some wip

config/hosts/aspects/servers/rpi5.nix

@@ -7,19 +7,21 @@
 {
   den.aspects.rpi5 = {
     includes = [
-      modules.raspberry-pi
-      modules.services.traefik
+      <modules/raspberry-pi/5>
+      <modules/services/traefik>
     ];
     nixos = {
-      users.users.doloro = {
+      users.users = {
+        doloro = {
           isNormalUser = true;
-        extraGroups = [ "wheel" ];
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
+          extraGroups = [
+            "wheel"
+            "docker"
           ];
           initialPassword = "meowmeowmeow";
         };
+      };
+
       networking.hostName = "nixos-001-rp5";
 
       networking.firewall = {
@@ -32,6 +34,7 @@
         allowedUDPPortRanges = [ ];
       };
 
+      virtualisation.docker.enable = true;
       virtualisation.oci-containers.backend = "docker";
 
       services.openssh.enable = true;

config/hosts/servers.nix

@@ -1,11 +1,26 @@
-{ den, __findFile, ... }:
+{
+  den,
+  __findFile,
+  modules,
+  ...
+}:
 {
   # The single rpi5 i have running on the side of my desk
+  den.aspects.doloro-server = {
+    includes = [ <modules/publicKeys/doloro> ];
+  };
   den.hosts.aarch64-linux.rpi5 = {
+    includes = [ ];
     users.doloro = {
-      includes = [ <modules/user/groups> ];
+      includes = [
+        <modules/user/groups>
+        <modules/publicKeys/doloro>
+      ];
       aspect = "doloro-server";
     };
+    users.root = {
+      includes = [ <modules/publicKeys/doloro> ];
+    };
   };
 
 }

config/modules/publickeys.nix

@@ -0,0 +1,18 @@
+{ modules, ... }:
+{
+  # Applys doloro's public keys to the users openssh
+  modules.publicKeys.provides = {
+    doloro =
+      { user, host, ... }:
+      {
+        nixos = {
+          users.users.${user.userName} = {
+            openssh.authorizedKeys.keys = [
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
+            ];
+          };
+        };
+      };
+  };
+}

config/modules/raspberry-pi.nix

@@ -10,7 +10,8 @@
     raspberry-pi-nix.url = "github:nix-community/raspberry-pi-nix";
   };
   modules.raspberry-pi = {
-    # TODO, make this take an attr set which describes which rpi it is
+    provides = {
+      "5" = {
         nixos =
           { pkgs, ... }:
           let
@@ -35,4 +36,6 @@
             hardware.enableRedistributableFirmware = true;
           };
       };
+    };
+  };
 }

config/modules/services/traefik.nix

@@ -6,11 +6,11 @@
 }:
 {
   # Basic traefik
-  modules.services.traefik = {
-    services.traefik = {
+  modules.services.provides.traefik = {
     nixos =
       { config, ... }:
       {
+        services.traefik = {
           enable = true;
 
           staticConfigOptions = {

config/modules/user/servers/root.nix

@@ -1,16 +0,0 @@
-{ modules, ... }:
-{
-  #	Applys public keys and various root account config
-  modules.servers.rootAcc =
-    { config, user, ... }:
-    {
-      nixos = {
-        users.users.root = {
-          openssh.authorizedKeys.keys = [
-            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
-            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
-          ];
-        };
-      };
-    };
-}