feat[client,server]: add remote builds, confLib

2025-12-06 09:07:21 +01:00 · 2025-12-02 00:57:35 +01:00 · 2025-12-02 00:57:35 +01:00 · 9acfc5f934
commit 9acfc5f934
parent c20f1b0b59
133 changed files with 4297 additions and 3249 deletions
--- a/hosts/nixos/aarch64-linux/stoicclub/default.nix
+++ b/hosts/nixos/aarch64-linux/stoicclub/default.nix
@ -1,8 +1,10 @@
-{ lib, config, minimal, globals, ... }:
+{ self, lib, minimal, ... }:
 {
  imports = [
    ./hardware-configuration.nix
    ./disk-config.nix
+
+    "${self}/modules/nixos/optional/systemd-networkd-server.nix"
  ];

  topology.self = {
@ -10,57 +12,10 @@
  };
  swarselmodules.server.nginx = false;

-  networking = {
-    useDHCP = lib.mkForce false;
-    useNetworkd = true;
-    dhcpcd.enable = false;
-    renameInterfacesByMac = lib.mapAttrs (_: v: v.mac) (
-      config.repo.secrets.local.networking.networks or { }
-    );
-  };
-  boot.initrd.systemd.network = {
-    enable = true;
-    networks."10-${config.swarselsystems.server.localNetwork}" = config.systemd.network.networks."10-${config.swarselsystems.server.localNetwork}";
-  };
-
-  systemd = {
-    network = {
-      enable = true;
-      wait-online.enable = false;
-      networks =
-        let
-          netConfig = config.repo.secrets.local.networking;
-        in
-        {
-          "10-${config.swarselsystems.server.localNetwork}" = {
-            address = [
-              "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}"
-              "${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}"
-            ];
-            routes = [
-              {
-                Gateway = netConfig.defaultGateway6;
-                GatewayOnLink = true;
-              }
-              {
-                Gateway = netConfig.defaultGateway4;
-                GatewayOnLink = true;
-              }
-            ];
-            networkConfig = {
-              IPv6PrivacyExtensions = true;
-              IPv6AcceptRA = false;
-            };
-            matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac;
-            linkConfig.RequiredForOnline = "routable";
-          };
-        };
-    };
-  };

  swarselsystems = {
    flakePath = "/root/.dotfiles";
-    info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM";
+    info = "VM.Standard.A1.Flex, 1 vCPUs, 8GB RAM";
    isImpermanence = true;
    isSecureBoot = false;
    isCrypted = true;
@ -70,14 +25,15 @@
    isNixos = true;
    isLinux = true;
    isCloud = true;
-    proxyHost = "stoicclub";
-    server = {
-      inherit (config.repo.secrets.local.networking) localNetwork;
-    };
+    isBastionTarget = true;
  };
 } // lib.optionalAttrs (!minimal) {
  swarselprofiles = {
    server = true;
  };

+  swarselmodules.server = {
+    nsd = true;
+    nginx = false;
+  };
 }