodes = import ./server/nodes.nix;
-    in builtins.mapAttrs (name: data: nixpkgs.lib.nixosSystem {
-        specialArgs = { meta = { hostname = name; ip = data.ip; private-ip = data.private-ip; }; };
-        modules = [
-          disko.nixosModules.disko
-          agenix.nixosModules.default
-          ./server/proxmox/disko-config.nix
-          ./server/proxmox/configuration.nix
-          ./server/proxmox/hardware-configuration.nix
-        ];
-      }) nodes;
+    in
+      builtins.mapAttrs (name: data:
+        nixpkgs.lib.nixosSystem {
+          specialArgs = {
+            meta = {
+              hostname = name;
+              ip = data.ip;
+              private-ip = data.private-ip;
+            };
+          };
+          modules = [
+            disko.nixosModules.disko
+            agenix.nixosModules.default
+            ./server/proxmox/disko-config.nix
+            ./server/proxmox/configuration.nix
+            ./server/proxmox/hardware-configuration.nix
+          ];
+        })
+      nodes
+      // {
+        premhome-gc1 = nixpkgs.lib.nixosSystem {
+          modules = [
+            disko.nixosModules.disko
+            agenix.nixosModules.default
+            ./server/premhome-gc1/disko-config.nix
+            ./server/premhome-gc1/configuration.nix
+            ./server/premhome-gc1/hardware-configuration.nix
+          ];
+        };
+      };

    colmena = let
      configs = self.nixosConfigurations;
-    in {
+    in
+      {
        meta = {
          description = "My personal machines";
-          nixpkgs = import nixpkgs { system = "x86_64-linux"; };
+          nixpkgs = import nixpkgs {system = "x86_64-linux";};
          nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs;
          nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs;
        };
-      } // builtins.mapAttrs (name: value: { 
-      imports = value._module.args.modules; 
-      deployment.targetHost = value._module.specialArgs.meta.private-ip; }) configs;
+      }
+      // builtins.mapAttrs (name: value: {
+        imports = value._module.args.modules;
+        deployment.targetHost = value._module.specialArgs.meta.private-ip;
+      })
+      configs;
  };
 }
--- a/nixos/proxmox/iso.nix
+++ b/nixos/proxmox/iso.nix
@@ -1,5 +1,9 @@
-{ config, lib, pkgs, ...}:
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
  imports = [../common/users.nix];

  nix = {
--- a/nixos/secrets/secrets.nix
+++ b/nixos/secrets/secrets.nix
@@ -1,8 +1,7 @@
-let 
+let
  keys = import ./keys.nix;
-in
-{
+in {
  "tailscale.age".publicKeys = builtins.attrValues keys;
  "k3s.age".publicKeys = builtins.attrValues keys;
-  "flux.age".publicKeys = [ keys.yadunut keys.yadunut-mbp ];
+  "flux.age".publicKeys = [keys.yadunut keys.yadunut-mbp];
 }
--- a/nixos/server/proxmox/configuration.nix
+++ b/nixos/server/proxmox/configuration.nix
@@ -1,6 +1,10 @@
-{ config, meta, pkgs, ... }:
 {
-  imports = [../common/users.nix];
+  config,
+  meta,
+  pkgs,
+  ...
+}: {
+  imports = [../../common/users.nix];
  nix = {
    settings.experimental-features = ["nix-command" "flakes"];
  };
@@ -14,7 +18,7 @@
    enable = true;
    authKeyFile = config.age.secrets.tailscale.path;
    useRoutingFeatures = "both";
-    extraUpFlags = [ "--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes"  ];
+    extraUpFlags = ["--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes"];
    interfaceName = "tailscale0";
  };

@@ -34,7 +38,6 @@
    "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
  ];

-
  environment.systemPackages = with pkgs; [
    git
    neovim
@@ -46,11 +49,14 @@
    role = "server";
    tokenFile = config.age.secrets.k3s.path;
    clusterInit = meta.hostname == "premhome-falcon-1";
-    serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443";
-    extraFlags = ["--disable=servicelb" "--disable=traefik" ];
+    serverAddr =
+      if meta.hostname == "premhome-falcon-1"
+      then ""
+      else "https://premhome-falcon-1:6443";
+    extraFlags = ["--disable=servicelb" "--disable=traefik"];
  };

-  networking.firewall.trustedInterfaces = [ "tailscale0" ];
+  networking.firewall.trustedInterfaces = ["tailscale0"];
  networking.firewall.enable = false;

  system.stateVersion = "24.11";
--- a/nixos/server/proxmox/disko-config.nix
+++ b/nixos/server/proxmox/disko-config.nix
@@ -25,7 +25,6 @@
              };
            };
          };
-
        };
      };
    };
--- a/nixos/server/proxmox/hardware-configuration.nix
+++ b/nixos/server/proxmox/hardware-configuration.nix
@@ -1,16 +1,19 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [(modulesPath + "/profiles/qemu-guest.nix")];

-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
+  boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-intel"];
+  boot.extraModulePackages = [];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's