diff --git a/flake.lock b/flake.lock index 8664445..e3f14c9 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ ] }, "locked": { - "lastModified": 1693141929, - "narHash": "sha256-MGc26HIv/JGHc060LhcBYyWTBPPnVCDBQRC0Y7bFEWc=", + "lastModified": 1693407072, + "narHash": "sha256-CU16jbHiWZQgnUA/gEWKu/wmlVhQHUjLOJUj3HcrAKU=", "ref": "refs/heads/main", - "rev": "edad9fd62ab2b7167fa1123301270c847f964a10", - "revCount": 472, + "rev": "e73299a3065e778cf5488b7e9a08c01634ca83b8", + "revCount": 528, "type": "git", "url": "https://git.clan.lol/clan/clan-core" }, @@ -60,11 +60,11 @@ ] }, "locked": { - "lastModified": 1692199161, - "narHash": "sha256-GqKApvQ1JCf5DzH/Q+P4nwuHb6MaQGaWTu41lYzveF4=", + "lastModified": 1693189188, + "narHash": "sha256-o6otfsB/ecudboYFwiCeL49BX3/8vRC/XUZTgkaDx54=", "owner": "nix-community", "repo": "disko", - "rev": "4eed2457b053c4bbad7d90d2b3a1d539c2c9009c", + "rev": "00169fe4a6015a88c3799f0bf89689e06a4d4896", "type": "github" }, "original": { @@ -153,11 +153,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1693060755, - "narHash": "sha256-KNsbfqewEziFJEpPR0qvVz4rx0x6QXxw1CcunRhlFdk=", + "lastModified": 1693355128, + "narHash": "sha256-+ZoAny3ZxLcfMaUoLVgL9Ywb/57wP+EtsdNGuXUJrwg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c66ccfa00c643751da2fd9290e096ceaa30493fc", + "rev": "a63a64b593dcf2fe05f7c5d666eb395950f36bc9", "type": "github" }, "original": { @@ -186,11 +186,11 @@ "nixpkgs-stable": [] }, "locked": { - "lastModified": 1693105804, - "narHash": "sha256-nlqNjW7dfucUJQqRGuG08MKPOSME8fLOCx/bd9hiEPs=", + "lastModified": 1693404499, + "narHash": "sha256-cx/7yvM/AP+o/3wPJmA9W9F+WHemJk5t+Xcr+Qwkqhg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "0618c8f0ed5255ad74ee08d1618841ff5af85c86", + "rev": "d9c5dc41c4b1f74c77f0dbffd0f3a4ebde447b7a", "type": "github" }, "original": { @@ -226,11 +226,11 @@ ] }, "locked": { - "lastModified": 1692972530, - "narHash": "sha256-LG+M7TjlLJ1lx2qbD1yaexvue1VAatpVandtHVEN5Lc=", + "lastModified": 1693247164, + "narHash": "sha256-M6qZo8H8fBFnipCy6q6RlpSXF3sDvfTEtyFwdAP7juM=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "843e1e1b01ac7c9e858368fffd1692cbbdbe4a0e", + "rev": "6befd3b6b8544952e0261f054cf16769294bacba", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ab0e4e8..ca68aea 100644 --- a/flake.nix +++ b/flake.nix @@ -46,7 +46,7 @@ ]; perSystem = { treefmt = { - projectRootFile = "flake.nix"; + projectRootFile = ".git/config"; programs.terraform.enable = true; programs.nixpkgs-fmt.enable = true; settings.formatter.nixpkgs-fmt.excludes = [ diff --git a/modules/flake-module.nix b/modules/flake-module.nix index 08af161..283c13d 100644 --- a/modules/flake-module.nix +++ b/modules/flake-module.nix @@ -5,7 +5,13 @@ inputs.srvos.nixosModules.mixins-telegraf # FIXME: switch to VPN later { networking.firewall.allowedTCPPorts = [ 9273 ]; } - inputs.clan-core.nixosModules.secrets + + inputs.clan-core.nixosModules.clanCore + { + # TODO: use buildClan + clanCore.clanDir = "${./..}"; + clanCore.machineName = "web01"; + } ]; hcloud.imports = [ diff --git a/modules/web01/default.nix b/modules/web01/default.nix index 3436cad..09ccfae 100644 --- a/modules/web01/default.nix +++ b/modules/web01/default.nix @@ -13,5 +13,4 @@ ]; services.cloud-init.xfs.enable = true; - clan.sops.sopsDirectory = ../../sops; } diff --git a/targets/web01/configuration.nix b/targets/web01/configuration.nix index b2d9bc8..6366879 100644 --- a/targets/web01/configuration.nix +++ b/targets/web01/configuration.nix @@ -9,7 +9,6 @@ in ]; networking.hostName = "web01"; systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3080:282a::1"; - sops.defaultSopsFile = ./secrets.yaml; users.users.root.openssh.authorizedKeys.keys = builtins.attrValues admins; clan.networking.ipv4.address = "65.109.103.5"; diff --git a/targets/web01/deploy.sh b/targets/web01/deploy.sh index 2066ccf..d9b90da 100755 --- a/targets/web01/deploy.sh +++ b/targets/web01/deploy.sh @@ -3,4 +3,4 @@ set -euo pipefail -clan update clan.lol +clan machines update clan.lol