diff --git a/flake.lock b/flake.lock index b0588b1..e3f14c9 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ ] }, "locked": { - "lastModified": 1692795513, - "narHash": "sha256-0W1GmoRI8Q0YKvhfuz9885YGuDkbzzzKLWfbdlcnMMw=", + "lastModified": 1693407072, + "narHash": "sha256-CU16jbHiWZQgnUA/gEWKu/wmlVhQHUjLOJUj3HcrAKU=", "ref": "refs/heads/main", - "rev": "a642ecfda5e3472af521bfd6f4f466201f4f3ccb", - "revCount": 378, + "rev": "e73299a3065e778cf5488b7e9a08c01634ca83b8", + "revCount": 528, "type": "git", "url": "https://git.clan.lol/clan/clan-core" }, @@ -60,11 +60,11 @@ ] }, "locked": { - "lastModified": 1692199161, - "narHash": "sha256-GqKApvQ1JCf5DzH/Q+P4nwuHb6MaQGaWTu41lYzveF4=", + "lastModified": 1693189188, + "narHash": "sha256-o6otfsB/ecudboYFwiCeL49BX3/8vRC/XUZTgkaDx54=", "owner": "nix-community", "repo": "disko", - "rev": "4eed2457b053c4bbad7d90d2b3a1d539c2c9009c", + "rev": "00169fe4a6015a88c3799f0bf89689e06a4d4896", "type": "github" }, "original": { @@ -153,11 +153,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1692684269, - "narHash": "sha256-zJk2pyF4Cuhtor0khtPlf+hfJIh22rzAUC+KU3Ob31Q=", + "lastModified": 1693355128, + "narHash": "sha256-+ZoAny3ZxLcfMaUoLVgL9Ywb/57wP+EtsdNGuXUJrwg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9d757ec498666cc1dcc6f2be26db4fd3e1e9ab37", + "rev": "a63a64b593dcf2fe05f7c5d666eb395950f36bc9", "type": "github" }, "original": { @@ -186,11 +186,11 @@ "nixpkgs-stable": [] }, "locked": { - "lastModified": 1692728678, - "narHash": "sha256-02MjG7Sb9k7eOi86CcC4GNWVOjT6gjmXFSqkRjZ8Xyk=", + "lastModified": 1693404499, + "narHash": "sha256-cx/7yvM/AP+o/3wPJmA9W9F+WHemJk5t+Xcr+Qwkqhg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "1b7b3a32d65dbcd69c217d7735fdf0a6b2184f45", + "rev": "d9c5dc41c4b1f74c77f0dbffd0f3a4ebde447b7a", "type": "github" }, "original": { @@ -206,11 +206,11 @@ ] }, "locked": { - "lastModified": 1692792425, - "narHash": "sha256-l8mloOMPXPAqVoz0EajpWvZ7XD8jSV1/yQIeNNc3SM8=", + "lastModified": 1692865882, + "narHash": "sha256-IBj5AnUi6m9OMgJQyhl96Ugh5QNnz5ycgV98ODv8Kvs=", "owner": "numtide", "repo": "srvos", - "rev": "46145a1cc93d00ced71c903ec3f9d492af857e2e", + "rev": "02555108126833bc35ef85bccc1dad469f8bf5dc", "type": "github" }, "original": { @@ -226,11 +226,11 @@ ] }, "locked": { - "lastModified": 1692792358, - "narHash": "sha256-yqKPLUvl9lFTy43+GvVRwT39k1qu7Yd0HNktZjRbUP4=", + "lastModified": 1693247164, + "narHash": "sha256-M6qZo8H8fBFnipCy6q6RlpSXF3sDvfTEtyFwdAP7juM=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "b070c28bf9d7d3ef93084aa47c01b4b6c16cdce4", + "rev": "6befd3b6b8544952e0261f054cf16769294bacba", "type": "github" }, "original": { diff --git a/modules/flake-module.nix b/modules/flake-module.nix index 08af161..21f11ea 100644 --- a/modules/flake-module.nix +++ b/modules/flake-module.nix @@ -5,7 +5,12 @@ inputs.srvos.nixosModules.mixins-telegraf # FIXME: switch to VPN later { networking.firewall.allowedTCPPorts = [ 9273 ]; } - inputs.clan-core.nixosModules.secrets + + inputs.clan-core.nixosModules.clanCore + { # TODO: use buildClan + clanCore.clanDir = toString ./..; + clanCore.machineName = "web01"; + } ]; hcloud.imports = [ diff --git a/modules/web01/default.nix b/modules/web01/default.nix index 3436cad..09ccfae 100644 --- a/modules/web01/default.nix +++ b/modules/web01/default.nix @@ -13,5 +13,4 @@ ]; services.cloud-init.xfs.enable = true; - clan.sops.sopsDirectory = ../../sops; } diff --git a/targets/web01/configuration.nix b/targets/web01/configuration.nix index b2d9bc8..6366879 100644 --- a/targets/web01/configuration.nix +++ b/targets/web01/configuration.nix @@ -9,7 +9,6 @@ in ]; networking.hostName = "web01"; systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3080:282a::1"; - sops.defaultSopsFile = ./secrets.yaml; users.users.root.openssh.authorizedKeys.keys = builtins.attrValues admins; clan.networking.ipv4.address = "65.109.103.5"; diff --git a/targets/web01/deploy.sh b/targets/web01/deploy.sh index 2066ccf..d9b90da 100755 --- a/targets/web01/deploy.sh +++ b/targets/web01/deploy.sh @@ -3,4 +3,4 @@ set -euo pipefail -clan update clan.lol +clan machines update clan.lol