diff --git a/modules/config/default.nix b/modules/config/default.nix index b02f35b..365cce4 100755 --- a/modules/config/default.nix +++ b/modules/config/default.nix @@ -249,9 +249,10 @@ in deimosIP = "192.168.50.176"; marsIP = "192.168.50.218"; phoneIP = "192.168.50.243"; - phobosIP = "192.168.50.180"; + phobosIP = "192.168.50.194"; brotherIP = "192.168.50.195"; externalIP = "24.76.173.0"; + lamdagibsonIP = "192.168.50.131"; deviceNames = { desktop = "mars"; diff --git a/modules/config/devices/config/lamdagibson.nix b/modules/config/devices/config/lamdagibson.nix new file mode 100644 index 0000000..3f21c4f --- /dev/null +++ b/modules/config/devices/config/lamdagibson.nix @@ -0,0 +1,12 @@ +{ moduleFunctions }: +let + inherit (moduleFunctions.devicesFunctions) + lamdagibsonIP + ; +in +{ + name = "lamdagibson"; + ip = { + address0 = lamdagibsonIP; + }; +} diff --git a/modules/nixos/guests/midnight/default.nix b/modules/nixos/guests/midnight/default.nix index 0cf9059..f17ba98 100755 --- a/modules/nixos/guests/midnight/default.nix +++ b/modules/nixos/guests/midnight/default.nix @@ -41,7 +41,7 @@ in config = let macAddress = "02:00:00:00:00:${macOctet}"; - workers = deviceLogic 45 4 20 6 2; + workers = deviceLogic 45 4 18 6 4; in { environment.systemPackages = [ diff --git a/profiles/user0/files/misc/justfile.nix b/profiles/user0/files/misc/justfile.nix index 0869760..35bd400 100755 --- a/profiles/user0/files/misc/justfile.nix +++ b/profiles/user0/files/misc/justfile.nix @@ -4,70 +4,63 @@ lib, ... }: - let inherit (flake.config.machines) devices; inherit (flake.config.services) instances; - - mars = devices.mars; - deimos = devices.deimos; - ceres = devices.ceres; - eris = devices.eris; hostname = config.networking.hostName; - + dotPath = "~/projects/dotfiles"; + mkLocalRebuild = type: '' + rebuild-${type}: + nixos-rebuild boot --sudo --flake ${dotPath}#${hostname} --show-trace + ''; + mkRemoteRebuild = name: ip: '' + rebuild-${name}: + nixos-rebuild switch --flake ${dotPath}#${name} --target-host ${ip} --sudo --ask-sudo-password --show-trace + ''; + mkSshCommands = name: ip: '' + ${name}: + ssh ${ip} + ''; + mkMicrVMSshCommands = name: ssh: '' + ${name}: + ssh -p ${ssh} root@localhost + ''; + systemRecords = + command: + lib.concatStrings [ + (command devices.ceres.name devices.ceres.ip.address0) + (command devices.eris.name devices.eris.ip.address0) + (command devices.mars.name devices.deimosmars.ip.address0) + (command devices.deimos.name devices.deimos.ip.address0) + (command devices.phobos.name devices.phobos.ip.address0) + (command devices.lamdagibson.name devices.lamdagibson.ip.address0) + ]; + instanceRecords = + command: + lib.concatStrings [ + (command instances.vaultwarden.name instances.vaultwarden.interface.ssh) + (command instances.jellyfin.name instances.jellyfin.interface.ssh) + (command instances.firefly-iii.name instances.firefly-iii.interface.ssh) + (command instances.forgejo.name instances.forgejo.interface.ssh) + (command instances.mastodon.name instances.mastodon.interface.ssh) + ]; + typeLabels = + type: + lib.concatStrings [ + "switch" + "build" + "boot" + ]; + localRebuild = typeLabels mkLocalRebuild; + remoteRebuild = systemRecords mkRemoteRebuild; + sshCommand = systemRecords mkSshCommands; + microVMSshCommand = instanceRecords mkMicrVMSshCommands; in { - text = - let - lamdaIP = "192.168.50.131"; - in - '' - rebuildBoot: - nixos-rebuild boot --sudo --flake ~/projects/dotfiles#${hostname} --show-trace - - rebuild: - nixos-rebuild switch --sudo --flake ~/projects/dotfiles#${hostname} --show-trace - - rebuild-ceres: - nixos-rebuild switch --flake ~/projects/dotfiles#${ceres.name} --target-host ${ceres.ip.address0} --sudo --ask-sudo-password --show-trace - - rebuild-eris: - nixos-rebuild switch --flake ~/projects/dotfiles#${eris.name} --target-host ${eris.ip.address0} --sudo --ask-sudo-password --show-trace - - rebuild-mars: - nixos-rebuild switch --flake ~/projects/dotfiles#${mars.name} --target-host ${mars.ip.address0} --sudo --ask-sudo-password --show-trace - - rebuild-deimos: - nixos-rebuild switch --flake ~/projects/dotfiles#${deimos.name} --target-host ${deimos.ip.address0} --sudo --ask-sudo-password --show-trace - - rebuild-lamda: - nixos-rebuild switch --flake ~/projects/lamdagibson#lamdagibson --target-host denise@${lamdaIP} --sudo --ask-sudo-password --show-trace - - update: - nix flake update --flake ~/projects/dotfiles - - remove-redundant: - ls **/*.hs | each { |file| hlint --refactor --refactor-options="--inplace" $file.name } - - remove-imports: - ls **/*.hs | each { |file| ormolu --mode inplace $file.name } - - ceres: - ssh ${ceres.ip.address0} - - eris: - ssh ${eris.ip.address0} - - deimos: - ssh ${deimos.ip.address0} - - lamda: - ssh denise@${lamdaIP} - - serverRemote: - ssh ${instances.web.remotehost.address0} - - forgejo: - ssh root@${instances.forgejo.interface.ip} - ''; + text = '' + ${localRebuild} + ${remoteRebuild} + ${sshCommand} + ${microVMSshCommand} + ''; } diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index ec16e39..e3b2413 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -1,7 +1,7 @@ ssh: private: ENC[AES256_GCM,data:XJk/gjPkFeSZtPkKYS2vRHqMY/X5zRaDlS4UwzUvjm9MvTgdhoXUlqvFC0Dl5SZhRlY+XXAuG7gIIUESzCFWQKdOoUcto3r0WSuIm9EwLKXnnaHemeFVHYgZU9Rz45PK6yFWUC06+n56b2A1dFXftjeXcCqaQrT/jk3RDSHmhW9u7QgDmhhaybxXOrzkup2U8kjhrMmRBcf4xP//nihuzHcyYX75ONr56bgkjl6gpZTfZrn2ad8b+4iGn+rElzf7RHAG0mwTeEX2kYRyafaanGuc2xTnZubBAYDnc1eM6T99PXC0iWh/lUKc1zG1l18UchWzgvl3sPK0Cb2/5aaFMUk2ET6kVOlpKyGc94MRpyv3iUi8soFjh34sWH3mFtec2OWfIxDhoVfZoc2hmP2Hflfjp7acwaMskFBHaCSO2DGtNmN3hSUhAAeLx8OZupSIJmDVpq00qKUbN+5z4K78AdGuUOP07cE889evNniCHLP6yPav7tIulnBS9lD2U+CbqF7vMtdZx/eYFwJjmMtE,iv:JxSytvXKWLHDedlE0Wq5YpPUnfb0HoQgKJ2bt1Z8yqk=,tag:MjOoUSWsHWHgxp0yu9YQFA==,type:str] public: ENC[AES256_GCM,data:Cn4hutHHeptbefHOKK7zv5TmveGOqfHAwGHogDq9sRmeb+b1lzHwj7qvg8lcnlJtIo4qS+TrKtSj5ZCsPNXOhWG1rkk97gTfPMbcxj5f1O3WJigL2wsrB2cQgc5UsA==,iv:ID4zRdr/efClOAHbXzxG1bNuJR0A2qbydzGlMhvEcRE=,tag:qbIoaGb+RXxRRkkQtuX7/A==,type:str] - hosts: ENC[AES256_GCM,data:QuyhBCfYd/CXRhqbenhO7c8PRuaxMQyXVwetbCN5qOwRv32IPOAYcFByQygmz6J3sAaw47arSYXqNWarzRNX0OPfEvxAusIDyB4Ia0kRnELJKJ+LHOWC8fbKwh+w1IVPFznEUDJsq2dIkMd3uOLw+R70Z2A/uTycjOI8ZtTz+Pw0fbu8wtGUR0yzTjgMVia7L7L6m2k5Owkc6M+MYqd2GlkSarVQa+XiwOmp06hEVqSeWb/rXIGEszb54iC0jbnArfAHVeiZ9moLogDpcZRUFEUxY72wG3Y7DM0bNEG5B3bXm11hemvIGPCY1kqvG4ROtDbvgx6C4XNupxiYG9tUMneJHwfRXAFs4gGO0r7wSsE8qQePWAlGg4YcpZX/R3WraQsUSHjS4rGtqNUAsEMRN195/WChcHGyP2aMjrzl1RSs27fIA7O04pLEH6Uhcv26Rp7c1JwlpvcKgnMZ0GqiHKuqVYYJMPEzLWlWXpRpcODDB5iqad0o0T/9rnVlK7HGhCTEl5rYj0jSYrwu4ktApZ2jNMCsMNIek1p12OJK1RrP9HvIThuSDNXo5vaIreHL1MlIgMb4t8MvsXcczN1+yAiJ0msZhyV/OH/LRO3pfceHMmf3LCB7zIFsJpTcQGAMFrscSA7D6Zise81GMIL2DJVzlbdhQxIwB2DTDa7mf74DdZzUkNbQCbWRP6YnrfiIOCcQGWMVXbm+QVr48l066NXfuxPbFFnCT3hK3cnNwRpMzTqzLc5ol6kxtN+ryVPCQ7hvMe1InoSnMXJhf5GEeEUH26mAOQ2o1eakcKonyCTLi0Ui1Wlw2x9EbM0QCk9Nl5YcxUZLPddEyWdkvCJ8JqGM5IitTNwuzHLUjqkNb+DP0d35ON2ek5vK9kAh8oJOuN8vKVdvbR3XmexEbo9oviGSQwB3dWl274D29Oy7k2H7u+rro+HDeZp1MCkCJ8DgvKGaHYXNjESVNxSJ9/sch0i5h2N2aEs0lK8/WqpW6K6DX6m2yjO7qdZf+j31bilRZD6mwELMtXrpQWwH9OIEYDsCxxjC/Q4soZ+d61U6YRdXrhfG4wwrL6GWr6CQD46kDobNlnt2mrdlWOrWz5tfPhsEAHZ5f7/WNk+xTHC+MuDt/aFUGisXuW5Wv2LmADBIHablsV2V1THDeT+r1753djtI4zn9QGWQnJ+5kgsw+lQScJVROOPriSJYWrvHJmkDMMOg2I5yYyx9jQO1xafPM5RO05FDQo8zJtCodKmZVyikP97mspFfKukBKuUHC9X3OXaIbvUrc3RDh/L7whQ5p3Ih+fgTFm4Pw+yPVq6KJ9hNMRmuvrnZsstWeMBIg5hus5k8g4q+xHmL5uVjLvkDxCFgoKC66gQYENm/XPYdcj3b5bSRW4WYoofk0XjppgU/zGKIrgtr3F7mWo64ZMwv9XyVznReHNVBcyRxQlvLdpAzrb8vczEKFkpyRdM+uIdovNl88vhgaLbLKtIY9LVp7w1p7QIuCkBqS1qAhFzYd20NZKDTAd6TnUfPC+/bswbHslSNEIFYBoUvEwJW,iv:OZdzyvCeRCHMqdUPkHGxiZdXlm/+u0LAagk7HLHWG94=,tag:IkDpOIQmtC5FvKjlmmhH2A==,type:str] + hosts: ENC[AES256_GCM,data:paJLnlvk5GWjQeaiLkjThyyBzUNW0q6bBNs7+yykpgQFw9U1yyIJxObVgSgK3uQXZKGMMoZhbLKvYTSaxsvHNkGbtTpOD39uK2tT8Jx1ZFfSDe42KT1UHdksecmFFIxIcbtjx6+JhEs8dN1DoLESUQK35nvuT4m4GcnmzONGxIzScP199GApOUKHK2S88D+EbmVUawGjb6a6Y1yFuim/C2n6HCWvk9w9rK3tq1G+E0qZlrHqp/7O8SMYezEcE5YhH4ccQwtvhVeuj8CaSstDBhiW6RZT9fPCgb3IYLXmCiCQaYChpbP8alCazQQ4QzTtfSuDfzhPfde7YJL5/we9k3Xt9TWB0anqdBvyM0duXj7DFDpACz0vcE4360ZgIE+YAv3ABUxHpnh+j7hKEr69Wrhs0vtoiMG/BvjqlP8G3ZXwzVRaxhnk07mlQAqIrxOEyR+/YETg8P6YKrXN9bVhCwpn5TlOw2tUg+ZdPVWZhvH3XZbdgbOn0DSzvKT/7p+ouhH+w9fJvjmV1Oepu27fuhhbx5cimlouwLzVOCiy1MMm5zyV3f3h34oT8LVwEp8S11gRaZBPRP2YtgWSovXEEuimYtvXqH0cCoMfsxCS2u1ZxHdr0a6LhLP9yckFndRNutjeP9Ve5H7Ml3amMt7I6GDJCXOX6oMJ9LrCntsAWuSPtk3Yvw59aAUO7f1OAV6H18vhcGo+vDrE9OwYY9HcbQWtTrCUSZSUzeCkplbfYqsOmkfjFd63ZoRomar66/i/4L+D6XRcJHwxxmnBSovRLTbSSVJtW5JwRPH/LZMKctjB2p4EUWHIG9C17oXRF8nRAQLNoqfnp5jIewLqQzHN9/ONQzINWGfzhtJRXmK3RIi/L4lS5i3UKp8vKLI9QuY1a93B1/Cc+IqpR3rTx6wIFl9t375ECZSDUzbULlqzWnyAgAUKuyzUZ9+dTJVG8BCeNmF2+inNN0GOpPLow8OdDZK0R0Aj9YY+9vj1CljCkrB3377BSgEM7RZM8CpZW5m+NuwdF+wSPcTBzc0JXUTUFC8GasHJ5WaOQP68ETeAAqU+2Di/5pLPLPxKFDsAUprNY7bVrZq2b/GGqXtpiB8lVjuKiK1Tm43/ErAQmMt8RDOz1f5sQ2ewJmhUkKigeUxQPyjhAD818K7kBtvJCEaLSMqCC74BUNStp7f36OP6cwQvz/1bIjHb2Cg8YuiDy9DY46FgNEBtLMt3iFhSfMsV+JaKASsrx2w45JtJbr08vmq0/aLFWBwkGShxBDWbJvcSys1y6yMdSNV59v7xNjub7OY79VGSA9wS86Tf/TKFTSzSLMUdpCzeSTmkOWEMY+QxM/CGMuVoBmmxGkMboB+WU6AsVwr/3lxFsGhaupp6TgTMlXwmdWsNYB3E6YaFiTExB0BpJEA/qLOC1K0JBp+uTp9EnC/TmJAofNgaNA3AHWCVtNegXrpxlvACE3qG7ap7T1qlZNzcEyaTIpEivWrI/WT73a2TMlj6/nXd4NCGzkXbH8qv4oOT+urodglq05JjcM8PYLtFHcEFp1nue8HqAJXw2IvHf77ZPUbhvawwWABll/gBEl4Yb18OjWazaOcm8HaJQhiOQgde1Y4kvpP3NqsLi1atzZvbKgQHFIGeI9WUmPoLyMzd7FndvoQOT2dukSIRcz+kuXQqEbNs,iv:2aNCRzV0knKNrZGYNXahGS5WQkYzzqzu4aul1w0twPM=,tag:PXBdIdUL/5TqVaZAyF6Rpg==,type:str] network: server: ENC[AES256_GCM,data:EFsmXNkuf5OAMh8hjfZTixmmdjqBNIME9JjQC8azeCwcMVInm8bWdxE4OqFmxOk9MAU=,iv:pI6WeM2aQC+7vx1Xmp5O2rikqNLgzuEOg+Lo7TqFQxU=,tag:ElcA8mn9dx+IjIf38nKT5A==,type:str] fallaryn: ENC[AES256_GCM,data:O77hH3STB6zpl0b9iXsVu9OOrlLKUwfs2qI9hdqX4kMuBs3XgT/xsQ==,iv:RDKsuJoy+LIyADMc3bgOEmLKdXtu6kad2aeVetuZdJI=,tag:MrpCZ+iJUnGIjeHMgcYG6Q==,type:str] @@ -63,7 +63,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-11-11T06:59:50Z" - mac: ENC[AES256_GCM,data:EJ9lYBbFiYH8pzrnxap05Xj0CgdzxCPoCqq7fCgrJrlngHP8IP6WoAtFpnWfYGa6hDCY0W+RDSzAc3yReYS7tGuGLkCKcPhC/h9boEADPNEEoCnmV0uimeVDIFj0o1as00q2Mzaz5FRJGzpRkjaIT+YjQfaRGcjlBGobjFHFHKQ=,iv:G8iu/sX6hvrc3TuoE2X6X2TUGDyFTPIVILb+n36KETY=,tag:9nHq03Z0iIMtF1qnMhAHMA==,type:str] + lastmodified: "2025-11-14T01:30:25Z" + mac: ENC[AES256_GCM,data:EFM/NnmsmUGD0UwaYuuidviMHLvIDpAyhd3y65HpiU+A6hhMnybBiH57Mne0zrdAGIC2fWRFz+HoZ4vW1ghkwjWUcdUq4P14c6DGpsrHczHbpU4rOfg+lirOh0v3gC4NRB5DAO9uIoJ4rCugEDCb37fqURkgDH9e677Odl2/Yps=,iv:mJOghTqDx74rwSrEtPvF06meUSZ2kEi4TFb2eVFwMf0=,tag:cL0FpqUU9ZsSnRLGk/hcuA==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0