flake-utils.url = "github:numtide/flake-utils";
pkgs-unstable.url = "nixpkgs/nixos-unstable";
sops-nix.url = "github:Mic92/sops-nix";
+ lemmy.url = "git://these.awful.systems/lemmy.git";
+ lemmy-ui.url = "git://these.awful.systems/lemmy-ui.git";
+ sneer-archive-site.url = "git://these.awful.systems/sneer-archive-site.git";
};
- outputs = { self, nixpkgs, flake-utils, sops-nix, ... }@attrs:
+ outputs = { self, nixpkgs, flake-utils, sops-nix, lemmy, lemmy-ui
+ , sneer-archive-site, ... }@attrs:
{
nixosConfigurations = {
these = nixpkgs.lib.nixosSystem {
modules =
[ ./hosts/these/configuration.nix sops-nix.nixosModules.sops ];
};
+ more = nixpkgs.lib.nixosSystem {
+ specialArgs = attrs;
+ modules =
+ [ ./hosts/more/configuration.nix sops-nix.nixosModules.sops ];
+ };
};
} // flake-utils.lib.eachDefaultSystem (system:
let
'';
init-secrets = pkgs.writeShellScriptBin "init-secrets" ''
mkdir -p ~/.config/sops/age
- cp $1 /tmp/init-secrets-key &&
+ cp "$1" /tmp/init-secrets-key &&
${pkgs.openssh}/bin/ssh-keygen -p -N "" -f /tmp/init-secrets-key &&
${pkgs.ssh-to-age}/bin/ssh-to-age -private-key -i /tmp/init-secrets-key > ~/.config/sops/age/keys.txt
rm /tmp/init-secrets-key
echo Your age public key is:
${pkgs.age}/bin/age-keygen -y ~/.config/sops/age/keys.txt
'';
+ rekey-secrets = pkgs.writeShellScriptBin "rekey-secrets" ''
+ ${pkgs.sops}/bin/sops updatekeys "$1"
+ '';
in {
devShells.default = pkgs.mkShell {
buildInputs = [
pkgs.age
(deploy "these" "root@these.awful.systems")
(go "these" "root@these.awful.systems")
+ (deploy "more" "root@more.awful.systems")
+ (go "more" "root@more.awful.systems")
init-secrets
pkgs.bashInteractive
+
+ # cache these packages:
+ lemmy.packages.${system}.lemmy-server
+ lemmy-ui.packages.${system}.lemmy-ui
+ sneer-archive-site.packages.${system}.default
];
};
+ packages.maint-mode = (pkgs.callPackage ./maint-mode/site.nix { });
});
}
projects / awful.systems.git / blobdiff