mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 09:07:21 +01:00
feat[client,server]: add remote builds, confLib
This commit is contained in:
Leon Schwarzäugl
parent
626d990b4a
commit
f2674bee48
GPG key ID:
26A54C31F2A4FD84
133 changed files with 4297 additions and 3249 deletions
|
|
@ -1,8 +1,10 @@
|
|||
{ lib, config, minimal, globals, ... }:
|
||||
{ self, lib, minimal, ... }:
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./disk-config.nix
|
||||
|
||||
"${self}/modules/nixos/optional/systemd-networkd-server.nix"
|
||||
];
|
||||
|
||||
topology.self = {
|
||||
|
|
@ -10,57 +12,10 @@
|
|||
};
|
||||
swarselmodules.server.nginx = false;
|
||||
|
||||
networking = {
|
||||
useDHCP = lib.mkForce false;
|
||||
useNetworkd = true;
|
||||
dhcpcd.enable = false;
|
||||
renameInterfacesByMac = lib.mapAttrs (_: v: v.mac) (
|
||||
config.repo.secrets.local.networking.networks or { }
|
||||
);
|
||||
};
|
||||
boot.initrd.systemd.network = {
|
||||
enable = true;
|
||||
networks."10-${config.swarselsystems.server.localNetwork}" = config.systemd.network.networks."10-${config.swarselsystems.server.localNetwork}";
|
||||
};
|
||||
|
||||
systemd = {
|
||||
network = {
|
||||
enable = true;
|
||||
wait-online.enable = false;
|
||||
networks =
|
||||
let
|
||||
netConfig = config.repo.secrets.local.networking;
|
||||
in
|
||||
{
|
||||
"10-${config.swarselsystems.server.localNetwork}" = {
|
||||
address = [
|
||||
"${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv4}"
|
||||
"${globals.networks."${if config.swarselsystems.isCloud then config.node.name else "home"}-${config.swarselsystems.server.localNetwork}".hosts.${config.node.name}.cidrv6}"
|
||||
];
|
||||
routes = [
|
||||
{
|
||||
Gateway = netConfig.defaultGateway6;
|
||||
GatewayOnLink = true;
|
||||
}
|
||||
{
|
||||
Gateway = netConfig.defaultGateway4;
|
||||
GatewayOnLink = true;
|
||||
}
|
||||
];
|
||||
networkConfig = {
|
||||
IPv6PrivacyExtensions = true;
|
||||
IPv6AcceptRA = false;
|
||||
};
|
||||
matchConfig.MACAddress = netConfig.networks.${config.swarselsystems.server.localNetwork}.mac;
|
||||
linkConfig.RequiredForOnline = "routable";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
swarselsystems = {
|
||||
flakePath = "/root/.dotfiles";
|
||||
info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM";
|
||||
info = "VM.Standard.A1.Flex, 1 vCPUs, 8GB RAM";
|
||||
isImpermanence = true;
|
||||
isSecureBoot = false;
|
||||
isCrypted = true;
|
||||
|
|
@ -70,14 +25,15 @@
|
|||
isNixos = true;
|
||||
isLinux = true;
|
||||
isCloud = true;
|
||||
proxyHost = "stoicclub";
|
||||
server = {
|
||||
inherit (config.repo.secrets.local.networking) localNetwork;
|
||||
};
|
||||
isBastionTarget = true;
|
||||
};
|
||||
} // lib.optionalAttrs (!minimal) {
|
||||
swarselprofiles = {
|
||||
server = true;
|
||||
};
|
||||
|
||||
swarselmodules.server = {
|
||||
nsd = true;
|
||||
nginx = false;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:RvrGk0fGCxkhhxPaJ0zg/Jl24mv3PyMFz5mkX05zaytgQ9l2yUs2rsAe/GW7CjarVQYi+5Mkc+BDWFUPMjsmu7mTXLXckcjv3YPukO2cvUEHr/Cywj8RZXFxzJaZwc0wpN0vZIXcDDhdZWjrb/WuBykPuYekIu2DaNJ6Ioe0OO4wcoyI3dSyj/1dwWHDqvDgn8v8I8FFm87gGoBn4Po2DZ308C2ge+B4vKcL5S1Lwruz1ocJRh03SDR5cyuDvGioyuSiyDSC1+Sz9mwsRSoTkO94Iv7MJDYmUxDBc2cDPyUP2py9L/BAx42tBpGkHxNctjrTQz9gTaRknpx6sfBmxyNCrg6uv6tBlXujXvyIPA4z6mD9dS6LOP1QKmYOjOrg+l3WYorFZYE5wb93G+bfqwPnd8CcnUQsJ17GzWQ0RMEQ+UDJCASvuuU7osSzJJlBi0vMXmF/sXPgjweuO0xiRuT/KiwKchmWUuygWCFW3PvjY3QkVvLe7mTXxHRZTxw2XsMyFvaMgn+fyCKQ0RUic+j5itXcJS93v5PHX62XgNtziQ4RF7Qnxj+gpNWcBWjEDtgS8v+v+imQVTUu5Mvkqv1XhK+e3iPeiHkvqP3S0UJzvxlwgeRoGziKOiOWpqQynig/sRwQNhcN7L8k4woDbFBf6OgAT8yVMB+WwTT2EFk0L12Is8W0vw4nlWChH8D+QyMvP5Wz0Q3clwlVjfHKWm8s4pIntknoKvGDvbzqTkJCQjPs1gTIbnbckvsrWvm9xu9d85vCL/AP4HFWHE+ZS3nYJYMsxegog3qUka1gHBkfbpwh9bbPvVAD4DPzTs7gDQ7ZSQlzA5hAHEsbOJF8vz+fYqhp6raJ8fXN6Yq2iQcEjbzTFhb+ukzcEln8l+6QWviMI+yr730tx4f2OEGEH0ydvFUUEGx/BBcVuKx4EN+SVPC4TkZUaaHtfE+Fz1WxY+Woh5Bl93J9KhVtK8tficRNW0lGRpbbUGixPrLozl3rNS1OHhbAzA0QJ0ZtzKTa848rFS667YEO/85ZBna/kAH7RGLHWXF3taRHCDqUo2aXbQcGSkhNpPi7XOcOgaujvvHNlg==,iv:M+6rUkhstAIiLRK8Tzd6wnXFu3cKupBImGo1yI4AciM=,tag:FMHnrshyG1Fk2QERIzu98g==,type:str]",
|
||||
"data": "ENC[AES256_GCM,data:4C3fdXBKI/x/7B56b2n6OshGRaGgwYc4HQv4CRgXi+Y83hQj6wfbcqA55Xm9cXOfGAm2NNGIcUrVyuGHKlur7lUkvoNYe+a5A4GEkXVxiAoJKGcHa2nqfmR+GQJRAE6gNm9wgUL24CfKonEb09NgFBFfL7srXtkU8R1TMduUiYvzH7eNy45jQnWdQ3xgNYkb65iIZ3KCkcbjKrlOtN1Qu8+PuQmMl175gUVJcaLmpMgsz5IPetyHUWIkmqjgwhim4CyTZGwOaQW376Xq2mZUf9IOhdqLyR8GcKFLsY/GLDzp1eGfx9xUpAu3NMmjblHDdIyRcv0EjS+Cj/EUQwTrw3R2szXAb1m33sIVyloGT8RyVsu1J+RSIQOEKpVLaTxsCoulIfyBj5h9vajMVFdMmyqAFPJTVF8fNmy57VuBiDR1WYY5WT2QkBwe4A5ZZLpRmudeZAqEjD+R8Itcin4Ce8K4LtkpfLZeCUpnoaWk1u0CH5QuFCyd+s2+S2DBnFqfBmhTVzEtwXyd6zEeLo+LGCh2Eu2XwYi+DV5Xfdp4leTwEXQ+63MB2ZtOQkoxT6pi/w1rSlEcVknJJIc0HRhrRSx685i29qmcWGfjw765ECxCM2RKJKdwtYHwyLQGyTkGgzNlWr/EzskD7wwtanR0K0NUBS3MGbBaSmeI+bJ+B1ld2n7Efp1eg8AdMz/VHywvFQpS6HY5ItPCWNcDB9DMerUQINO1EtP1Dd57vafzQGGcduUKW+ywuwUdOU/XTXPaVP7VWdX9EFIlv/RMK4UX/l3Yy/Vf6iciT45zouIgoFECRe59Uz0185BHTn9xeE9oYGiLfKzlnxhNpXNaNmYGVRxKxKwfMNrA+hRtuoGrD0uE/Ev6F5ytMYMZGsQ5D6TJOHXPfAVWo5MzPA1Q2dgoCF9zZvYgCaOcSZTntoJY9X1MiwMkYIbtOtTQ4jJOI9DfXX+kOp/fejHrQEyAasCvh2zxCW2FjMckREdqtYxPEDsHGc8+0BDGgj+00a5wC19U60jolvdLsUwy41inmirgxBMaQhuavMXEpFXT0hEecZfJn8eJqPVPDVLC8LvlB+C593ByHeoR3VOIfFVv3bgCP+cQudAR+U/b8YO4gSpuVV4WF7JXLCwRCi0Flw7EzAuhuR9JYd8GKUEDctGmAYiPy1YiQCLFnAWmZvHQ2q6TeVDTQ5LPmjqM1b4iqoqn3AHhMu9HWswy4LFNujZblSo0hSHRZ+2P/+Xjrgfz2d3QF66ngEjW1tanw7hxGmiZJXXyPN+2bdB04B8ZnL/gBzQ2661fGYGYCBU=,iv:mU4ydooaOySi7MTe+b/DGfs1fzpDXbkASUo1cDsh4O8=,tag:Jh18+kJPLJFlGx5HymywOw==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
|
|
@ -7,8 +7,8 @@
|
|||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZzY0QVQ4ZUxxZkdhQ2Zn\nOHpmTnRaR0R3cXh2Z2JFM1RDVDB2QnE3M3prCm43NjQyOS93UTZKaUlUUmhVcTdG\nUWp1YU1kVmZPc0tBN2FMY2FFVkI1a0UKLS0tIFovZi9FQlhMaXpvcnRYN2FiSm16\nTzJESjNyZ1NzajJRNDR6ZTd2TitoQTgKe2hC6OpYIzgqzhmeJuHWe0yXNE+/Ek26\nGt7s1B6OKnrj+S3es84ePOjAbLHr/ez282b/h0y55ws4R7jMemUIrQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-11-28T00:08:44Z",
|
||||
"mac": "ENC[AES256_GCM,data:16eXbpMM+scd4NxLrANCiAZuWrtoFMgbjCgo4/TbihhiXGPkO6YP6ERS5F4+Wu282ABRyJoS+ia8EaX2Ug9r5mRtdiNmfbMFibNMXK3hXTqtlquTqCQ0vdYVa5b6XT1dX52MZQ53f9MRSY4V/sPmcpJZaXWbZOIYaqbqxg/iKV4=,iv:1n8OWQuRZzHd2A/uMI7bVkUVyVoe2/GSv3CKlJkFmNE=,tag:Rl0n/9pnJGlKif8TER3cFw==,type:str]",
|
||||
"lastmodified": "2025-12-01T12:12:55Z",
|
||||
"mac": "ENC[AES256_GCM,data:AhvfUvZnKSnhQCTHJpqs5OBELhGYv66on1+kSLX2lONyTbNfwHYsJHII4zHY+bS5cBkZbjtzMfJQkFWtDbU7c8wvdJnHN6H11MOEzC+GfI3R7UzwzJsUjNYE03u8FJCuLvI1SO3EObiKIgH80MV8qlXC+1+f7mKnfZNH8Kekor8=,iv:pAEz8tDZzaFee1EcNBd6zrl0yN55ywVK/eGof/B5MAU=,tag:LbjMr3rOb3By87yOfUK/3A==,type:str]",
|
||||
"pgp": [
|
||||
{
|
||||
"created_at": "2025-11-20T01:03:05Z",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue