💥 renames hosts

This commit is contained in:
Laureηt 2024-01-12 17:02:47 +01:00
parent 5646ad58a7
commit 0d47653d4b
Signed by: Laurent
SSH key fingerprint: SHA256:kZEpW8cMJ54PDeCvOhzreNr4FSh6R13CMGH/POoO8DI
54 changed files with 43 additions and 20 deletions

4
.vscode/upgrade.sh vendored
View file

@ -15,8 +15,8 @@ trap 'handle_error "$BASH_COMMAND"' ERR
nix flake update nix flake update
# update systems # update systems
sudo nixos-rebuild switch -L --flake .#neodymium sudo nixos-rebuild switch -L --flake .#silicium
nixos-rebuild switch -L --flake .#hydrogen --target-host hydrogen nixos-rebuild switch -L --flake .#cesium --target-host cesium
# commit and push lock file # commit and push lock file
git add flake.lock git add flake.lock

View file

@ -1,10 +1,9 @@
{ {
description = "Laureηt's infrastructure"; description = "Laureηt's infrastructure";
# TODO: rekey les secrets + changer la key de hydrogen # TODO: rekey les secrets + changer la key de cesium
# TODO: luks encrypt hydrogen (dropbear ?) # TODO: luks encrypt cesium (dropbear ?)
# TODO: dégager btfrs de neodymium, ext4 ftw # TODO: setup disko sur silicium
# TODO: setup disko sur neodymium
inputs = { inputs = {
# core stuff # core stuff
@ -77,7 +76,7 @@
flake = false; flake = false;
}; };
# hydrogen nginx sites # cesium nginx sites
resume = { resume = {
url = "git+https://git.fainsin.bzh/Laurent/resume"; url = "git+https://git.fainsin.bzh/Laurent/resume";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";

View file

@ -6,7 +6,7 @@
userEmail = "laurent@fainsin.bzh"; userEmail = "laurent@fainsin.bzh";
signing = { signing = {
signByDefault = true; signByDefault = true;
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@neodymium"; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium";
}; };
}; };
} }

View file

@ -1,7 +1,7 @@
{...}: { {...}: {
networking = { networking = {
# the name of the machine # the name of the machine
hostName = "hydrogen"; hostName = "cesium";
# the domain used for the machine # the domain used for the machine
domain = "fainsin.bzh"; domain = "fainsin.bzh";

View file

@ -9,14 +9,19 @@
users.laurent = ../home; users.laurent = ../home;
}; };
in { in {
# neodymium laptop # naming convention based on the periodic table
neodymium = nixpkgs.lib.nixosSystem { # NAS would be neodymium
# desktop would be neon
# smartphone would be lithium
# personal laptop
silicium = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
}; };
modules = [ modules = [
./neodymium ./silicium
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
inputs.agenix.nixosModules.default inputs.agenix.nixosModules.default
inputs.lanzaboote.nixosModules.lanzaboote inputs.lanzaboote.nixosModules.lanzaboote
@ -28,15 +33,34 @@ in {
]; ];
}; };
# hydrogen vps # # work laptop
hydrogen = nixpkgs.lib.nixosSystem rec { # aurum = nixpkgs.lib.nixosSystem {
# system = "x86_64-linux";
# specialArgs = {
# inherit inputs;
# };
# modules = [
# ./aurum
# inputs.home-manager.nixosModules.home-manager
# inputs.agenix.nixosModules.default
# # inputs.lanzaboote.nixosModules.lanzaboote
# # inputs.nixos-hardware.nixosModules.common-cpu-amd
# # inputs.nixos-hardware.nixosModules.common-gpu-nvidia-disable
# # inputs.nixos-hardware.nixosModules.common-pc-laptop
# # inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
# {inherit home-manager;}
# ];
# };
# vps
cesium = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
inherit system; inherit system;
}; };
modules = [ modules = [
./hydrogen ./cesium
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.default inputs.disko.nixosModules.default
inputs.agenix.nixosModules.default inputs.agenix.nixosModules.default

View file

@ -1,7 +1,7 @@
{...}: { {...}: {
networking = { networking = {
# the name of the machine # the name of the machine
hostName = "neodymium"; hostName = "silicium";
# domain name servers, use clouflare family # domain name servers, use clouflare family
nameservers = ["1.1.1.2" "1.0.0.2"]; nameservers = ["1.1.1.2" "1.0.0.2"];

View file

@ -1,7 +1,7 @@
let let
neodymium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@neodymium"; silicium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTvwXCT99s1EwOCeGQ28jyCAH/RBoLZza9k5I7wWdEu laurent@silicium";
hydrogen = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxh42mMYqftTU7WtfktZbkdMI07VuH7mhUv3m2Ca3fV root@hydrogen"; cesium = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxh42mMYqftTU7WtfktZbkdMI07VuH7mhUv3m2Ca3fV root@cesium";
in { in {
"borgbackup.age".publicKeys = [neodymium]; "borgbackup.age".publicKeys = [silicium];
"gitea.age".publicKeys = [neodymium hydrogen]; "gitea.age".publicKeys = [silicium cesium];
} }