From 7e88fb2b26ba2c1a3aeaaaa21fe839f1a43bcc8b Mon Sep 17 00:00:00 2001
From: Alexander Foremny <aforemny@posteo.de>
Date: Wed, 14 Feb 2024 05:34:12 +0100
Subject: init

---
 .gitignore                        |  1 +
 .gitmodules                       |  3 +++
 apps/.keep                        |  0
 configs/.keep                     |  0
 krops.nix                         | 55 +++++++++++++++++++++++++++++++++++++++
 modules/.keep                     |  0
 pkgs/.keep                        |  0
 public/.keep                      |  0
 public/fysiweb-cli.id_rsa.pub     |  1 +
 secrets                           |  1 +
 systems/.keep                     |  0
 systems/system1/configuration.nix |  8 ++++++
 terraform.nix                     | 16 ++++++++++++
 13 files changed, 85 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .gitmodules
 create mode 100644 apps/.keep
 create mode 100644 configs/.keep
 create mode 100644 krops.nix
 create mode 100644 modules/.keep
 create mode 100644 pkgs/.keep
 create mode 100644 public/.keep
 create mode 100644 public/fysiweb-cli.id_rsa.pub
 create mode 160000 secrets
 create mode 100644 systems/.keep
 create mode 100644 systems/system1/configuration.nix
 create mode 100644 terraform.nix

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ceeb05b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/tmp
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..b570d91
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "secrets"]
+	path = secrets
+	url = git@github.com:nomath-org/secrets.git
diff --git a/apps/.keep b/apps/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/configs/.keep b/configs/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/krops.nix b/krops.nix
new file mode 100644
index 0000000..2cf401c
--- /dev/null
+++ b/krops.nix
@@ -0,0 +1,55 @@
+let
+  inherit (import <fysiweb>) lib pkgs;
+in
+
+rec {
+  source = system-name: pkgs.krops.lib.evalSource [
+    {
+      fysiweb.file = {
+        path = toString <fysiweb>;
+        filters = [
+          { type = "exclude"; pattern = "/.git"; }
+        ]
+        ++
+        map
+          (pattern: { type = "exclude"; inherit pattern; })
+          (lib.filter
+            (lib.hasPrefix "/")
+            (lib.splitString "\n"
+              (builtins.readFile <fysiweb/.gitignore>)))
+        ;
+      };
+      overlay.file = {
+        path = toString ./.;
+        filters = [
+          { type = "exclude"; pattern = "/.git"; }
+        ]
+        ++
+        map
+          (pattern: { type = "exclude"; inherit pattern; })
+          (lib.filter
+            (lib.hasPrefix "/")
+            (lib.splitString "\n"
+              (builtins.readFile ./.gitignore)))
+        ;
+      };
+      nixos-config.symlink = "overlay/systems/${system-name}/configuration.nix";
+      nixpkgs.git = {
+        url = "https://github.com/NixOS/nixpkgs";
+        ref = (lib.importJSON <fysiweb/nixpkgs.json>).rev;
+        shallow = true;
+      };
+      system-secrets =
+        let
+          path = ./secrets/per-system + "/${system-name}";
+        in
+        if builtins.pathExists path then
+          {
+            pass.dir = toString path;
+            pass.name = ".";
+          }
+        else
+          { file = "/var/empty"; };
+    }
+  ];
+}
diff --git a/modules/.keep b/modules/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/pkgs/.keep b/pkgs/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/public/.keep b/public/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/public/fysiweb-cli.id_rsa.pub b/public/fysiweb-cli.id_rsa.pub
new file mode 100644
index 0000000..5ef7e07
--- /dev/null
+++ b/public/fysiweb-cli.id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJ7SgciW/mOzldT3zTMFZWOlNPBjtJ/mpAhgY20JytC0m0xAXJPvlN38HrcN3veMJghpTI8/90wle/5i+dmWJ3GpQnFZNAzA6deyndHVsV/svkVS5cYrST3RWVivo6YII5HaHgh3EL2mmmXO1FT6pPJqOAF0yYnVAvEYLSnDBRUHM4sMzmv8QZgFdXORrmvIb6H8C48fiR5lN7WZJIs6Woajhsta5qP1cgZ9EKbcyoez9hQoLUNvW5moAgFA8ylW9zYjXAPMNSQXXt+MbExCmju9iO9d6egtH3cGRPiIpWHvy/O10NuRAWh8hnKFiEctbO0fSh+8wauh9QqJG3SkjsuwVDFq1kVPnt1483GmoPsbrXXajn7NUdmXR2q/AUkyC3tyIANtjen7PBVFXspkOXlwftilmjj9mf+02n4NXBTgrPPxSrB0TDblTZ9WnUa8cfvZuAwpS7QMe3OpJ63v8gV1C3XhqVKUCrauAn/c5acodFTKDLX5/frpoufmr02CKcT9L4n5uuVnai6ylZViY9K/jld3I8e0D7SA9d07c+cBov55zkdfD7NWP5G51lU+xbHQ68jzi6LqklIZ3Kj8kqtOf9DxuyyWuLFO1hKiNLQn9+uATKQh1C/nyubfrNtbz0+3sgfUAJy03YtKtT/zTzS7ErncAaWIc79hsOAO/Lsw== fysiweb-cli
diff --git a/secrets b/secrets
new file mode 160000
index 0000000..be3e21a
--- /dev/null
+++ b/secrets
@@ -0,0 +1 @@
+Subproject commit be3e21a903bfb6fa2a8041385331969bbfecdd16
diff --git a/systems/.keep b/systems/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/systems/system1/configuration.nix b/systems/system1/configuration.nix
new file mode 100644
index 0000000..c930171
--- /dev/null
+++ b/systems/system1/configuration.nix
@@ -0,0 +1,8 @@
+{
+  imports = [
+    <fysiweb/configs>
+    <fysiweb/configs/hcloud>
+  ];
+
+  networking.hostName = "system1";
+}
diff --git a/terraform.nix b/terraform.nix
new file mode 100644
index 0000000..70d4104
--- /dev/null
+++ b/terraform.nix
@@ -0,0 +1,16 @@
+let
+  inherit (import <fysiweb>) fysilib lib;
+in
+fysilib.terraform.eval (import <fysiweb/terraform.nix> {
+  resource = {
+    hcloud_server.system1 = {
+      name = "system1";
+      server_type = "cx11";
+      location = "nbg1";
+      image = "\${data.hcloud_image.base.id}";
+      ssh_keys = [
+        "fysiweb-cli"
+      ];
+    };
+  };
+})
-- 
cgit v1.2.3