some wip

2026-02-08 23:23:18 +00:00
parent 0d3c5c559f
commit 1b80778422
6 changed files with 77 additions and 54 deletions
--- a/config/hosts/aspects/servers/rpi5.nix
+++ b/config/hosts/aspects/servers/rpi5.nix
@@ -7,19 +7,21 @@
 {
  den.aspects.rpi5 = {
    includes = [
-      modules.raspberry-pi
-      modules.services.traefik
+      <modules/raspberry-pi/5>
+      <modules/services/traefik>
    ];
    nixos = {
-      users.users.doloro = {
-        isNormalUser = true;
-        extraGroups = [ "wheel" ];
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
-        ];
-        initialPassword = "meowmeowmeow";
+      users.users = {
+        doloro = {
+          isNormalUser = true;
+          extraGroups = [
+            "wheel"
+            "docker"
+          ];
+          initialPassword = "meowmeowmeow";
+        };
      };
+
      networking.hostName = "nixos-001-rp5";

      networking.firewall = {
@@ -32,6 +34,7 @@
        allowedUDPPortRanges = [ ];
      };

+      virtualisation.docker.enable = true;
      virtualisation.oci-containers.backend = "docker";

      services.openssh.enable = true;
--- a/config/hosts/servers.nix
+++ b/config/hosts/servers.nix
@@ -1,11 +1,26 @@
-{ den, __findFile, ... }:
+{
+  den,
+  __findFile,
+  modules,
+  ...
+}:
 {
  # The single rpi5 i have running on the side of my desk
+  den.aspects.doloro-server = {
+    includes = [ <modules/publicKeys/doloro> ];
+  };
  den.hosts.aarch64-linux.rpi5 = {
+    includes = [ ];
    users.doloro = {
-      includes = [ <modules/user/groups> ];
+      includes = [
+        <modules/user/groups>
+        <modules/publicKeys/doloro>
+      ];
      aspect = "doloro-server";
    };
+    users.root = {
+      includes = [ <modules/publicKeys/doloro> ];
+    };
  };

 }
--- a/config/modules/publickeys.nix
+++ b/config/modules/publickeys.nix
@@ -0,0 +1,18 @@
+{ modules, ... }:
+{
+  # Applys doloro's public keys to the users openssh
+  modules.publicKeys.provides = {
+    doloro =
+      { user, host, ... }:
+      {
+        nixos = {
+          users.users.${user.userName} = {
+            openssh.authorizedKeys.keys = [
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
+            ];
+          };
+        };
+      };
+  };
+}
--- a/config/modules/raspberry-pi.nix
+++ b/config/modules/raspberry-pi.nix
@@ -10,29 +10,32 @@
    raspberry-pi-nix.url = "github:nix-community/raspberry-pi-nix";
  };
  modules.raspberry-pi = {
-    # TODO, make this take an attr set which describes which rpi it is
-    nixos =
-      { pkgs, ... }:
-      let
-        rpi-pi = inputs.raspberry-pi-nix;
-      in
-      {
-        imports = [
-          rpi-pi.nixosModules.raspberry-pi
-          rpi-pi.nixosModules.sd-image
-        ];
+    provides = {
+      "5" = {
+        nixos =
+          { pkgs, ... }:
+          let
+            rpi-pi = inputs.raspberry-pi-nix;
+          in
+          {
+            imports = [
+              rpi-pi.nixosModules.raspberry-pi
+              rpi-pi.nixosModules.sd-image
+            ];

-        environment.systemPackages = with pkgs; [
-          libraspberrypi
-        ];
+            environment.systemPackages = with pkgs; [
+              libraspberrypi
+            ];

-        sdImage.compressImage = false;
-        raspberry-pi-nix.board = "bcm2712"; # Rpi 5 - 64bit
-        # We need to rebuild kernel for 6.12
-        # raspberry-pi-nix.kernel-version = "v6_12_17";
-        raspberry-pi-nix.uboot.enable = false;
+            sdImage.compressImage = false;
+            raspberry-pi-nix.board = "bcm2712"; # Rpi 5 - 64bit
+            # We need to rebuild kernel for 6.12
+            # raspberry-pi-nix.kernel-version = "v6_12_17";
+            raspberry-pi-nix.uboot.enable = false;

-        hardware.enableRedistributableFirmware = true;
+            hardware.enableRedistributableFirmware = true;
+          };
      };
+    };
  };
 }
--- a/config/modules/services/traefik.nix
+++ b/config/modules/services/traefik.nix
@@ -6,11 +6,11 @@
 }:
 {
  # Basic traefik
-  modules.services.traefik = {
-    services.traefik = {
-      nixos =
-        { config, ... }:
-        {
+  modules.services.provides.traefik = {
+    nixos =
+      { config, ... }:
+      {
+        services.traefik = {
          enable = true;

          staticConfigOptions = {
@@ -46,6 +46,6 @@
            api.insecure = true;
          };
        };
-    };
+      };
  };
 }
--- a/config/modules/user/servers/root.nix
+++ b/config/modules/user/servers/root.nix
@@ -1,16 +0,0 @@
-{ modules, ... }:
-{
-  #	Applys public keys and various root account config
-  modules.servers.rootAcc =
-    { config, user, ... }:
-    {
-      nixos = {
-        users.users.root = {
-          openssh.authorizedKeys.keys = [
-            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
-            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
-          ];
-        };
-      };
-    };
-}