diff --git a/flake.lock b/flake.lock index 4457021..5f77a8b 100755 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,25 @@ { "nodes": { + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1704875591, + "narHash": "sha256-eWRLbqRcrILgztU/m/k7CYLzETKNbv0OsT2GjkaNm8A=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "1776009f1f3fb2b5d236b84d9815f2edee463a9b", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, "devour-flake": { "flake": false, "locked": { @@ -22,7 +42,7 @@ "ethereum-nix", "nixpkgs" ], - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1701787589, @@ -42,7 +62,7 @@ "inputs": { "devour-flake": "devour-flake", "devshell": "devshell", - "flake-compat": "flake-compat", + "flake-compat": "flake-compat_2", "flake-parts": "flake-parts", "flake-root": "flake-root", "foundry-nix": "foundry-nix", @@ -56,10 +76,10 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1705787058, - "narHash": "sha256-jN7EObGkFC0ciri2g/PDUrgfryiHEorhCAULN9+UJ+I=", + "lastModified": 1706156436, + "narHash": "sha256-2NnO15PUkUriGJ749AxImbAcg3CT7StkQDJBZoEIt+U=", "ref": "refs/heads/main", - "rev": "0407591fca0931ec2b3762ba893eeabf0c4af296", + "rev": "3042078d2ea4d96befdf6cd05d0f87fcca0c6b1f", "revCount": 302, "type": "git", "url": "file:///home/e/dev/ethereum.nix/" @@ -70,6 +90,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "locked": { "lastModified": 1688025799, "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", @@ -137,7 +173,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1694529238, @@ -155,7 +191,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1701680307, @@ -173,7 +209,7 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1705309234, @@ -192,14 +228,14 @@ "foundry-nix": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1706346533, - "narHash": "sha256-ccqnThgOxMPh0/8T+uxcECkFUyr1oJ00MmaT1/WwcWM=", + "lastModified": 1706432964, + "narHash": "sha256-AtOO3RwfS2Q66IqNmFA0byGAhb6n1nBbi67/kufouHo=", "owner": "shazow", "repo": "foundry.nix", - "rev": "09fccbe99e5e7763f3f0cdc3eb5ae15d07f45c36", + "rev": "c898f1ac4d89f953dd77bc360a995742c6b6328f", "type": "github" }, "original": { @@ -239,11 +275,11 @@ ] }, "locked": { - "lastModified": 1705823474, - "narHash": "sha256-2C4uRe9/U3QwSPC4dYKM1/njgCQk0Mltezy4VcjAqa4=", + "lastModified": 1706306660, + "narHash": "sha256-lZvgkHtVeduGByPb0Tz9LpAi4olfkEm8XPgv0o7GRsk=", "owner": "nix-community", "repo": "home-manager", - "rev": "928f2528f9ee952ba0a47bbb1ece8d93ed66e784", + "rev": "b2f56952074cb46e93902ecaabfb04dd93733434", "type": "github" }, "original": { @@ -382,11 +418,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1705312285, - "narHash": "sha256-rd+dY+v61Y8w3u9bukO/hB55Xl4wXv4/yC8rCGVnK5U=", + "lastModified": 1706182238, + "narHash": "sha256-Ti7CerGydU7xyrP/ow85lHsOpf+XMx98kQnPoQCSi1g=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "bee2202bec57e521e3bd8acd526884b9767d7fa0", + "rev": "f84eaffc35d1a655e84749228cde19922fcf55f1", "type": "github" }, "original": { @@ -398,15 +434,18 @@ }, "nixpkgs": { "locked": { - "lastModified": 1705496572, - "narHash": "sha256-rPIe9G5EBLXdBdn9ilGc0nq082lzQd0xGGe092R/5QE=", - "path": "/nix/store/wcidiyklj0nrljlz5m3qlkvhv8f2ddv8-source", - "rev": "842d9d80cfd4560648c785f8a4e6f3b096790e19", - "type": "path" + "lastModified": 1702272962, + "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs-unstable": { @@ -429,9 +468,22 @@ "locked": { "lastModified": 1705677747, "narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=", + "path": "/nix/store/kwd6lmx004rkv2r00vj3fcg5ijfvnagk-source", + "rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1706191920, + "narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261", + "rev": "ae5c332cbb5827f6b1f02572496b141021de335f", "type": "github" }, "original": { @@ -470,7 +522,7 @@ "ethereum-nix", "nixpkgs" ], - "systems": "systems_3", + "systems": "systems_4", "treefmt-nix": "treefmt-nix" }, "locked": { @@ -489,11 +541,12 @@ }, "root": { "inputs": { + "deploy-rs": "deploy-rs", "ethereum-nix": "ethereum-nix", "home-manager": "home-manager", "microvm": "microvm", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nvim": "nvim", "tfa": "tfa" } @@ -545,6 +598,21 @@ } }, "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -558,7 +626,7 @@ "type": "indirect" } }, - "systems_4": { + "systems_5": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -573,7 +641,7 @@ "type": "github" } }, - "systems_5": { + "systems_6": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -650,6 +718,24 @@ "repo": "treefmt-nix", "type": "github" } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 93d0319..2a6dc35 100755 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + deploy-rs.url = "github:serokell/deploy-rs"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -26,7 +27,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, home-manager, nixos-hardware, nvim, ethereum-nix, ... } @inputs: + outputs = { self, nixpkgs, home-manager, nixos-hardware, nvim, ethereum-nix, deploy-rs, ... } @inputs: let attrs = { username = "e"; @@ -48,12 +49,33 @@ ); homeConfigurations = ( import ./home-manager { inherit inputs pkgs attrs; } - ); + ); + deploy.nodes = { + htz = { + hostname = "htz"; + sshUser = "root"; + remoteBuild = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.htz; + }; + }; + racknerd = { + hostname = "racknerd"; + sshUser = "e"; + remoteBuild = true; + profiles.system = { + user = "root"; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.rknrd; + }; + }; + }; devShells.${system}.default = pkgs.mkShell { buildInputs = [ pkgs.nix pkgs.home-manager pkgs.git + deploy-rs.packages.${system}.deploy-rs ]; }; }; diff --git a/nixos/default.nix b/nixos/default.nix index 4dcce83..35af65e 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -15,6 +15,7 @@ }; rknrd = inputs.nixpkgs.lib.nixosSystem { specialArgs = { + inherit inputs system pkgs; host = { hostName = "rknrd"; username = attrs.username; diff --git a/nixos/htz/configuration.nix b/nixos/htz/configuration.nix index 6a7a46f..39baf44 100644 --- a/nixos/htz/configuration.nix +++ b/nixos/htz/configuration.nix @@ -5,7 +5,6 @@ #./eth.nix ]; environment.systemPackages = with pkgs; [ - nfs-utils vim ]; networking = { @@ -35,11 +34,6 @@ isNormalUser = true; extraGroups = [ "wheel" ]; home = "/home/e"; - packages = with pkgs; [ - vim - htop - tree - ]; openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'']; }; }; diff --git a/nixos/htz/hardware-configuration.nix b/nixos/htz/hardware-configuration.nix index b3ddafb..e0cfd22 100755 --- a/nixos/htz/hardware-configuration.nix +++ b/nixos/htz/hardware-configuration.nix @@ -19,7 +19,7 @@ }; fileSystems = { "/boot" = { - device = "/dev/disk/by-uuid/5679-B4CD"; + device = "/dev/disk/by-uuid/8480-5FBB"; fsType = "vfat"; }; "/" = { @@ -52,10 +52,11 @@ matchConfig.Name = "microvm"; networkConfig = { DHCPServer = true; + IPv6SendRA = true; }; addresses = [ { addressConfig.Address = "10.0.0.1/24"; - }]; + } ]; }; "11-microvm" = { matchConfig.Name = "vm-*"; diff --git a/nixos/htz/vms/vmDefaults.nix b/nixos/htz/vms/vmDefaults.nix index 15e6831..bde2d73 100644 --- a/nixos/htz/vms/vmDefaults.nix +++ b/nixos/htz/vms/vmDefaults.nix @@ -12,7 +12,11 @@ }; }; }; - services.openssh.enable = true; + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; + }; networking.firewall = { enable = true; allowedTCPPorts = [22]; @@ -22,14 +26,14 @@ users.users = { root = { openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEV8yjC8g68hoIi5021A6MR0ggMy++8KjmtXMzyOir2c root@htz'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ]; }; e = { isNormalUser = true; extraGroups = [ "wheel" ]; openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEV8yjC8g68hoIi5021A6MR0ggMy++8KjmtXMzyOir2c root@htz'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ]; };