kiri/lux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: centralize host and user metadata

Browse Source
This commit is contained in:
Jelle Spreeuwenberg
2026-04-21 12:12:43 +02:00
parent 5cfd4d01c8
commit 6332c96d3e
33 changed files with 805 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/hosts/orion/default.nix
+26 -47
View File
@@ -1,45 +1,12 @@
{
inputs,
config,
...
}:
{ config, ... }:
let
nixosModules = config.flake.modules.nixos;
metaLib = config.meta.lib;
in
{
flake.modules.nixos.orion =
flake.modules.nixos."orion-admin" =
{ pkgs, ... }:
{
_module.args.hostType = "server";
imports = [
inputs.home-manager.nixosModules.home-manager
nixosModules.sopsHost
nixosModules.caddy
nixosModules.openssh
nixosModules.vaultwarden
nixosModules.radicale
nixosModules.actual
nixosModules.gitea
nixosModules.kiri
./_hardware.nix
./_disk.nix
];
system.stateVersion = "24.05";
home-manager = {
useGlobalPkgs = true;
backupFileExtension = "bak";
extraSpecialArgs = { inherit inputs; };
};
networking.hostName = "orion";
security.sudo.extraConfig = ''
Defaults env_keep+=SSH_AUTH_SOCK
'';
users.users.kiri = {
linger = true;
openssh.authorizedKeys.keys = [
@@ -50,16 +17,28 @@ in
environment.systemPackages = [
pkgs.kitty
];
networking = {
firewall.enable = true;
firewall.allowPing = false;
nftables.enable = true;
};
security.pam = {
sshAgentAuth.enable = true;
services.sudo.sshAgentAuth = true;
};
};
flake.modules.nixos.orion = metaLib.mkHost {
name = "orion";
kind = "server";
users = {
inherit (metaLib.users) kiri;
};
imports = [
nixosModules."server-base"
nixosModules.caddy
nixosModules."server-firewall"
nixosModules."ssh-agent-auth"
nixosModules."orion-admin"
nixosModules.vaultwarden
nixosModules.radicale
nixosModules.actual
nixosModules.gitea
nixosModules."user-kiri"
./_hardware.nix
./_disk.nix
];
};
}