SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-23 13:28:27 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: SebastianStork:68be1140177555f6b0a62ca1dda534f46f8979df
Branches Tags
SebastianStork:main
SebastianStork:dependabot/github_actions/cachix/cachix-action-17
SebastianStork:deploy
SebastianStork:deployed/srv-core
SebastianStork:deployed/vps-ns
SebastianStork:deployed/vps-www
SebastianStork:testing-srv-core
..
compare: SebastianStork:050d607cd3ce6e22e9502db68c1431eea263f073
Branches Tags
SebastianStork:dependabot/github_actions/cachix/cachix-action-17
SebastianStork:deploy
SebastianStork:deployed/srv-core
SebastianStork:deployed/vps-ns
SebastianStork:deployed/vps-www
SebastianStork:main
SebastianStork:testing-srv-core

4 commits
68be114017 ... 050d607cd3

Author SHA1 Message Date
SebastianStork
050d607cd3
flake.nix: Avoid path concatenation in imports mapping 2026-02-14 23:57:00 +01:00
SebastianStork
0ea72891c8
scripts: Refactor following tests' example 2026-02-14 23:54:13 +01:00
SebastianStork
a3bae7baec
tests: Refactor parts module 2026-02-14 23:53:12 +01:00
SebastianStork
d92342ab4c
networking/overlay: Move defaults from nebula 2026-02-14 23:47:32 +01:00
8 changed files with 39 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

16
flake-parts/scripts.nix
View file

@ -7,19 +7,19 @@
lib, lib,
... ...
}: }:
{ let
packages = mkScript = file: rec {
"${self}/scripts"
|> lib.filesystem.listFilesRecursive
|> lib.map (file: {
name = name =
file file
|> lib.unsafeDiscardStringContext |> lib.unsafeDiscardStringContext
|> lib.removePrefix "${self}/scripts/" |> lib.removePrefix "${self}/scripts/"
|> lib.removeSuffix ".nix" |> lib.removeSuffix ".nix"
|> lib.replaceString "/" "-"; |> lib.replaceString "/" "-";
value = import file { inherit self' pkgs lib; }; value = pkgs.writeShellApplication ({ inherit name; } // import file { inherit self' pkgs lib; });
}) };
|> lib.listToAttrs; in
{
packages =
"${self}/scripts" |> lib.filesystem.listFilesRecursive |> lib.map mkScript |> lib.listToAttrs;
}; };
} }

20
flake-parts/tests.nix
View file

@ -2,18 +2,14 @@
{ {
perSystem = perSystem =
{ pkgs, lib, ... }: { pkgs, lib, ... }:
{ let
checks = mkTest = dir: rec {
"${self}/tests" name = "${dir}-test";
|> builtins.readDir
|> lib.attrNames
|> lib.map (name: {
name = "${name}-test";
value = pkgs.testers.runNixOSTest ( value = pkgs.testers.runNixOSTest (
{ {
name = "${name}-test"; inherit name;
} }
// import "${self}/tests/${name}" { // import "${self}/tests/${dir}" {
inherit inherit
inputs inputs
self self
@ -22,7 +18,9 @@
; ;
} }
); );
}) };
|> lib.listToAttrs; in
{
checks = "${self}/tests" |> builtins.readDir |> lib.attrNames |> lib.map mkTest |> lib.listToAttrs;
}; };
} }

2
flake.nix
View file

@ -70,6 +70,6 @@
./flake-parts ./flake-parts
|> builtins.readDir |> builtins.readDir
|> builtins.attrNames |> builtins.attrNames
|> builtins.map (name: ./flake-parts + "/${name}"); |> builtins.map (name: ./flake-parts/${name});
}; };
} }

8
modules/system/networking/overlay.nix
View file

@ -11,7 +11,7 @@ in
options.custom.networking.overlay = { options.custom.networking.overlay = {
networkCidr = lib.mkOption { networkCidr = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "10.254.250.0/24";
}; };
networkAddress = lib.mkOption { networkAddress = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
@ -25,7 +25,7 @@ in
}; };
domain = lib.mkOption { domain = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "splitleaf.de";
}; };
fqdn = lib.mkOption { fqdn = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
@ -43,11 +43,11 @@ in
}; };
interface = lib.mkOption { interface = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "nebula";
}; };
systemdUnit = lib.mkOption { systemdUnit = lib.mkOption {
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "nebula@mesh.service";
}; };
isLighthouse = lib.mkEnableOption ""; isLighthouse = lib.mkEnableOption "";

7
modules/system/services/nebula/default.nix
View file

@ -51,13 +51,6 @@ in
message = "`${netCfg.hostName}` is a Nebula lighthouse, but `underlay.isPublic` is not set. Lighthouses must be publicly reachable."; message = "`${netCfg.hostName}` is a Nebula lighthouse, but `underlay.isPublic` is not set. Lighthouses must be publicly reachable.";
}; };
custom.networking.overlay = {
networkCidr = "10.254.250.0/24";
domain = "splitleaf.de";
interface = "nebula";
systemdUnit = "nebula@mesh.service";
};
sops.secrets."nebula/host-key" = lib.mkIf (cfg.privateKeyPath == null) { sops.secrets."nebula/host-key" = lib.mkIf (cfg.privateKeyPath == null) {
owner = config.users.users.nebula-mesh.name; owner = config.users.users.nebula-mesh.name;
restartUnits = [ "nebula@mesh.service" ]; restartUnits = [ "nebula@mesh.service" ];

4
scripts/install-anywhere.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
pkgs.writeShellApplication { {
name = "install-anywhere";
runtimeInputs = [ runtimeInputs = [
pkgs.sops pkgs.sops
pkgs.ssh-to-age pkgs.ssh-to-age

4
scripts/nebula/recert-all-hosts.nix
View file

@ -1,7 +1,5 @@
{ self', pkgs, ... }: { self', pkgs, ... }:
pkgs.writeShellApplication { {
name = "nebula-recert-all-hosts";
runtimeInputs = [ runtimeInputs = [
pkgs.bitwarden-cli pkgs.bitwarden-cli
pkgs.jq pkgs.jq

4
scripts/nebula/recert-host.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
pkgs.writeShellApplication { {
name = "nebula-recert-host";
runtimeInputs = [ runtimeInputs = [
pkgs.nebula pkgs.nebula
pkgs.bitwarden-cli pkgs.bitwarden-cli