diff --git a/.sops.yaml b/.sops.yaml
index c761610..9351196 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -57,7 +57,7 @@ creation_rules:
- *ryantm
- *zimbatm
- *zowoq
- - path_regex: roles/hercules-ci/.+\.yaml$
+ - path_regex: modules/nixos/hercules-ci/.+\.yaml$
key_groups:
- age:
- *build02
@@ -67,7 +67,7 @@ creation_rules:
- *ryantm
- *zimbatm
- *zowoq
- - path_regex: roles/.+\.yaml$
+ - path_regex: modules/.+\.yaml$
key_groups:
- age:
- *build01
diff --git a/build01/configuration.nix b/build01/configuration.nix
index 04f64fe..bb482ca 100644
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@@ -12,11 +12,11 @@
{
imports = [
inputs.srvos.nixosModules.hardware-hetzner-online-amd
- ../roles/common.nix
- ../roles/raid.nix
- ../roles/zfs.nix
- ../roles/builder
- ../roles/remote-builder/aarch64-nixos-community.nix
+ inputs.self.nixosModules.common
+ inputs.self.nixosModules.raid
+ inputs.self.nixosModules.zfs
+ inputs.self.nixosModules.builder
+ inputs.self.nixosModules.remote-builder-aarch64-nixos-community
];
# Emulate riscv64 until we have proper builders
diff --git a/build02/configuration.nix b/build02/configuration.nix
index a9a88c3..0800f01 100644
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@@ -6,11 +6,11 @@
inputs.srvos.nixosModules.hardware-hetzner-online-amd
./nixpkgs-update.nix
./nixpkgs-update-backup.nix
- ../roles/common.nix
- ../roles/hercules-ci
- ../roles/raid.nix
- ../roles/zfs.nix
- ../roles/remote-builder/aarch64-build04.nix
+ inputs.self.nixosModules.common
+ inputs.self.nixosModules.hercules-ci
+ inputs.self.nixosModules.raid
+ inputs.self.nixosModules.zfs
+ inputs.self.nixosModules.remote-builder-aarch64-build04
];
# /boot is a mirror raid
diff --git a/build02/nixpkgs-update.nix b/build02/nixpkgs-update.nix
index d6481e7..0703e98 100644
--- a/build02/nixpkgs-update.nix
+++ b/build02/nixpkgs-update.nix
@@ -179,7 +179,7 @@ in
sops.secrets.nix-community-cachix = {
path = "/home/r-ryantm/.config/cachix/cachix.dhall";
- sopsFile = "${toString inputs.self}/roles/nix-community-cache/secrets.yaml";
+ sopsFile = "${toString inputs.self}/modules/nixos/nix-community-cache/secrets.yaml";
owner = "r-ryantm";
group = "r-ryantm";
};
diff --git a/build03/configuration.nix b/build03/configuration.nix
index f4ea318..eec3476 100644
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@@ -12,14 +12,14 @@
imports = [
inputs.srvos.nixosModules.mixins-nginx
inputs.srvos.nixosModules.hardware-hetzner-online-amd
- ../roles/common.nix
- ../roles/hercules-ci
- ../roles/raid.nix
- ../roles/zfs.nix
- ../roles/remote-builder/aarch64-build04.nix
+ inputs.self.nixosModules.common
+ inputs.self.nixosModules.hercules-ci
+ inputs.self.nixosModules.raid
+ inputs.self.nixosModules.zfs
+ inputs.self.nixosModules.remote-builder-aarch64-build04
- ../services/hydra
- ../services/nur-update
+ inputs.self.nixosModules.hydra
+ inputs.self.nixosModules.nur-update
];
# /boot is a mirror raid
diff --git a/build04/configuration.nix b/build04/configuration.nix
index 35e6663..3ebe563 100644
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@@ -3,15 +3,15 @@
imports = [
inputs.disko.nixosModules.disko
./hardware-configuration.nix
- ../roles/common.nix
- ../roles/hercules-ci
- ../roles/remote-builder/user.nix
+ inputs.self.nixosModules.common
+ inputs.self.nixosModules.hercules-ci
+ inputs.self.nixosModules.remote-builder-user
];
nixpkgs.system = "aarch64-linux";
# disable kvm/nixos-tests
- nix.settings.system-features = [ "big-parallel" ]; # sync with roles/remote-builder/aarch64-build04.nix
+ nix.settings.system-features = [ "big-parallel" ]; # sync with modules/nixos/remote-builder/aarch64-build04.nix
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 3;
diff --git a/docs/community-builder.md b/docs/community-builder.md
index 5fd03e3..d572921 100644
--- a/docs/community-builder.md
+++ b/docs/community-builder.md
@@ -4,7 +4,7 @@ We provide an `x86_64-linux` build machine as a public remote builder for the ni
#### Access
-If you want access read the security guide lines on [aarch64-build-box](https://github.com/nix-community/aarch64-build-box). Than add your username to [`roles/builder/users.nix`](https://github.com/nix-community/infra/blob/master/roles/builder/users.nix). Don't keep any important data in your home! We will regularly delete `/home` without further notice.
+If you want access read the security guide lines on [aarch64-build-box](https://github.com/nix-community/aarch64-build-box). Than add your username to [`builder/users.nix`](https://github.com/nix-community/infra/blob/master/modules/nixos/builder/users.nix). Don't keep any important data in your home! We will regularly delete `/home` without further notice.
#### Using your NixOS home-manager configuration on the hosts
diff --git a/flake.nix b/flake.nix
index 3f04985..83556f6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -114,6 +114,21 @@
};
};
+ flake.nixosModules = {
+ common = ./modules/nixos/common.nix;
+
+ builder = ./modules/nixos/builder;
+ hercules-ci = ./modules/nixos/hercules-ci;
+ hydra = ./modules/nixos/hydra;
+ nur-update = ./modules/nixos/nur-update;
+ raid = ./modules/nixos/raid.nix;
+ remote-builder-aarch64-build04 = ./modules/nixos/remote-builder/aarch64-build04.nix;
+ remote-builder-aarch64-nixos-community = ./modules/nixos/remote-builder/aarch64-nixos-community.nix;
+ remote-builder-user = ./modules/nixos/remote-builder/user.nix;
+ watch-store = ./modules/nixos/watch-store.nix;
+ zfs = ./modules/nixos/zfs.nix;
+ };
+
flake.lib.nixosSystem = args:
inputs.nixpkgs.lib.nixosSystem ({ specialArgs = { inherit inputs; }; } // args);
};
diff --git a/roles/auto-upgrade.nix b/modules/nixos/auto-upgrade.nix
similarity index 100%
rename from roles/auto-upgrade.nix
rename to modules/nixos/auto-upgrade.nix
diff --git a/roles/builder/default.nix b/modules/nixos/builder/default.nix
similarity index 100%
rename from roles/builder/default.nix
rename to modules/nixos/builder/default.nix
diff --git a/roles/builder/keys/0x4A6F b/modules/nixos/builder/keys/0x4A6F
similarity index 100%
rename from roles/builder/keys/0x4A6F
rename to modules/nixos/builder/keys/0x4A6F
diff --git a/roles/builder/keys/a-kenji b/modules/nixos/builder/keys/a-kenji
similarity index 100%
rename from roles/builder/keys/a-kenji
rename to modules/nixos/builder/keys/a-kenji
diff --git a/roles/builder/keys/ckie b/modules/nixos/builder/keys/ckie
similarity index 100%
rename from roles/builder/keys/ckie
rename to modules/nixos/builder/keys/ckie
diff --git a/roles/builder/keys/fgaz b/modules/nixos/builder/keys/fgaz
similarity index 100%
rename from roles/builder/keys/fgaz
rename to modules/nixos/builder/keys/fgaz
diff --git a/roles/builder/keys/flokli b/modules/nixos/builder/keys/flokli
similarity index 100%
rename from roles/builder/keys/flokli
rename to modules/nixos/builder/keys/flokli
diff --git a/roles/builder/keys/jtojnar b/modules/nixos/builder/keys/jtojnar
similarity index 100%
rename from roles/builder/keys/jtojnar
rename to modules/nixos/builder/keys/jtojnar
diff --git a/roles/builder/keys/lewo b/modules/nixos/builder/keys/lewo
similarity index 100%
rename from roles/builder/keys/lewo
rename to modules/nixos/builder/keys/lewo
diff --git a/roles/builder/keys/raitobezarius b/modules/nixos/builder/keys/raitobezarius
similarity index 100%
rename from roles/builder/keys/raitobezarius
rename to modules/nixos/builder/keys/raitobezarius
diff --git a/roles/builder/keys/schmittlauch b/modules/nixos/builder/keys/schmittlauch
similarity index 100%
rename from roles/builder/keys/schmittlauch
rename to modules/nixos/builder/keys/schmittlauch
diff --git a/roles/builder/keys/stephank b/modules/nixos/builder/keys/stephank
similarity index 100%
rename from roles/builder/keys/stephank
rename to modules/nixos/builder/keys/stephank
diff --git a/roles/builder/keys/winter b/modules/nixos/builder/keys/winter
similarity index 100%
rename from roles/builder/keys/winter
rename to modules/nixos/builder/keys/winter
diff --git a/roles/builder/packages.nix b/modules/nixos/builder/packages.nix
similarity index 100%
rename from roles/builder/packages.nix
rename to modules/nixos/builder/packages.nix
diff --git a/roles/builder/users.nix b/modules/nixos/builder/users.nix
similarity index 100%
rename from roles/builder/users.nix
rename to modules/nixos/builder/users.nix
diff --git a/roles/common.nix b/modules/nixos/common.nix
similarity index 100%
rename from roles/common.nix
rename to modules/nixos/common.nix
diff --git a/roles/disko.nix b/modules/nixos/disko.nix
similarity index 100%
rename from roles/disko.nix
rename to modules/nixos/disko.nix
diff --git a/roles/hercules-ci/default.nix b/modules/nixos/hercules-ci/default.nix
similarity index 100%
rename from roles/hercules-ci/default.nix
rename to modules/nixos/hercules-ci/default.nix
diff --git a/roles/hercules-ci/secrets.yaml b/modules/nixos/hercules-ci/secrets.yaml
similarity index 100%
rename from roles/hercules-ci/secrets.yaml
rename to modules/nixos/hercules-ci/secrets.yaml
diff --git a/services/hydra/default.nix b/modules/nixos/hydra/default.nix
similarity index 98%
rename from services/hydra/default.nix
rename to modules/nixos/hydra/default.nix
index 3eb0e24..06878ca 100644
--- a/services/hydra/default.nix
+++ b/modules/nixos/hydra/default.nix
@@ -45,7 +45,7 @@ in
];
nix.settings.post-build-hook = "${upload-to-cachix}/bin/upload-to-cachix";
- sops.secrets.nix-community-cachix.sopsFile = "${toString inputs.self}/roles/nix-community-cache/secrets.yaml";
+ sops.secrets.nix-community-cachix.sopsFile = "${toString inputs.self}/modules/nixos/nix-community-cache/secrets.yaml";
sops.secrets.id_buildfarm = { };
# delete build logs older than 30 days
diff --git a/roles/nix-community-cache/secrets.yaml b/modules/nixos/nix-community-cache/secrets.yaml
similarity index 100%
rename from roles/nix-community-cache/secrets.yaml
rename to modules/nixos/nix-community-cache/secrets.yaml
diff --git a/roles/nix-daemon.nix b/modules/nixos/nix-daemon.nix
similarity index 100%
rename from roles/nix-daemon.nix
rename to modules/nixos/nix-daemon.nix
diff --git a/services/nur-update/default.nix b/modules/nixos/nur-update/default.nix
similarity index 100%
rename from services/nur-update/default.nix
rename to modules/nixos/nur-update/default.nix
diff --git a/roles/raid.nix b/modules/nixos/raid.nix
similarity index 100%
rename from roles/raid.nix
rename to modules/nixos/raid.nix
diff --git a/roles/remote-builder/aarch64-build04.nix b/modules/nixos/remote-builder/aarch64-build04.nix
similarity index 100%
rename from roles/remote-builder/aarch64-build04.nix
rename to modules/nixos/remote-builder/aarch64-build04.nix
diff --git a/roles/remote-builder/aarch64-nixos-community.nix b/modules/nixos/remote-builder/aarch64-nixos-community.nix
similarity index 100%
rename from roles/remote-builder/aarch64-nixos-community.nix
rename to modules/nixos/remote-builder/aarch64-nixos-community.nix
diff --git a/roles/remote-builder/user.nix b/modules/nixos/remote-builder/user.nix
similarity index 100%
rename from roles/remote-builder/user.nix
rename to modules/nixos/remote-builder/user.nix
diff --git a/roles/security.nix b/modules/nixos/security.nix
similarity index 100%
rename from roles/security.nix
rename to modules/nixos/security.nix
diff --git a/roles/sops-nix.nix b/modules/nixos/sops-nix.nix
similarity index 100%
rename from roles/sops-nix.nix
rename to modules/nixos/sops-nix.nix
diff --git a/roles/users.nix b/modules/nixos/users.nix
similarity index 100%
rename from roles/users.nix
rename to modules/nixos/users.nix
diff --git a/roles/watch-store.nix b/modules/nixos/watch-store.nix
similarity index 100%
rename from roles/watch-store.nix
rename to modules/nixos/watch-store.nix
diff --git a/roles/zfs.nix b/modules/nixos/zfs.nix
similarity index 100%
rename from roles/zfs.nix
rename to modules/nixos/zfs.nix