From: Ismaƫl Bouya Date: Wed, 22 May 2019 18:55:28 +0000 (+0200) Subject: Move rest of the modules outside of nixops X-Git-Tag: nur_publish~2 X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=8d213e2b1c934f6861f76aad5eb7c11097fa97de Move rest of the modules outside of nixops --- diff --git a/nixops/modules/buildbot/common/build_helpers.py b/modules/private/buildbot/common/build_helpers.py similarity index 100% rename from nixops/modules/buildbot/common/build_helpers.py rename to modules/private/buildbot/common/build_helpers.py diff --git a/nixops/modules/buildbot/common/master.cfg b/modules/private/buildbot/common/master.cfg similarity index 100% rename from nixops/modules/buildbot/common/master.cfg rename to modules/private/buildbot/common/master.cfg diff --git a/nixops/modules/buildbot/default.nix b/modules/private/buildbot/default.nix similarity index 98% rename from nixops/modules/buildbot/default.nix rename to modules/private/buildbot/default.nix index 60279b7..fa6a6f2 100644 --- a/nixops/modules/buildbot/default.nix +++ b/modules/private/buildbot/default.nix @@ -14,7 +14,7 @@ let in { options = { - services.buildbot.enable = lib.mkOption { + myServices.buildbot.enable = lib.mkOption { type = lib.types.bool; default = false; description = '' @@ -23,7 +23,7 @@ in }; }; - config = lib.mkIf config.services.buildbot.enable { + config = lib.mkIf config.myServices.buildbot.enable { ids.uids.buildbot = myconfig.env.buildbot.user.uid; ids.gids.buildbot = myconfig.env.buildbot.user.gid; diff --git a/nixops/modules/buildbot/projects/caldance/__init__.py b/modules/private/buildbot/projects/caldance/__init__.py similarity index 100% rename from nixops/modules/buildbot/projects/caldance/__init__.py rename to modules/private/buildbot/projects/caldance/__init__.py diff --git a/nixops/modules/buildbot/projects/cryptoportfolio/__init__.py b/modules/private/buildbot/projects/cryptoportfolio/__init__.py similarity index 100% rename from nixops/modules/buildbot/projects/cryptoportfolio/__init__.py rename to modules/private/buildbot/projects/cryptoportfolio/__init__.py diff --git a/nixops/modules/buildbot/projects/test/__init__.py b/modules/private/buildbot/projects/test/__init__.py similarity index 100% rename from nixops/modules/buildbot/projects/test/__init__.py rename to modules/private/buildbot/projects/test/__init__.py diff --git a/nixops/modules/certificates.nix b/modules/private/certificates.nix similarity index 100% rename from nixops/modules/certificates.nix rename to modules/private/certificates.nix diff --git a/modules/private/default.nix b/modules/private/default.nix index 242eeb9..894efb7 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix @@ -47,7 +47,19 @@ set = { peertubeTool = ./websites/tools/peertube; toolsTool = ./websites/tools/tools; + buildbot = ./buildbot; + certificates = ./certificates.nix; + gitolite = ./gitolite; irc = ./irc.nix; + pub = ./pub; + tasks = ./tasks; + dns = ./dns.nix; + ftp = ./ftp.nix; + mail = ./mail.nix; + mpd = ./mpd.nix; + ssh = ./ssh; + + system = ./system.nix; }; in builtins.listToAttrs (map (attr: { name = "priv${attr}"; value = set.${attr}; }) (builtins.attrNames set)) diff --git a/nixops/modules/dns.nix b/modules/private/dns.nix similarity index 100% rename from nixops/modules/dns.nix rename to modules/private/dns.nix diff --git a/nixops/modules/ftp.nix b/modules/private/ftp.nix similarity index 100% rename from nixops/modules/ftp.nix rename to modules/private/ftp.nix diff --git a/nixops/modules/gitolite/default.nix b/modules/private/gitolite/default.nix similarity index 96% rename from nixops/modules/gitolite/default.nix rename to modules/private/gitolite/default.nix index f085b55..b9914a1 100644 --- a/nixops/modules/gitolite/default.nix +++ b/modules/private/gitolite/default.nix @@ -1,8 +1,8 @@ { lib, pkgs, config, myconfig, ... }: let - cfg = config.services.myGitolite; + cfg = config.myServices.gitolite; in { - options.services.myGitolite = { + options.myServices.gitolite = { enable = lib.mkEnableOption "my gitolite service"; gitoliteDir = lib.mkOption { type = lib.types.string; diff --git a/nixops/modules/gitolite/gitolite_ldap_groups.sh b/modules/private/gitolite/gitolite_ldap_groups.sh similarity index 100% rename from nixops/modules/gitolite/gitolite_ldap_groups.sh rename to modules/private/gitolite/gitolite_ldap_groups.sh diff --git a/nixops/modules/mail.nix b/modules/private/mail.nix similarity index 100% rename from nixops/modules/mail.nix rename to modules/private/mail.nix diff --git a/nixops/modules/mpd.nix b/modules/private/mpd.nix similarity index 100% rename from nixops/modules/mpd.nix rename to modules/private/mpd.nix diff --git a/nixops/modules/pub/default.nix b/modules/private/pub/default.nix similarity index 93% rename from nixops/modules/pub/default.nix rename to modules/private/pub/default.nix index cdc68db..c31c8eb 100644 --- a/nixops/modules/pub/default.nix +++ b/modules/private/pub/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, config, myconfig, ... }: { options = { - services.pub.enable = lib.mkOption { + myServices.pub.enable = lib.mkOption { type = lib.types.bool; default = false; description = '' @@ -10,7 +10,7 @@ }; }; - config = lib.mkIf config.services.pub.enable { + config = lib.mkIf config.myServices.pub.enable { users.users.pub = let restrict = pkgs.runCommand "restrict" { file = ./restrict; diff --git a/nixops/modules/pub/restrict b/modules/private/pub/restrict similarity index 100% rename from nixops/modules/pub/restrict rename to modules/private/pub/restrict diff --git a/nixops/modules/pub/tmux.restrict.conf b/modules/private/pub/tmux.restrict.conf similarity index 100% rename from nixops/modules/pub/tmux.restrict.conf rename to modules/private/pub/tmux.restrict.conf diff --git a/nixops/modules/ssh/default.nix b/modules/private/ssh/default.nix similarity index 100% rename from nixops/modules/ssh/default.nix rename to modules/private/ssh/default.nix diff --git a/nixops/modules/ssh/ldap_authorized_keys.sh b/modules/private/ssh/ldap_authorized_keys.sh similarity index 100% rename from nixops/modules/ssh/ldap_authorized_keys.sh rename to modules/private/ssh/ldap_authorized_keys.sh diff --git a/modules/private/system.nix b/modules/private/system.nix new file mode 100644 index 0000000..fba504e --- /dev/null +++ b/modules/private/system.nix @@ -0,0 +1,30 @@ +{ pkgs, privateFiles, ... }: +{ + config = { + nixpkgs.overlays = builtins.attrValues (import ../../overlays); + _module.args = { + pkgsNext = import {}; + pkgsPrevious = import {}; + myconfig = { + inherit privateFiles; + env = import "${privateFiles}/environment.nix"; + }; + }; + + services.journald.extraConfig = '' + MaxLevelStore="warning" + MaxRetentionSec="1year" + ''; + + users.users.root.packages = [ + pkgs.telnet + pkgs.htop + pkgs.iftop + ]; + + environment.systemPackages = [ + pkgs.vim + ]; + + }; +} diff --git a/nixops/modules/task/default.nix b/modules/private/tasks/default.nix similarity index 99% rename from nixops/modules/task/default.nix rename to modules/private/tasks/default.nix index 9aeaa3f..30f49ee 100644 --- a/nixops/modules/task/default.nix +++ b/modules/private/tasks/default.nix @@ -1,6 +1,6 @@ { lib, pkgs, config, myconfig, ... }: let - cfg = config.services.myTasks; + cfg = config.myServices.tasks; server_vardir = config.services.taskserver.dataDir; fqdn = "task.immae.eu"; user = config.services.taskserver.user; @@ -81,7 +81,7 @@ let echo "Please login" > $out/index.html ''; in { - options.services.myTasks = { + options.myServices.tasks = { enable = lib.mkEnableOption "my tasks service"; }; diff --git a/nixops/modules/task/www/index.php b/modules/private/tasks/www/index.php similarity index 100% rename from nixops/modules/task/www/index.php rename to modules/private/tasks/www/index.php diff --git a/modules/private/websites/tools/git/default.nix b/modules/private/websites/tools/git/default.nix index 3e8b605..75d0240 100644 --- a/modules/private/websites/tools/git/default.nix +++ b/modules/private/websites/tools/git/default.nix @@ -4,7 +4,9 @@ let inherit (pkgs.webapps) mantisbt_2 mantisbt_2-plugins; env = myconfig.env.tools.mantisbt; }; - gitweb = pkgs.callPackage ./gitweb.nix { gitoliteDir = config.services.myGitolite.gitoliteDir; }; + gitweb = pkgs.callPackage ./gitweb.nix { + gitoliteDir = config.myServices.gitolite.gitoliteDir; + }; cfg = config.myServices.websites.tools.git; in { diff --git a/nixops/eldiron.nix b/nixops/eldiron.nix index 69231d1..51af1f6 100644 --- a/nixops/eldiron.nix +++ b/nixops/eldiron.nix @@ -7,17 +7,8 @@ eldiron = { config, pkgs, myconfig, ... }: { - nixpkgs.overlays = builtins.attrValues (import ../overlays); - _module.args = { - pkgsNext = import {}; - pkgsPrevious = import {}; - myconfig = { - inherit privateFiles; - env = import "${privateFiles}/environment.nix"; - }; - }; - boot.kernelPackages = pkgs.linuxPackages_latest; + _module.args.privateFiles = privateFiles; networking = { firewall.enable = true; @@ -30,30 +21,15 @@ myconfig.env.servers.eldiron.ips); }; - imports = [ - ./modules/ssh - ./modules/certificates.nix - ./modules/gitolite - ./modules/mpd.nix - ./modules/mail.nix - ./modules/ftp.nix - ./modules/pub - ./modules/task - ./modules/buildbot - ./modules/dns.nix - ] ++ (builtins.attrValues (import ../modules)); + imports = builtins.attrValues (import ../modules); + + myServices.buildbot.enable = true; myServices.databases.enable = true; + myServices.gitolite.enable = true; myServices.irc.enable = true; - services.myGitolite.enable = true; + myServices.pub.enable = true; + myServices.tasks.enable = true; services.pure-ftpd.enable = true; - services.pub.enable = true; - services.myTasks.enable = true; - services.buildbot.enable = true; - - services.journald.extraConfig = '' - MaxLevelStore="warning" - MaxRetentionSec="1year" - ''; deployment = { targetEnv = "hetzner"; @@ -75,16 +51,6 @@ }; }; - users.users.root.packages = [ - pkgs.telnet - pkgs.htop - pkgs.iftop - ]; - - environment.systemPackages = [ - pkgs.vim - ]; - services.cron = { enable = true; systemCronJobs = [