summaryrefslogtreecommitdiff
path: root/system-profiles
diff options
context:
space:
mode:
Diffstat (limited to 'system-profiles')
-rw-r--r--system-profiles/core/default.nix1
-rw-r--r--system-profiles/rebuild-machines/default.nix12
2 files changed, 8 insertions, 5 deletions
diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix
index c2c821b7..b1898903 100644
--- a/system-profiles/core/default.nix
+++ b/system-profiles/core/default.nix
@@ -154,6 +154,7 @@ in {
154 documentation.nixos = { 154 documentation.nixos = {
155 includeAllModules = true; 155 includeAllModules = true;
156 options.warningsAreErrors = false; 156 options.warningsAreErrors = false;
157 extraModuleSources = map toString ([flake] ++ attrValues flakeInputs);
157 }; 158 };
158 159
159 home-manager = { 160 home-manager = {
diff --git a/system-profiles/rebuild-machines/default.nix b/system-profiles/rebuild-machines/default.nix
index cc01f66b..544f47e1 100644
--- a/system-profiles/rebuild-machines/default.nix
+++ b/system-profiles/rebuild-machines/default.nix
@@ -15,7 +15,7 @@ let
15 ''; 15 '';
16 16
17 knownHostsFile = pkgs.writeText "known_hosts" (concatMapStringsSep "\n" (kPath: cfg.repoHost + " " + readFile kPath) (attrValues cfg.repoPubkeys)); 17 knownHostsFile = pkgs.writeText "known_hosts" (concatMapStringsSep "\n" (kPath: cfg.repoHost + " " + readFile kPath) (attrValues cfg.repoPubkeys));
18 18
19 rebuildScript = pkgs.stdenv.mkDerivation { 19 rebuildScript = pkgs.stdenv.mkDerivation {
20 name = "rebuild-${hostName}"; 20 name = "rebuild-${hostName}";
21 21
@@ -52,7 +52,7 @@ in {
52 Name of the script wrapping <literal>nixos-rebuild</literal> 52 Name of the script wrapping <literal>nixos-rebuild</literal>
53 ''; 53 '';
54 }; 54 };
55 55
56 flake = mkOption { 56 flake = mkOption {
57 type = types.submodule { 57 type = types.submodule {
58 options = { 58 options = {
@@ -79,7 +79,7 @@ in {
79 type = types.str; 79 type = types.str;
80 default = "git.yggdrasil.li"; 80 default = "git.yggdrasil.li";
81 }; 81 };
82 82
83 repoUser = mkOption { 83 repoUser = mkOption {
84 type = types.str; 84 type = types.str;
85 default = "gitolite"; 85 default = "gitolite";
@@ -88,11 +88,13 @@ in {
88 repoPubkeys = mkOption { 88 repoPubkeys = mkOption {
89 type = types.attrsOf types.path; 89 type = types.attrsOf types.path;
90 default = genAttrs ["rsa" "ed25519"] (kType: ./ssh-pub + "/${cfg.repoHost}-${kType}.pub"); 90 default = genAttrs ["rsa" "ed25519"] (kType: ./ssh-pub + "/${cfg.repoHost}-${kType}.pub");
91 defaultText = literalExpression ''genAttrs ["rsa" "ed25519"] (kType: ./ssh-pub + "/''${cfg.repoHost}-''${kType}.pub")'';
91 }; 92 };
92 93
93 repoPrivkey = mkOption { 94 repoPrivkey = mkOption {
94 type = types.path; 95 type = types.path;
95 default = ./ssh + "/${hostName}/private"; 96 default = ./ssh + "/${hostName}/private";
97 defaultText = literalExpression ''./ssh + "/''${hostName}/private"'';
96 }; 98 };
97 99
98 sopsName = mkOption { 100 sopsName = mkOption {
@@ -115,14 +117,14 @@ in {
115 }; 117 };
116 }; 118 };
117 }; 119 };
118 120
119 config = { 121 config = {
120 assertions = [ 122 assertions = [
121 { assertion = isNull cfg.sopsConfig || (!(isNull cfg.sopsName)); 123 { assertion = isNull cfg.sopsConfig || (!(isNull cfg.sopsName));
122 message = "If option sopsConfig is not null option sopsName may not be null"; 124 message = "If option sopsConfig is not null option sopsName may not be null";
123 } 125 }
124 ]; 126 ];
125 127
126 sops.secrets = mkIf (!(isNull cfg.sopsConfig)) { 128 sops.secrets = mkIf (!(isNull cfg.sopsConfig)) {
127 "${cfg.sopsName}" = { 129 "${cfg.sopsName}" = {
128 sopsFile = cfg.repoPrivkey; 130 sopsFile = cfg.repoPrivkey;
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-24 13:59:14 +0000