refactor nixos defaults into module

c81b4341 · fpletz · 0dcef1c8 · c81b4341 · c81b4341
Unverified Commit c81b4341 authored Feb 25, 2022 by fpletz 🚧
--- a/flake.nix
+++ b/flake.nix
@@ -4,10 +4,14 @@
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/master";
    utils.url = "github:numtide/flake-utils";
-    muccc-api.url = "git+https://gitlab.muc.ccc.de/muCCC/api";
-    muccc-api.inputs.nixpkgs.follows = "nixpkgs";
-    home-manager.url = "github:nix-community/home-manager";
-    home-manager.inputs.nixpkgs.follows = "nixpkgs";
+    muccc-api = {
+      url = "git+https://gitlab.muc.ccc.de/muCCC/api";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    home-manager = {
+      url = "github:nix-community/home-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
    nixos-generators = {
      url = "github:nix-community/nixos-generators";
      inputs.nixpkgs.follows = "nixpkgs";
@@ -32,64 +36,14 @@
    colmena = {
      meta = {
        nixpkgs = import nixpkgs { };
-      };
-
-      defaults = { name, pkgs, lib, ... }: {
-        deployment.targetHost = lib.mkDefault "${name}.muc.ccc.de";
-        networking.hostName = lib.mkDefault name;
-        time.timeZone = "UTC";
-        boot.kernelPackages = lib.mkOptionDefault pkgs.linuxPackages_latest;
-        boot.tmpOnTmpfs = true;
-        documentation.nixos.enable = false;
-
-        environment.systemPackages = with pkgs; [
-          wget curl htop iftop tmux tcpdump rsync git
-          alacritty.terminfo
-        ];
-        programs.bash.enableCompletion = true;
-        programs.vim.defaultEditor = true;
-        programs.zsh.enable = true;
-        programs.mtr.enable = true;
-
-        services.journald.extraConfig = ''
-          SystemMaxUse=200M
-          MaxRetentionSec=5d
-        '';
-
-        services.openssh.enable = true;
-        services.fail2ban.enable = true;
-        services.nginx = {
-          package = pkgs.nginxMainline;
-          recommendedOptimisation = true;
-          recommendedTlsSettings = true;
-          recommendedGzipSettings = true;
-          recommendedProxySettings = true;
-          appendHttpConfig = ''
-            access_log syslog:server=unix:/dev/log;
-          '';
-          appendConfig = ''
-            error_log stderr info;
-          '';
+        specialArgs.flakes = {
+          inherit self nixpkgs muccc-api home-manager;
        };
-
-        zramSwap.enable = true;
-        nixpkgs.system = lib.mkDefault "x86_64-linux";
-        nixpkgs.overlays = [ muccc-api.overlay ];
-
-        # include git rev of this repo/flake into the nixos-version
-        system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
-        system.nixos.revision = nixpkgs.rev;
-        system.nixos.versionSuffix = "-${lib.substring 0 8 nixpkgs.rev}";
-        # set nixpkgs on the target to the nixpkgs version of the deployment
-        nix.registry.nixpkgs.flake = nixpkgs;
-        nix.nixPath = lib.mkForce [ "nixpkgs=${nixpkgs}" "nixos-config=/dontuse" ];
-
-        security.acme.email = "fpletz@muc.ccc.de";
-        security.acme.acceptTerms = true;
      };

      briafzentrum = { name, nodes, pkgs, ... }: {
        imports = [
+          ./modules/default.nix
          "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
          ./briafzentrum.nix
        ];
@@ -98,16 +52,17 @@
      nixbus = { name, nodes, pkgs, ... }: {
        deployment.targetHost = "${name}.club.muc.ccc.de";
        imports = [
+          ./modules/default.nix
          "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
          ./nixbus.nix
        ];
      };

      loungepi = { name, nodes, pkgs, ... }: {
-        deployment.targetHost = "83.133.179.137";
        deployment.allowLocalDeployment = true;
        nixpkgs.system = "aarch64-linux";
        imports = [
+          ./modules/default.nix
          home-manager.nixosModules.home-manager
          ./loungepi.nix
        ];

--- a/modules/default.nix
+++ b/modules/default.nix
+{ name, pkgs, lib, flakes, ... }:
+
+{
+  deployment.targetHost = lib.mkDefault "${name}.muc.ccc.de";
+  networking.hostName = lib.mkDefault name;
+
+  time.timeZone = "UTC";
+
+  boot.kernelPackages = lib.mkOverride 1001 pkgs.linuxPackages_latest; # between mkOptionDefault and mkDefault (on in rpi flake)
+  boot.tmpOnTmpfs = true;
+  zramSwap.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    wget curl htop iftop tmux tcpdump rsync git
+    alacritty.terminfo
+  ];
+  programs.bash.enableCompletion = true;
+  programs.vim.defaultEditor = true;
+  programs.zsh.enable = true;
+  programs.mtr.enable = true;
+
+  services.journald.extraConfig = ''
+    SystemMaxUse=200M
+    MaxRetentionSec=5d
+  '';
+
+  services.openssh.enable = true;
+  services.fail2ban.enable = true;
+
+  services.nginx = {
+    package = pkgs.nginxMainline;
+    recommendedOptimisation = true;
+    recommendedTlsSettings = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+    appendHttpConfig = ''
+    access_log syslog:server=unix:/dev/log;
+    '';
+    appendConfig = ''
+    error_log stderr info;
+    '';
+  };
+
+  nixpkgs.system = lib.mkDefault "x86_64-linux";
+  nixpkgs.overlays = [ flakes.muccc-api.overlay ];
+
+  # include git rev of this repo/flake into the nixos-version
+  system.configurationRevision = flakes.nixpkgs.lib.mkIf (flakes.self ? rev) flakes.self.rev;
+  system.nixos.revision = flakes.nixpkgs.rev;
+  system.nixos.versionSuffix = "-${lib.substring 0 8 flakes.nixpkgs.rev}";
+  # set nixpkgs on the target to the nixpkgs version of the deployment
+  nix.registry.nixpkgs.flake = flakes.nixpkgs;
+  nix.nixPath = lib.mkForce [ "nixpkgs=${flakes.nixpkgs}" "nixos-config=/dontuse" ];
+
+  security.acme.email = "fpletz@muc.ccc.de";
+  security.acme.acceptTerms = true;
+}