blob: 4c31b3794f05bf3f226e945e9870cd6f37a80998 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
{
description = "My NixOS configurations";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-20.09";
inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
inputs.flake-utils.url = "github:numtide/flake-utils";
inputs.home-manager = {
url = "github:nix-community/home-manager/release-20.09";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, flake-utils, home-manager }: {
nixosModules = {
default = { ... }: {
imports = [
home-manager.nixosModules.home-manager
(import ./configuration.nix inputs)
];
};
test = { config, ... }: {
imports = [ self.nixosModules.default ];
home-manager.users.minijackson.home.stateVersion = "20.09";
home-manager.users.root.home.stateVersion = "20.09";
users.users.minijackson.initialHashedPassword = "";
users.users.root.initialHashedPassword = "";
topology.mainVpn = {
interfaceName = "tinc.testNet";
subnet = "fd1f:340c:c5eb:9b18::/64";
currentNodeIP = "fd1f:340c:c5eb:9b18::1";
};
services.tinc.networks.testNet = { };
# TODO: automate that? {{{
networking.interfaces."tinc.testNet" = {
virtual = true;
virtualType = "tun";
ipv6.addresses = [{
address = config.topology.mainVpn.currentNodeIP;
prefixLength = 64;
}];
};
systemd.services."tinc.testNet" = {
after = [ "network-addresses-tinc.testNet.service" ];
requires = [ "network-addresses-tinc.testNet.service" ];
};
# }}}
};
usecases.common = {
backupClient = (import ./usecases/common/backup-client.nix inputs);
};
usecases.desktop = {
default = (import ./usecases/desktop/default.nix inputs);
};
usecases.server = {
default = (import ./usecases/server/default.nix inputs);
fail2ban = (import ./usecases/server/fail2ban.nix inputs);
monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs);
};
profiles = {
desktop = (import ./profiles/desktop.nix inputs);
server = (import ./profiles/server.nix inputs);
};
};
nixosConfigurations = {
testDefault = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
self.nixosModules.test
];
};
testDesktop = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
self.nixosModules.test
self.nixosModules.profiles.desktop
({ modulesPath, ... }: {
imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
virtualisation = {
memorySize = 2048;
cores = 3;
};
})
];
};
testServer = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
self.nixosModules.test
self.nixosModules.profiles.server
];
};
};
};
}
|
