Beginn target shenanigans
This commit is contained in:
parent
5b06f60c93
commit
debd837f8a
|
@ -9,7 +9,7 @@
|
||||||
i18n.defaultLocale = "en_US.UTF-8";
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
# For nixos-rebuild
|
# For nixos-rebuild
|
||||||
nixpkgs.overlays = import ../../overlays { inherit lib; };
|
nixpkgs.overlays = [ (_: _: { withSecrets = false; }) ] ++ import ../../overlays { inherit lib; };
|
||||||
|
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
|
15
nixos/target.nix
Normal file
15
nixos/target.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ withSecrets ? false }:
|
||||||
|
let
|
||||||
|
sources = import ../nix/sources.nix;
|
||||||
|
inherit (import sources.nixpkgs { }) lib pkgs;
|
||||||
|
machines = lib.attrNames (builtins.readDir ./machines);
|
||||||
|
getConfig = hostname:
|
||||||
|
args:
|
||||||
|
import (./machines + "/${hostname}/configuration.nix") (args // {
|
||||||
|
bla = "fünf";
|
||||||
|
});
|
||||||
|
in lib.listToAttrs (map (hostname: {
|
||||||
|
name = hostname;
|
||||||
|
value =
|
||||||
|
(import <nixpkgs/nixos> { configuration = getConfig hostname; }).system;
|
||||||
|
}) machines)
|
|
@ -1,8 +1,14 @@
|
||||||
final: prec: {
|
final: prev:
|
||||||
withSecrets = let val = builtins.pathExists ../private/submodule-is-checked-out;
|
let
|
||||||
in builtins.trace
|
# val = if prev.withSecrets then
|
||||||
(if val then "Building _with_ secrets!" else "Building _without_ secrets!")
|
# assert builtins.pathExists ../private/submodule-is-checked-out; true
|
||||||
val;
|
# else
|
||||||
|
# false;
|
||||||
|
val = builtins.pathExists ../private/submodule-is-checked-out;
|
||||||
|
in {
|
||||||
|
withSecrets = builtins.trace
|
||||||
|
(if val then "Building _with_ secrets!" else "Building _without_ secrets!")
|
||||||
|
val;
|
||||||
privatePath = name:
|
privatePath = name:
|
||||||
let path = "/etc/nixos/private/${name}";
|
let path = "/etc/nixos/private/${name}";
|
||||||
in if final.withSecrets then
|
in if final.withSecrets then
|
||||||
|
@ -12,5 +18,8 @@ final: prec: {
|
||||||
privateValue = default: name:
|
privateValue = default: name:
|
||||||
if final.withSecrets then import (../private + "/${name}.nix") else default;
|
if final.withSecrets then import (../private + "/${name}.nix") else default;
|
||||||
privateFile = name:
|
privateFile = name:
|
||||||
if final.withSecrets then ../private + "/${name}" else builtins.toFile "missing-secret-file-${name}" "";
|
if final.withSecrets then
|
||||||
|
../private + "/${name}"
|
||||||
|
else
|
||||||
|
builtins.toFile "missing-secret-file-${name}" "";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue