2 description = "The deployment flake for the awful.systems cluster";
5 nixpkgs.url = "nixpkgs/nixos-23.05";
6 flake-utils.url = "github:numtide/flake-utils";
7 pkgs-unstable.url = "nixpkgs/nixos-unstable";
8 sops-nix.url = "github:Mic92/sops-nix";
11 outputs = { self, nixpkgs, flake-utils, sops-nix, ... }@attrs:
13 nixosConfigurations = {
14 these = nixpkgs.lib.nixosSystem {
17 [ ./hosts/these/configuration.nix sops-nix.nixosModules.sops ];
20 } // flake-utils.lib.eachDefaultSystem (system:
22 pkgs = nixpkgs.legacyPackages.${system};
23 deploy = name: target:
24 pkgs.writeShellScriptBin "deploy-${name}" ''
25 nixos-rebuild switch --fast --flake .#${name} \
26 --target-host ${target} \
30 pkgs.writeShellScriptBin "go-${name}" ''
33 init-secrets = pkgs.writeShellScriptBin "init-secrets" ''
34 mkdir -p ~/.config/sops/age
35 cp $1 /tmp/init-secrets-key &&
36 ${pkgs.openssh}/bin/ssh-keygen -p -N "" -f /tmp/init-secrets-key &&
37 ${pkgs.ssh-to-age}/bin/ssh-to-age -private-key -i /tmp/init-secrets-key > ~/.config/sops/age/keys.txt
38 rm /tmp/init-secrets-key
39 echo Your age public key is:
40 ${pkgs.age}/bin/age-keygen -y ~/.config/sops/age/keys.txt
43 devShells.default = pkgs.mkShell {
48 (deploy "these" "root@these.awful.systems")
49 (go "these" "root@these.awful.systems")