From 97c47ca04a9fbf95ef2405c30b407e32701233f3 Mon Sep 17 00:00:00 2001 From: Yadunand Prem Date: Thu, 30 Oct 2025 15:44:44 +0800 Subject: [PATCH] add colmena --- flake.nix | 49 +++++++++++++----- .../yadunut@yadunut-mbp/default.nix | 1 + inventory.nix | 3 +- secrets/btrbk-keyfile.age | Bin 831 -> 831 bytes secrets/k3s.age | 21 ++++---- 5 files changed, 47 insertions(+), 27 deletions(-) diff --git a/flake.nix b/flake.nix index 3d16bc3..c1a47fd 100644 --- a/flake.nix +++ b/flake.nix @@ -25,20 +25,41 @@ outputs = inputs: - inputs.snowfall-lib.mkFlake { - inherit inputs; - src = ./.; - snowfall = { - namespace = "snowfall"; + let + flake = inputs.snowfall-lib.mkFlake { + inherit inputs; + src = ./.; + snowfall = { + namespace = "snowfall"; + }; + systems.modules.nixos = with inputs; [ + agenix.nixosModules.default + ]; + homes.modules = with inputs; [ + agenix.homeManagerModules.default + ]; + channels-config = { + allowUnfree = true; + }; }; - systems.modules.nixos = with inputs; [ - agenix.nixosModules.default - ]; - homes.modules = with inputs; [ - agenix.homeManagerModules.default - ]; - channels-config = { - allowUnfree = true; + inv = import ./inventory.nix; + mkNode = name: node: { + imports = [ (./systems/x86_64-linux + "/${name}") ]; + deployment.targetHost = node.zerotierIp; }; - }; + colmenaNodes = builtins.mapAttrs mkNode inv.nodes; + colmenaHive = inputs.colmena.lib.makeHive ( + { + meta = { + nixpkgs = import inputs.nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + specialArgs = { inherit inputs; }; + }; + } + // colmenaNodes + ); + in + flake // { colmenaHive = colmenaHive; }; } diff --git a/homes/aarch64-darwin/yadunut@yadunut-mbp/default.nix b/homes/aarch64-darwin/yadunut@yadunut-mbp/default.nix index c4d315f..ad5158b 100644 --- a/homes/aarch64-darwin/yadunut@yadunut-mbp/default.nix +++ b/homes/aarch64-darwin/yadunut@yadunut-mbp/default.nix @@ -22,6 +22,7 @@ pkgs.claude-code pkgs.codex pkgs.amp-cli + inputs.colmena.packages.aarch64-darwin.colmena ]; home.sessionVariables = { diff --git a/inventory.nix b/inventory.nix index a87d850..c235468 100644 --- a/inventory.nix +++ b/inventory.nix @@ -16,7 +16,6 @@ # User SSH public keys (named) for authorization and agenix recipients. userKeys = { yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG yadunut"; - "penguin-yadunut" = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEg5wsPLOZvU6lT8cMUsStQqalh/Hw5u104QhOYPS8E yadunut@penguin"; + penguin-yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEg5wsPLOZvU6lT8cMUsStQqalh/Hw5u104QhOYPS8E yadunut@penguin"; }; } diff --git a/secrets/btrbk-keyfile.age b/secrets/btrbk-keyfile.age index 348023052bfad7fd27cbe76429757081f3f78774..484eb3c8692b07413e7a986393fa6adfbb1ab3b2 100644 GIT binary patch delta 787 zcmV+u1MK|22EPW7C4Xa3N-srsAS*9aby;~>F)MRnFk)d#HBe@5Wpi#uI5tK{QFl~y zaZp%fIbn5IH)=6!3NTMHNp3ksZgga3Hgao6R7gZrL3B$?bV_nhHg7dCN;rCQQEhHz zS935~3N1b$b8~1dWn?lnH8D9LY&myNL3bcSFL_8zpySw?3HRY_V%cvd+vRd!-VX*Op$Q*BO7P*QC#Zb?yLQEWDH zO=N9YL2*S*QFdpM@fUwgZf{C#abzoLF*iz9QcF}vcSUwqVPsKELRK(!X)#oIZ%$1) zcXw+|S7QoBWlc#*QfW0(aa3|I8b_MLsv0YT5}35 zEiE8pVox@AWlAeCNOWO%L1ITrby-eiZ&WmRMM_gMO?gFALrs5gP*rd=VKPAq0KDfA zfe{)Q^h;s*4ISal9X!$B=7L#W^Owp?Avmj^oC~u}I0M2*X+3WiE{PB4rR1IQ1&9hL zVFJ97rZgk#n|f7T3X|4>1=pJAj@xNkcYYw{>xww6Dwsq+ zIto+!q-=`AZDD_USPP7UdmZ+rOub{s>Y`5Qt$oG{T6Tn9wp=t z!z^?|a0vkj4&Je%g2J(sGLtrY`(#HtybWn8kloBwc7l9-AkWu4E*`j_^2~ zoADma&D?~g_Diw+%AgR@tjjWD$LzZRgPw#(V|9)j6ooDp(U8Lp4K(aPRH;$)7Sn4C zXy?mE$#RXn79s&@b>sTdi+ER~kZq2=Yl*V>QODrz5DU}a2^;BNM+y0I2Yb@YasV5A zbd7eTab`OVZ*$?}{lt)W*|eW!<@UzsC2SC7Tp|`kwwjH^ec`%$a3k=NUhC?JMr!Oz RMTX$sFYe3UTLLDZiWM9dN{;{l delta 787 zcmV+u1MK|22EPW7C4X!=cTYigAZvPTOZ8PXLMI>PH#d_Fl|sb zRc}F0QCCcMZdpx{@fUw)G-yFNPe@i)XIOScZAMQySZy?VQD}5eHdjkDb22wYFIPlN zK~*tqQ%MRrP%m&dR4`08Gd5&zM?y|zMPYGjbaHGmI59{?FECnBcrr#gRX9c~YE=p? zEiE8RWn^$oY-v|=O=(0zdcSJ^5VQn^JXLf&fc{XEjYeG>9JWZ{y zI|$*R3|l&u+@qv&tQpd72?IYonS`ENNOI){?caW#U&khwDSsClpmPp!+Wnj<)LrsG zmHG2MxPX!czHV3Tj7a))?+u@I|HR(1h9cS9R?p{y zt=Bhpu@A*3I^=(|;7xl1bBO#Tc`X#ZVVbMRRr$7j9uG&|2{ip=_NN-tdZe&wf)L4J9_;_!UF*djNSa=# zBi7(v>M__DuEkv7Me*}%zHbUvmDjqJB9dQ1IGR|x{i4PxzXj7@*F|90eN0$- R+0z9|48%ElE>n|%a-8ilM!Wz3 diff --git a/secrets/k3s.age b/secrets/k3s.age index b35a81f..a4dc4ac 100644 --- a/secrets/k3s.age +++ b/secrets/k3s.age @@ -1,12 +1,11 @@ age-encryption.org/v1 --> ssh-ed25519 Gc/MTQ 1VXVmIQH+4s2AkBbf8BdOp65oDDlxfMYYE184LUggFo -xpUXhXkFiUa3FcWBazPt7l0bPYrurOsn2+MZVxHp0XE --> ssh-ed25519 mOIk4w jdEZYWfNwjmsVhKWo/ucReyRLVgeRICAGP5n6mvJOQg -YuyZTijB3BNxTPKebLmEsfJkRh7/8JETG5eOqgU+fOY --> ssh-ed25519 l9wOAw /OGUnqDH738Yk51Snn7VC1JPBTMU497vBSaKD0qWbAs -+sgfXtvA9g3X5YPr5YcoWo7Ljkxrs3O++aNA6GphU/4 --> ssh-ed25519 cPJ/Ew otg3F8Xt7vYkvjFv3/4OtSG8Q/8/z2IOF9h9q6wiuSc -EI4BL10EGys4Vd1+DiU1u69CB8feEqNw9saqqclvgG4 ---- rqGI3Z4Pd3PDtH7RHfx5FRDu4AZudXZ1Cfv8Cvz/IAw -}Av!@h*8H?h -mr87M4>8쬲B6w M`>:v0C94g3/5gi:nGbxk9 ?a46R \ No newline at end of file +-> ssh-ed25519 mOIk4w b5tjwFCxGwOsQSRQTuyW45PM4UUIePIYfZ1TxtN/uXY +9JBcEmgtq7IbvQ4aSNntlWq756MCOhyPeyYxdSpZXac +-> ssh-ed25519 Gc/MTQ ilPM4uAYGwFNJRUPdyU4TEQFI6wSR6e53X5Vl8sFqXk +ejbXYpUcfyZ0ALMEdmXCl0ELdI3wyH+4gje0ljSLzO4 +-> ssh-ed25519 cPJ/Ew IXILaJ9gLqpuNme7Q9TKmfh0z4OsZWWd2exrnC7pX1U +VTkE9sX8UVvaQwsuOFzimdn4yjYNSDZ4xofzCWPfe1I +-> ssh-ed25519 l9wOAw DuSvKg4h9Ht8YY4WKfyJuS72MAmXOIxUmDvzCOyMoXU +WobjJwvGz0GxVoyn12kKC4FTIRkQiTH9NOK7pmuWLvE +--- 2sPIIJsPAciSrEjOO/ZKxdIByFiFvoVZ3gSs3TvRFQ4 +̊+?]PZ@E`h6֧_jXx_X}^{%f |hpའ-D<@$w x1x}NمgjJ;2O \ No newline at end of file