reorganize

README.md

@@ -7,23 +7,24 @@ Systems
 [frumar](https://en.wikipedia.org/wiki/Frumar)
 --------
 
-Physical server. Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht)
+Physical [server](./roles/server.nix). Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht)
 
-- [git hosting](./roles/gogs.nix)
+- [git hosting](./services/gogs.nix)
-- [public files](./roles/pub.nix)
+- [public files](./services/pub.nix)
 - torrents
-- [quassel](./roles/quassel.nix)
+- [quassel](./services/quassel.nix)
 
 [pennyworth](https://en.wikipedia.org/wiki/Alfred_Pennyworth)
 ----------
 
+[Server](./roles/server.nix).
 VPS (Storage: 80GB, RAM: 1GB, 2 cores)
 
-- [grafana](./roles/graphs.nix)
+- [grafana](./services/graphs.nix)
-- [website](./roles/website.nix)
+- [website](./services/website.nix)
-- [email](./roles/mail.nix)
+- [email](./services/mail.nix)
-- [prosody](./roles/xmpp.nix)
+- [prosody](./services/xmpp.nix)
-- [asterisk](./roles/asterisk.nix)
+- [asterisk](./services/asterisk.nix)
 
 [woodhouse](https://en.wikipedia.org/wiki/List_of_Archer_characters#Recurring_characters)
 -----------
@@ -37,6 +38,7 @@ intel nuc connected to the tv (storage: 64GB ssd, RAM: 4GB)
 [ascanius](https://en.wikipedia.org/wiki/Frumar)
 ----------
 
+[workstation](./roles/workstation.nix).
 hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD)
 
 - includes a power saving script
@@ -44,6 +46,7 @@ hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD)
 [jarvis](https://en.wikipedia.org/wiki/Edwin_Jarvis)
 --------
 
+[workstation](./roles/workstation.nix).
 dell xps 13 (RAM: 16GB, storage: 512GB ssd, 2 cores ht)
 
 - for now, just run powertop --auto-tune after a reboot I guess

conf

@@ -5,7 +5,7 @@ then
 	sudo chgrp nixbld deploy_key
 	chmod 640 deploy_key
 fi
-export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix
+export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix:yori-nix=`pwd`
 case $1 in
 git)
 	export NIX_PATH="nixpkgs=https://github.com/NixOS/nixpkgs/archive/master.tar.gz:nixos-config=`pwd`/logical/$2.nix:$NIX_PATH"

logical/ascanius.nix

@@ -1,16 +1,11 @@
 { config, pkgs, ... }:
 
-let secrets = import <secrets>;
-in
 {
   imports =
-    [ ../physical/hp8570w.nix
+    [ <yori-nix/physical/hp8570w.nix>
-      ../roles/common.nix
+      <yori-nix/roles/workstation.nix>
-      ../roles/workstation.nix
     ];
 
   system.stateVersion = "17.09";
-  # no, not that Ascanius.
-  networking.hostName = secrets.hostnames.ascanius;
 
 }

logical/frumar.nix

@@ -1,16 +1,11 @@
 { config, pkgs, ... }:
-let secrets = import <secrets>;
-in
 {
   imports = [ 
-    ../physical/fractal.nix
+    <yori-nix/physical/fractal.nix>
-    ../roles/common.nix
+    <yori-nix/roles/server.nix>
   ];
 
 
-  networking.hostName = secrets.hostnames.frumar;
-
-  # The NixOS release to be compatible with for stateful data such as databases.
   system.stateVersion = "15.09";
 
   services.nginx.enable = true;

logical/jarvis.nix

@@ -2,16 +2,11 @@
 
 {
   imports =
-    [ # Include the results of the hardware scan.
+    [ <yori-nix/physical/xps9360.nix>
-      ../physical/xps9360.nix
+      <yori-nix/roles/workstation.nix>
-      ../roles/common.nix
-      ../roles/workstation.nix
     ];
 
-  networking.hostName = "jarvis"; # Define your hostname.
 
-
-  # The NixOS release to be compatible with for stateful data such as databases.
   system.stateVersion = "17.09";
   #networking.enableIPv6 = lib.mkOverride 30 true;
 

logical/pennyworth.nix

@@ -4,27 +4,16 @@
 
 { config, pkgs, lib, ... }:
 
-let
-  secrets = import <secrets>;
-  yoricc = import ../packages/yori-cc.nix;
-in
 {
   imports = [
-      ../physical/kassala.nix
+    <yori-nix/physical/kassala.nix>
-      ../roles/common.nix
+    <yori-nix/roles/server.nix>
-      ../modules/muflax-blog.nix
+    ../modules/muflax-blog.nix
   ];
 
-  networking.hostName = secrets.hostnames.pennyworth;
-
-  services.nixosManual.enable = false;
-
-  environment.noXlibs = true;
-
   networking.enableIPv6 = lib.mkOverride 30 true;
 
   system.stateVersion = "16.03";
-  yorick = { cpu = null; };
   
   services.nginx.enable = true;
   services.yorick = {
@@ -32,11 +21,9 @@ in
     mail = {
       enable = true;
       mainUser = "yorick";
-      users = {
+      users.yorick = {
-        yorick = with secrets; {
+        password = (import <yori-nix/secrets.nix>).yorick_mailPassword;
-          password = yorick_mailPassword;
+        domains = ["yori.cc" "yorickvanpelt.nl"];
-          domains = email_domains;
-        };
       };
     };
     xmpp = {

logical/woodhouse.nix

@@ -13,26 +13,21 @@ mkFuseMount = device: opts: {
 };
 in
 {
-  imports =
+  imports = [
-    [ # Include the results of the hardware scan.
+    <yori-nix/physical/nuc.nix>
-      ../physical/nuc.nix
+    <yori-nix/roles/graphical.nix>
-      ../roles/common.nix
+  ];
-      # ../roles/collectd.nix
-      ../roles/graphical.nix
-    ];
 
-  networking.hostName = secrets.hostnames.woodhouse;
-
-  # The NixOS release to be compatible with for stateful data such as databases.
   system.stateVersion = "17.09";
 
+  # fuse mounts
   system.fsPackages = [ pkgs.sshfsFuse ];
 
   fileSystems."/mnt/frumar" = mkFuseMount "yorick@${secrets.hostnames.frumar}:/data/yorick" [];
   fileSystems."/mnt/oxygen" = mkFuseMount "yorick@oxygen.obfusk.ch:" [];
   fileSystems."/mnt/nyamsas" = mkFuseMount "yorick@nyamsas.quezacotl.nl:" ["port=1337"];
 
-
+  # kodi ports
-  networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; # kodi
+  networking.firewall.allowedTCPPorts = [7 8080 9090 9777];
 
 }

physical/default.nix

@@ -1,10 +1,10 @@
 { config, lib, pkgs, ... }:
-let cfg = config.yorick; in
+let cfg = config.hardware.yorick; in
 with lib;
 {
-  options.yorick = {
+  options.hardware.yorick = {
     cpu = mkOption {
-      type = types.nullOr (types.enum ["intel"]);
+      type = types.nullOr (types.enum ["intel" "virtual"]);
     };
     gpu = mkOption {
       type = types.nullOr (types.enum ["intel" "nvidia"]);

physical/fractal.nix

@@ -6,10 +6,11 @@
 {
   imports =
     [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+      <yori-nix/physical>
     ];
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
-  yorick.cpu = "intel";
+  hardware.yorick.cpu = "intel";
 
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;

physical/hp8570w.nix

@@ -3,10 +3,11 @@
 {
   imports = [
     <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    <yori-nix/physical>
     ./hp8570w/powerdown.nix
   ];
 
-  yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; };
+  hardware.yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; };
 
   boot = {
     loader.grub = {

physical/kassala.nix

@@ -3,7 +3,7 @@ let
   ipconf = (import <secrets>).ipconf.${config.networking.hostName};
 in
 {
-  imports = [ ../modules/nixos-in-place.nix ];
+  imports = [ ../modules/nixos-in-place.nix <yori-nix/physical> ];
   "nixos-in-place" = {
     enable = true;
     rootfs = "/dev/disk/by-uuid/7165e542-0995-474c-a228-9592339e0604";
@@ -44,4 +44,5 @@ in
     ip -6 route add default via ${gateway6} || true
   '';
   nix.maxJobs = lib.mkDefault 2;
+  hardware.yorick.cpu = "virtual";
 }

physical/nuc.nix

@@ -6,10 +6,11 @@
 {
   imports =
     [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    <yori-nix/physical>
     ];
 
   boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
-  yorick = { cpu = "intel"; gpu = "intel"; };
+  hardware.yorick = { cpu = "intel"; gpu = "intel"; };
 
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;

physical/xps9360.nix

@@ -2,8 +2,9 @@
 {
   imports = [
     <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    <yori-nix/physical>
   ];
-  yorick = { cpu = "intel"; gpu = "intel"; laptop = true; };
+  hardware.yorick = { cpu = "intel"; gpu = "intel"; laptop = true; };
 
 
   boot = {

roles/default.nix

@@ -2,20 +2,15 @@ let secrets = import <secrets>;
 in
 { config, pkgs, lib, ...}:
 let
-  machine = with lib; head (splitString "." config.networking.hostName);
+  machine = lib.removeSuffix ".nix" (builtins.baseNameOf <nixos-config>);
 in
 {
 	imports = [
-    ../roles/hardware.nix
     ../modules/tor-hidden-service.nix
     ../modules/nginx.nix
-    ../roles/pub.nix
+    <yori-nix/services>
-    ../roles/quassel.nix
-    ../roles/gogs.nix
-    ../roles/mail.nix
-    ../roles/website.nix
-    ../roles/xmpp.nix
   ];
+  networking.hostName = secrets.hostnames.${machine};
 	time.timeZone = "Europe/Amsterdam";
 	users.mutableUsers = false;
 	users.extraUsers.root = {

roles/graphical.nix

@@ -2,6 +2,7 @@ let secrets = import <secrets>;
 in
 { config, lib, pkgs, ... }:
 {
+  imports = [ <yori-nix/roles> ];
   options.yorick.support32bit = with lib;
     mkOption { type = types.bool; default = false; };
   config = {

roles/server.nix

@@ -0,0 +1,8 @@
+{
+  imports = [ <yori-nix/roles> ];
+  
+  services.nixosManual.enable = false;
+
+  environment.noXlibs = true;
+
+}

roles/workstation.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 {
   imports = [
-    ../roles/graphical.nix
+    <yori-nix/roles/graphical.nix>
   ];
   users.extraUsers.yorick.extraGroups = ["input"];
   services.redshift = {

services/default.nix

@@ -0,0 +1,10 @@
+{
+  imports = [
+    ./gogs.nix
+    ./mail.nix
+    ./pub.nix
+    ./quassel.nix
+    ./website.nix
+    ./xmpp.nix
+  ]
+}