2 files changed, 27 insertions, 26 deletions
diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix
index 5d692c6..84e52d5 100644
--- a/modules/private/system/backup-2.nix
+++ b/modules/private/system/backup-2.nix
@@ -1,15 +1,16 @@
 { privateFiles }:
-{ config, pkgs, myconfig, resources, ... }:
+{ config, pkgs, resources, ... }:
 {
  boot.kernelPackages = pkgs.linuxPackages_latest;
-  _module.args.privateFiles = privateFiles;
+  myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
-  _module.args.hostFQDN = "backup-2.v.immae.eu";
+  hostEnv.FQDN = "backup-2.v.immae.eu";
  imports = builtins.attrValues (import ../..);
  deployment = {
    targetEnv = "hetznerCloud";
    hetznerCloud = {
-      authToken = myconfig.env.hetznerCloud.authToken;
+      authToken = config.myEnv.hetznerCloud.authToken;
      datacenter = "hel1-dc2";
      location  ="hel1";
      serverType = "cx11";
@@ -27,10 +28,10 @@
    firewall.enable = true;
    interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
      (n: ips: { address = ips.ip4; prefixLength = 32; })
-      (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") myconfig.env.servers.backup-2.ips);
+      (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.backup-2.ips);
    interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
      (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
-      myconfig.env.servers.backup-2.ips);
+      config.myEnv.servers.backup-2.ips);
    defaultMailServer = {
      directDelivery = true;
@@ -48,10 +49,10 @@
  services.rsyncBackup = {
    mountpoint = "/backup2";
-    mailto = myconfig.env.rsync_backup.mailto;
+    mailto = config.myEnv.rsync_backup.mailto;
-    profiles = myconfig.env.rsync_backup.profiles;
+    profiles = config.myEnv.rsync_backup.profiles;
-    ssh_key_public = myconfig.env.rsync_backup.ssh_key.public;
+    ssh_key_public = config.myEnv.rsync_backup.ssh_key.public;
-    ssh_key_private = myconfig.env.rsync_backup.ssh_key.private;
+    ssh_key_private = config.myEnv.rsync_backup.ssh_key.private;
  };
  myServices.monitoring.enable = true;
@@ -62,7 +63,7 @@
      hosts = {
        eldiron = {
          slot = "backup_2";
-          connection = "postgresql://backup-2:${myconfig.env.ldap.backup-2.password}@eldiron.immae.eu";
+          connection = "postgresql://backup-2:${config.myEnv.servers.backup-2.ldap.password}@eldiron.immae.eu";
        };
      };
    };
@@ -73,12 +74,12 @@
        eldiron = {
          serverId = 2;
          # mysql resolves "backup-2" host and checks the ip, but uses /etc/hosts which only contains ip4
-          host = myconfig.env.servers.eldiron.ips.main.ip4;
+          host = config.myEnv.servers.eldiron.ips.main.ip4;
          port = "3306";
          user = "backup-2";
-          password = myconfig.env.ldap.backup-2.password;
+          password = config.myEnv.servers.backup-2.ldap.password;
          dumpUser = "root";
-          dumpPassword = myconfig.env.databases.mysql.systemUsers.root;
+          dumpPassword = config.myEnv.databases.mysql.systemUsers.root;
        };
      };
    };
@@ -97,10 +98,10 @@
      base = "/backup2";
      hosts = {
        eldiron = {
-          url = "ldaps://${myconfig.env.ldap.host}:636";
+          url = "ldaps://${config.myEnv.ldap.host}:636";
-          dn = myconfig.env.ldap.replication_dn;
+          dn = config.myEnv.ldap.replication_dn;
-          password = myconfig.env.ldap.replication_pw;
+          password = config.myEnv.ldap.replication_pw;
-          base = myconfig.env.ldap.base;
+          base = config.myEnv.ldap.base;
        };
      };
    };
diff --git a/modules/private/system/eldiron.nix b/modules/private/system/eldiron.nix
index bf4cefb..172e4be 100644
--- a/modules/private/system/eldiron.nix
+++ b/modules/private/system/eldiron.nix
@@ -1,19 +1,19 @@
 { privateFiles }:
-{ config, pkgs, myconfig, ... }:
+{ config, pkgs, ... }:
 {
  boot.kernelPackages = pkgs.linuxPackages_latest;
-  _module.args.privateFiles = privateFiles;
+  myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
-  _module.args.hostFQDN = "eldiron.immae.eu";
+  hostEnv.FQDN = "eldiron.immae.eu";
  networking = {
    firewall.enable = true;
    # 176.9.151.89 declared in nixops -> infra / tools
    interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
      (n: ips: { address = ips.ip4; prefixLength = 32; })
-      (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") myconfig.env.servers.eldiron.ips);
+      (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.eldiron.ips);
    interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
      (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
-      myconfig.env.servers.eldiron.ips);
+      config.myEnv.servers.eldiron.ips);
  };
  imports = builtins.attrValues (import ../..);
@@ -40,9 +40,9 @@
  deployment = {
    targetEnv = "hetzner";
    hetzner = {
-      robotUser = myconfig.env.hetzner.user;
+      robotUser = config.myEnv.hetzner.user;
-      robotPass = myconfig.env.hetzner.pass;
+      robotPass = config.myEnv.hetzner.pass;
-      mainIPv4 = myconfig.env.servers.eldiron.ips.main.ip4;
+      mainIPv4 = config.myEnv.servers.eldiron.ips.main.ip4;
      partitions = ''
        clearpart --all --initlabel --drives=sda,sdb

diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix index 5d692c6..84e52d5 100644 --- a/modules/private/system/backup-2.nix +++ b/modules/private/system/backup-2.nix
@@ -1,15 +1,16 @@
1	{ privateFiles }:	1	{ privateFiles }:
2	{ config, pkgs, myconfig, resources, ... }:	2	{ config, pkgs, resources, ... }:
3	{	3	{
4	boot.kernelPackages = pkgs.linuxPackages_latest;	4	boot.kernelPackages = pkgs.linuxPackages_latest;
5	_module.args.privateFiles = privateFiles;	5	myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
6	_module.args.hostFQDN = "backup-2.v.immae.eu";	6	hostEnv.FQDN = "backup-2.v.immae.eu";
		7
7	imports = builtins.attrValues (import ../..);	8	imports = builtins.attrValues (import ../..);
8		9
9	deployment = {	10	deployment = {
10	targetEnv = "hetznerCloud";	11	targetEnv = "hetznerCloud";
11	hetznerCloud = {	12	hetznerCloud = {
12	authToken = myconfig.env.hetznerCloud.authToken;	13	authToken = config.myEnv.hetznerCloud.authToken;
13	datacenter = "hel1-dc2";	14	datacenter = "hel1-dc2";
14	location ="hel1";	15	location ="hel1";
15	serverType = "cx11";	16	serverType = "cx11";
@@ -27,10 +28,10 @@
27	firewall.enable = true;	28	firewall.enable = true;
28	interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList	29	interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
29	(n: ips: { address = ips.ip4; prefixLength = 32; })	30	(n: ips: { address = ips.ip4; prefixLength = 32; })
30	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") myconfig.env.servers.backup-2.ips);	31	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.backup-2.ips);
31	interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList	32	interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
32	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))	33	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
33	myconfig.env.servers.backup-2.ips);	34	config.myEnv.servers.backup-2.ips);
34		35
35	defaultMailServer = {	36	defaultMailServer = {
36	directDelivery = true;	37	directDelivery = true;
@@ -48,10 +49,10 @@
48		49
49	services.rsyncBackup = {	50	services.rsyncBackup = {
50	mountpoint = "/backup2";	51	mountpoint = "/backup2";
51	mailto = myconfig.env.rsync_backup.mailto;	52	mailto = config.myEnv.rsync_backup.mailto;
52	profiles = myconfig.env.rsync_backup.profiles;	53	profiles = config.myEnv.rsync_backup.profiles;
53	ssh_key_public = myconfig.env.rsync_backup.ssh_key.public;	54	ssh_key_public = config.myEnv.rsync_backup.ssh_key.public;
54	ssh_key_private = myconfig.env.rsync_backup.ssh_key.private;	55	ssh_key_private = config.myEnv.rsync_backup.ssh_key.private;
55	};	56	};
56		57
57	myServices.monitoring.enable = true;	58	myServices.monitoring.enable = true;
@@ -62,7 +63,7 @@
62	hosts = {	63	hosts = {
63	eldiron = {	64	eldiron = {
64	slot = "backup_2";	65	slot = "backup_2";
65	connection = "postgresql://backup-2:${myconfig.env.ldap.backup-2.password}@eldiron.immae.eu";	66	connection = "postgresql://backup-2:${config.myEnv.servers.backup-2.ldap.password}@eldiron.immae.eu";
66	};	67	};
67	};	68	};
68	};	69	};
@@ -73,12 +74,12 @@
73	eldiron = {	74	eldiron = {
74	serverId = 2;	75	serverId = 2;
75	# mysql resolves "backup-2" host and checks the ip, but uses /etc/hosts which only contains ip4	76	# mysql resolves "backup-2" host and checks the ip, but uses /etc/hosts which only contains ip4
76	host = myconfig.env.servers.eldiron.ips.main.ip4;	77	host = config.myEnv.servers.eldiron.ips.main.ip4;
77	port = "3306";	78	port = "3306";
78	user = "backup-2";	79	user = "backup-2";
79	password = myconfig.env.ldap.backup-2.password;	80	password = config.myEnv.servers.backup-2.ldap.password;
80	dumpUser = "root";	81	dumpUser = "root";
81	dumpPassword = myconfig.env.databases.mysql.systemUsers.root;	82	dumpPassword = config.myEnv.databases.mysql.systemUsers.root;
82	};	83	};
83	};	84	};
84	};	85	};
@@ -97,10 +98,10 @@
97	base = "/backup2";	98	base = "/backup2";
98	hosts = {	99	hosts = {
99	eldiron = {	100	eldiron = {
100	url = "ldaps://${myconfig.env.ldap.host}:636";	101	url = "ldaps://${config.myEnv.ldap.host}:636";
101	dn = myconfig.env.ldap.replication_dn;	102	dn = config.myEnv.ldap.replication_dn;
102	password = myconfig.env.ldap.replication_pw;	103	password = config.myEnv.ldap.replication_pw;
103	base = myconfig.env.ldap.base;	104	base = config.myEnv.ldap.base;
104	};	105	};
105	};	106	};
106	};	107	};


diff --git a/modules/private/system/eldiron.nix b/modules/private/system/eldiron.nix index bf4cefb..172e4be 100644 --- a/modules/private/system/eldiron.nix +++ b/modules/private/system/eldiron.nix
@@ -1,19 +1,19 @@
1	{ privateFiles }:	1	{ privateFiles }:
2	{ config, pkgs, myconfig, ... }:	2	{ config, pkgs, ... }:
3	{	3	{
4	boot.kernelPackages = pkgs.linuxPackages_latest;	4	boot.kernelPackages = pkgs.linuxPackages_latest;
5	_module.args.privateFiles = privateFiles;	5	myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
6	_module.args.hostFQDN = "eldiron.immae.eu";	6	hostEnv.FQDN = "eldiron.immae.eu";
7		7
8	networking = {	8	networking = {
9	firewall.enable = true;	9	firewall.enable = true;
10	# 176.9.151.89 declared in nixops -> infra / tools	10	# 176.9.151.89 declared in nixops -> infra / tools
11	interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList	11	interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
12	(n: ips: { address = ips.ip4; prefixLength = 32; })	12	(n: ips: { address = ips.ip4; prefixLength = 32; })
13	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") myconfig.env.servers.eldiron.ips);	13	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.eldiron.ips);
14	interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList	14	interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
15	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))	15	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
16	myconfig.env.servers.eldiron.ips);	16	config.myEnv.servers.eldiron.ips);
17	};	17	};
18		18
19	imports = builtins.attrValues (import ../..);	19	imports = builtins.attrValues (import ../..);
@@ -40,9 +40,9 @@
40	deployment = {	40	deployment = {
41	targetEnv = "hetzner";	41	targetEnv = "hetzner";
42	hetzner = {	42	hetzner = {
43	robotUser = myconfig.env.hetzner.user;	43	robotUser = config.myEnv.hetzner.user;
44	robotPass = myconfig.env.hetzner.pass;	44	robotPass = config.myEnv.hetzner.pass;
45	mainIPv4 = myconfig.env.servers.eldiron.ips.main.ip4;	45	mainIPv4 = config.myEnv.servers.eldiron.ips.main.ip4;
46	partitions = ''	46	partitions = ''
47	clearpart --all --initlabel --drives=sda,sdb	47	clearpart --all --initlabel --drives=sda,sdb
48		48