From 8f8b8a71e841635f030db0479543a9541bca7ca1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 19 Sep 2023 17:40:36 +0200 Subject: [PATCH 1/4] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'clan-core': 'git+https://git.clan.lol/clan/clan-core?ref=Mic92-deploy-fix&rev=8bc1c05f5f8e9e000c1cca7571c4485edc115628' (2023-09-19) → 'git+https://git.clan.lol/clan/clan-core?ref=Mic92-deploy-fix&rev=3cb916d50f0bcb221b96520ce1a9e48516b392c1' (2023-09-19) flake.lock: Update Flake lock file updates: • Updated input 'clan-core': 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=218451e79ff52c710012c1b2de29cce688436274' (2023-09-19) → 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=8680cbaf4edded9fc8e2f332a3ab05fec60f84fa' (2023-09-19) flake.lock: Update Flake lock file updates: • Updated input 'clan-core': 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=8680cbaf4edded9fc8e2f332a3ab05fec60f84fa' (2023-09-19) → 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=3b5f532fe4a5abf7993b48ba00ef1a65682f7fe9' (2023-09-19) flake.lock: Update Flake lock file updates: • Updated input 'clan-core': 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=3b5f532fe4a5abf7993b48ba00ef1a65682f7fe9' (2023-09-19) → 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=e51f3b6a148c6cc20695463a681391ade5ccc2ca' (2023-09-19) flake.lock: Update Flake lock file updates: • Updated input 'clan-core': 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=e51f3b6a148c6cc20695463a681391ade5ccc2ca' (2023-09-19) → 'git+https://git.clan.lol/clan/clan-core?ref=lassulus-HEAD&rev=359f776e6d9ebfe69e97a67aaf9c3cf9315a675d' (2023-09-19) update flakes --- flake.lock | 45 +++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index dbfb942..92defbb 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ ] }, "locked": { - "lastModified": 1695126263, - "narHash": "sha256-dnBg7BcynR/Wf2cEfWe9FkAcnAUFGKfYw1qpgeeSgKU=", + "lastModified": 1695911872, + "narHash": "sha256-rOP/0oFGYCJTQK5+xrG0ycst3epiZ6YRgSKJsBZjI0I=", "ref": "refs/heads/main", - "rev": "175119b72cfa37e252ea862379fe4521266277c5", - "revCount": 703, + "rev": "6fafae56b65800e1e0406319a5389a198b4f0308", + "revCount": 890, "type": "git", "url": "https://git.clan.lol/clan/clan-core" }, @@ -40,15 +40,16 @@ ] }, "locked": { - "lastModified": 1694925805, - "narHash": "sha256-UNMivSc89undITtNoy6o6bf3Dck4v75rzGiMEXAPEB0=", + "lastModified": 1695379860, + "narHash": "sha256-ADsWLw33T/6APAoEfwPVkhuUHbH/BW/Jz5cgTgijsIs=", "owner": "nix-community", "repo": "disko", - "rev": "9ab96378f8cf602d5f3ce5a32f2c339509288d8e", + "rev": "26cf7576b85fd0b4070d8bd84475021e01d63814", "type": "github" }, "original": { "owner": "nix-community", + "ref": "party", "repo": "disko", "type": "github" } @@ -60,11 +61,11 @@ ] }, "locked": { - "lastModified": 1695039393, - "narHash": "sha256-HXvRPTSfQ/fCqxYGvWOc1duSBdXcQlrYvyno8YZbyHI=", + "lastModified": 1695864092, + "narHash": "sha256-Hu1SkFPqO7ND95AOzBkZE2jGXSYhfZ965C03O72Kbu8=", "owner": "nix-community", "repo": "disko", - "rev": "9f29cedac79d0acf07b6341f9112f46dec3abb8f", + "rev": "19b62324663b6b9859caf7f335d232cf4f1f6a32", "type": "github" }, "original": { @@ -153,11 +154,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1694948089, - "narHash": "sha256-d2B282GmQ9o8klc22/Rbbbj6r99EnELQpOQjWMyv0rU=", + "lastModified": 1695806987, + "narHash": "sha256-fX5kGs66NZIxCMcpAGIpxuftajHL8Hil1vjHmjjl118=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5148520bfab61f99fd25fb9ff7bfbb50dad3c9db", + "rev": "f3dab3509afca932f3f4fd0908957709bb1c1f57", "type": "github" }, "original": { @@ -186,11 +187,11 @@ "nixpkgs-stable": [] }, "locked": { - "lastModified": 1695101768, - "narHash": "sha256-1/j5/348l2+yxQUfkJCUpA6cDefS3H7V94kawk9uuRc=", + "lastModified": 1695284550, + "narHash": "sha256-z9fz/wz9qo9XePEvdduf+sBNeoI9QG8NJKl5ssA8Xl4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "4356a5a0c12c9dc1b6bdde0631c7600d9377ed8b", + "rev": "2f375ed8702b0d8ee2430885059d5e7975e38f78", "type": "github" }, "original": { @@ -206,11 +207,11 @@ ] }, "locked": { - "lastModified": 1695000198, - "narHash": "sha256-9YlISJiL6/51ED67+N5ZB7xDgHD+trZUBqP7XERR0y4=", + "lastModified": 1695864227, + "narHash": "sha256-X3ADr3UE0Cws7yRLnMyo6VbBWrbkT8KMrds8TK6IYXw=", "owner": "numtide", "repo": "srvos", - "rev": "879201cbec8ea11e6d654b7ec91f35f061d07b47", + "rev": "25cf328a2d83926dde264b6195d82bc6dcfb4b0c", "type": "github" }, "original": { @@ -226,11 +227,11 @@ ] }, "locked": { - "lastModified": 1694528738, - "narHash": "sha256-aWMEjib5oTqEzF9f3WXffC1cwICo6v/4dYKjwNktV8k=", + "lastModified": 1695822946, + "narHash": "sha256-IQU3fYo0H+oGlqX5YrgZU3VRhbt2Oqe6KmslQKUO4II=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "7a49c388d7a6b63bb551b1ddedfa4efab8f400d8", + "rev": "720bd006d855b08e60664e4683ccddb7a9ff614a", "type": "github" }, "original": { -- 2.45.1 From 33537a6448f0b1060a2c3dbe27fc3837f0ceb7c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 28 Sep 2023 17:02:46 +0200 Subject: [PATCH 2/4] web01: set empty password for sshd --- modules/web01/gitea/actions-runner.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/web01/gitea/actions-runner.nix b/modules/web01/gitea/actions-runner.nix index 6d5f9a5..7ef117d 100644 --- a/modules/web01/gitea/actions-runner.nix +++ b/modules/web01/gitea/actions-runner.nix @@ -30,7 +30,8 @@ in groupid=$(cut -d: -f3 < <(getent group nixuser)) userid=$(cut -d: -f3 < <(getent passwd nixuser)) groupadd --prefix $(pwd) --gid "$groupid" nixuser - useradd --prefix $(pwd) -m -d /tmp -u "$userid" -g "$groupid" -G nixuser nixuser + emptypassword='$6$1ero.LwbisiU.h3D$GGmnmECbPotJoPQ5eoSTD6tTjKnSWZcjHoVTkxFLZP17W9hRi/XkmCiAMOfWruUwy8gMjINrBMNODc7cYEo4K.' + useradd --prefix $(pwd) -p "$emptypassword" -m -d /tmp -u "$userid" -g "$groupid" -G nixuser nixuser cat < etc/nix/nix.conf accept-flake-config = true -- 2.45.1 From 355377c712914cadf549f6fd04f3d63861487dee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 28 Sep 2023 17:03:17 +0200 Subject: [PATCH 3/4] update deployment address --- targets/web01/configuration.nix | 2 +- targets/web01/deploy.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/targets/web01/configuration.nix b/targets/web01/configuration.nix index 34e9115..7368f9f 100644 --- a/targets/web01/configuration.nix +++ b/targets/web01/configuration.nix @@ -7,7 +7,7 @@ networking.hostName = "web01"; systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3080:418b::1"; - clan.networking.deploymentAddress = "clan.lol"; + clan.networking.deploymentAddress = "root@clan.lol"; clan.networking.ipv4.address = "65.21.12.51"; clan.networking.ipv4.gateway = "65.21.12.1"; clan.networking.ipv6.address = config.systemd.network.networks."10-uplink".networkConfig.Address; diff --git a/targets/web01/deploy.sh b/targets/web01/deploy.sh index d9b90da..c6aa588 100755 --- a/targets/web01/deploy.sh +++ b/targets/web01/deploy.sh @@ -3,4 +3,4 @@ set -euo pipefail -clan machines update clan.lol +clan machines update web01 -- 2.45.1 From f9f5b85e862353597030ff4cba0144f3c393133c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 28 Sep 2023 17:09:27 +0200 Subject: [PATCH 4/4] also import clanInternals --- targets/flake-module.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/targets/flake-module.nix b/targets/flake-module.nix index 3352963..0e6f98f 100644 --- a/targets/flake-module.nix +++ b/targets/flake-module.nix @@ -1,6 +1,6 @@ { self, inputs, ... }: { - flake.nixosConfigurations = inputs.clan-core.lib.buildClan { + flake = inputs.clan-core.lib.buildClan { directory = self; # Make flake available in modules specialArgs = { -- 2.45.1