aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore1
-rw-r--r--.gitmodules3
-rw-r--r--apps/.keep0
-rw-r--r--configs/.keep0
-rw-r--r--krops.nix55
-rw-r--r--modules/.keep0
-rw-r--r--pkgs/.keep0
-rw-r--r--public/.keep0
-rw-r--r--public/fysiweb-cli.id_rsa.pub1
m---------secrets0
-rw-r--r--systems/.keep0
-rw-r--r--systems/system1/configuration.nix8
-rw-r--r--terraform.nix16
13 files changed, 84 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ceeb05b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/tmp
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..b570d91
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "secrets"]
+ path = secrets
+ url = git@github.com:nomath-org/secrets.git
diff --git a/apps/.keep b/apps/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/apps/.keep
diff --git a/configs/.keep b/configs/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/configs/.keep
diff --git a/krops.nix b/krops.nix
new file mode 100644
index 0000000..2cf401c
--- /dev/null
+++ b/krops.nix
@@ -0,0 +1,55 @@
+let
+ inherit (import <fysiweb>) lib pkgs;
+in
+
+rec {
+ source = system-name: pkgs.krops.lib.evalSource [
+ {
+ fysiweb.file = {
+ path = toString <fysiweb>;
+ filters = [
+ { type = "exclude"; pattern = "/.git"; }
+ ]
+ ++
+ map
+ (pattern: { type = "exclude"; inherit pattern; })
+ (lib.filter
+ (lib.hasPrefix "/")
+ (lib.splitString "\n"
+ (builtins.readFile <fysiweb/.gitignore>)))
+ ;
+ };
+ overlay.file = {
+ path = toString ./.;
+ filters = [
+ { type = "exclude"; pattern = "/.git"; }
+ ]
+ ++
+ map
+ (pattern: { type = "exclude"; inherit pattern; })
+ (lib.filter
+ (lib.hasPrefix "/")
+ (lib.splitString "\n"
+ (builtins.readFile ./.gitignore)))
+ ;
+ };
+ nixos-config.symlink = "overlay/systems/${system-name}/configuration.nix";
+ nixpkgs.git = {
+ url = "https://github.com/NixOS/nixpkgs";
+ ref = (lib.importJSON <fysiweb/nixpkgs.json>).rev;
+ shallow = true;
+ };
+ system-secrets =
+ let
+ path = ./secrets/per-system + "/${system-name}";
+ in
+ if builtins.pathExists path then
+ {
+ pass.dir = toString path;
+ pass.name = ".";
+ }
+ else
+ { file = "/var/empty"; };
+ }
+ ];
+}
diff --git a/modules/.keep b/modules/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/modules/.keep
diff --git a/pkgs/.keep b/pkgs/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/pkgs/.keep
diff --git a/public/.keep b/public/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/public/.keep
diff --git a/public/fysiweb-cli.id_rsa.pub b/public/fysiweb-cli.id_rsa.pub
new file mode 100644
index 0000000..5ef7e07
--- /dev/null
+++ b/public/fysiweb-cli.id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJ7SgciW/mOzldT3zTMFZWOlNPBjtJ/mpAhgY20JytC0m0xAXJPvlN38HrcN3veMJghpTI8/90wle/5i+dmWJ3GpQnFZNAzA6deyndHVsV/svkVS5cYrST3RWVivo6YII5HaHgh3EL2mmmXO1FT6pPJqOAF0yYnVAvEYLSnDBRUHM4sMzmv8QZgFdXORrmvIb6H8C48fiR5lN7WZJIs6Woajhsta5qP1cgZ9EKbcyoez9hQoLUNvW5moAgFA8ylW9zYjXAPMNSQXXt+MbExCmju9iO9d6egtH3cGRPiIpWHvy/O10NuRAWh8hnKFiEctbO0fSh+8wauh9QqJG3SkjsuwVDFq1kVPnt1483GmoPsbrXXajn7NUdmXR2q/AUkyC3tyIANtjen7PBVFXspkOXlwftilmjj9mf+02n4NXBTgrPPxSrB0TDblTZ9WnUa8cfvZuAwpS7QMe3OpJ63v8gV1C3XhqVKUCrauAn/c5acodFTKDLX5/frpoufmr02CKcT9L4n5uuVnai6ylZViY9K/jld3I8e0D7SA9d07c+cBov55zkdfD7NWP5G51lU+xbHQ68jzi6LqklIZ3Kj8kqtOf9DxuyyWuLFO1hKiNLQn9+uATKQh1C/nyubfrNtbz0+3sgfUAJy03YtKtT/zTzS7ErncAaWIc79hsOAO/Lsw== fysiweb-cli
diff --git a/secrets b/secrets
new file mode 160000
+Subproject be3e21a903bfb6fa2a8041385331969bbfecdd1
diff --git a/systems/.keep b/systems/.keep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/systems/.keep
diff --git a/systems/system1/configuration.nix b/systems/system1/configuration.nix
new file mode 100644
index 0000000..c930171
--- /dev/null
+++ b/systems/system1/configuration.nix
@@ -0,0 +1,8 @@
+{
+ imports = [
+ <fysiweb/configs>
+ <fysiweb/configs/hcloud>
+ ];
+
+ networking.hostName = "system1";
+}
diff --git a/terraform.nix b/terraform.nix
new file mode 100644
index 0000000..70d4104
--- /dev/null
+++ b/terraform.nix
@@ -0,0 +1,16 @@
+let
+ inherit (import <fysiweb>) fysilib lib;
+in
+fysilib.terraform.eval (import <fysiweb/terraform.nix> {
+ resource = {
+ hcloud_server.system1 = {
+ name = "system1";
+ server_type = "cx11";
+ location = "nbg1";
+ image = "\${data.hcloud_image.base.id}";
+ ssh_keys = [
+ "fysiweb-cli"
+ ];
+ };
+ };
+})