From fb9d0e3ebd7f5b3edd6746b9f247f16c51dce19d Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Mon, 12 Aug 2024 11:01:16 +0200 Subject: ... --- system-profiles/core/default.nix | 1 + system-profiles/rebuild-machines/default.nix | 12 +++++++----- 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'system-profiles') diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix index c2c821b7..b1898903 100644 --- a/system-profiles/core/default.nix +++ b/system-profiles/core/default.nix @@ -154,6 +154,7 @@ in { documentation.nixos = { includeAllModules = true; options.warningsAreErrors = false; + extraModuleSources = map toString ([flake] ++ attrValues flakeInputs); }; home-manager = { diff --git a/system-profiles/rebuild-machines/default.nix b/system-profiles/rebuild-machines/default.nix index cc01f66b..544f47e1 100644 --- a/system-profiles/rebuild-machines/default.nix +++ b/system-profiles/rebuild-machines/default.nix @@ -15,7 +15,7 @@ let ''; knownHostsFile = pkgs.writeText "known_hosts" (concatMapStringsSep "\n" (kPath: cfg.repoHost + " " + readFile kPath) (attrValues cfg.repoPubkeys)); - + rebuildScript = pkgs.stdenv.mkDerivation { name = "rebuild-${hostName}"; @@ -52,7 +52,7 @@ in { Name of the script wrapping nixos-rebuild ''; }; - + flake = mkOption { type = types.submodule { options = { @@ -79,7 +79,7 @@ in { type = types.str; default = "git.yggdrasil.li"; }; - + repoUser = mkOption { type = types.str; default = "gitolite"; @@ -88,11 +88,13 @@ in { repoPubkeys = mkOption { type = types.attrsOf types.path; default = genAttrs ["rsa" "ed25519"] (kType: ./ssh-pub + "/${cfg.repoHost}-${kType}.pub"); + defaultText = literalExpression ''genAttrs ["rsa" "ed25519"] (kType: ./ssh-pub + "/''${cfg.repoHost}-''${kType}.pub")''; }; repoPrivkey = mkOption { type = types.path; default = ./ssh + "/${hostName}/private"; + defaultText = literalExpression ''./ssh + "/''${hostName}/private"''; }; sopsName = mkOption { @@ -115,14 +117,14 @@ in { }; }; }; - + config = { assertions = [ { assertion = isNull cfg.sopsConfig || (!(isNull cfg.sopsName)); message = "If option sopsConfig is not null option sopsName may not be null"; } ]; - + sops.secrets = mkIf (!(isNull cfg.sopsConfig)) { "${cfg.sopsName}" = { sopsFile = cfg.repoPrivkey; -- cgit v1.2.3