From fa2585aa3ba4fd3a7acbcd22650f67d7c57bfd13 Mon Sep 17 00:00:00 2001 From: notohh Date: Wed, 26 Apr 2023 17:34:08 -0400 Subject: [PATCH] feat: init deploy-rs and sops --- flake.lock | 126 ++++++++++++++++++++++++++++++++++++++++- flake.nix | 5 ++ hosts/deploy.nix | 13 +++++ hosts/hime/default.nix | 3 - sops.yaml | 0 5 files changed, 141 insertions(+), 6 deletions(-) create mode 100644 hosts/deploy.nix create mode 100644 sops.yaml diff --git a/flake.lock b/flake.lock index 6c63e4e..dfcd3a6 100755 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,41 @@ { "nodes": { + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1682063650, + "narHash": "sha256-VaDHh2z6xlnTHaONlNVHP7qEMcK5rZ8Js3sT6mKb2XY=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "c2ea4e642dc50fd44b537e9860ec95867af30d39", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -23,7 +59,7 @@ "hyprland": { "inputs": { "hyprland-protocols": "hyprland-protocols", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "wlroots": "wlroots", "xdph": "xdph" }, @@ -63,6 +99,38 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1671417167, + "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1682173319, + "narHash": "sha256-tPhOpJJ+wrWIusvGgIB2+x6ILfDkEgQMX0BTtM5vd/4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ee7ec1c71adc47d2e3c2d5eb0d6b8fbbd42a8d1c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1681920287, "narHash": "sha256-+/d6XQQfhhXVfqfLROJoqj3TuG38CAeoT6jO1g9r1k0=", @@ -78,7 +146,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_3": { "locked": { "lastModified": 1682181988, "narHash": "sha256-CYWhlNi16cjGzMby9h57gpYE59quBcsHPXiFgX4Sw5k=", @@ -94,11 +162,63 @@ "type": "github" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1682109806, + "narHash": "sha256-d9g7RKNShMLboTWwukM+RObDWWpHKaqTYXB48clBWXI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2362848adf8def2866fabbffc50462e929d7fffb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { + "deploy-rs": "deploy-rs", "home-manager": "home-manager", "hyprland": "hyprland", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_4", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1682539132, + "narHash": "sha256-djX/Vp1snR1XHyk400HKCfwWVoLBE8uiQalTXMH7Kj0=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "4a330ead6a990365c9bb48f30523ac048fb6d8ae", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" } }, "wlroots": { diff --git a/flake.nix b/flake.nix index a9b04bc..a3f5c3f 100755 --- a/flake.nix +++ b/flake.nix @@ -12,12 +12,15 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + deploy-rs.url = "github:serokell/deploy-rs"; + sops-nix.url = "github:Mic92/sops-nix"; }; outputs = { self, nixpkgs, home-manager, hyprland, + sops-nix, ... } @ inputs: let system = "x86_64-linux"; @@ -32,8 +35,10 @@ nil alejandra git + deploy-rs ]; }; + deploy = import ./hosts/deploy.nix inputs; formatter.${system} = pkgs.alejandra; nixosConfigurations = { tsuki = lib.nixosSystem { diff --git a/hosts/deploy.nix b/hosts/deploy.nix new file mode 100644 index 0000000..7a5260c --- /dev/null +++ b/hosts/deploy.nix @@ -0,0 +1,13 @@ +inputs: { + nodes = with inputs.deploy-rs.lib.x86_64-linux; { + hime = { + hostname = "hime"; + profiles.system = { + user = "root"; + path = activate.nixos inputs.self.nixosConfigurations.hime; + }; + sshOpts = ["-i" "/etc/ssh/ssh_host_ed25519_key"]; + sshUser = "root"; + }; + }; + } \ No newline at end of file diff --git a/hosts/hime/default.nix b/hosts/hime/default.nix index 7087a2f..069ff86 100644 --- a/hosts/hime/default.nix +++ b/hosts/hime/default.nix @@ -24,9 +24,6 @@ services.openssh = { enable = true; - settings = { - PasswordAuthentication = true; - }; }; virtualisation.docker.enable = true; diff --git a/sops.yaml b/sops.yaml new file mode 100644 index 0000000..e69de29