diff --git a/build01/configuration.nix b/build01/configuration.nix
index aa74cbd..04f64fe 100644
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ inputs, ... }:
# Boot recovery:
# Activate 64-bit Rescue system in https://robot.your-server.de/server
# ssh root@build01.nix-community.org "mount /dev/md[0-9]* /mnt && /mnt/kexec_bundle"
@@ -11,6 +11,7 @@
# nixos-enter
{
imports = [
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
../roles/common.nix
../roles/raid.nix
../roles/zfs.nix
diff --git a/build02/configuration.nix b/build02/configuration.nix
index 77bac47..a9a88c3 100644
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@@ -1,7 +1,9 @@
-{ ... }:
+{ inputs, ... }:
{
imports = [
+ inputs.srvos.nixosModules.mixins-nginx
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
./nixpkgs-update.nix
./nixpkgs-update-backup.nix
../roles/common.nix
diff --git a/build03/configuration.nix b/build03/configuration.nix
index 5a3df75..f805418 100644
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@@ -1,4 +1,4 @@
-{ ... }:
+{ inputs, ... }:
{
# Boot recovery:
# Activate 64-bit Rescue system in https://robot.your-server.de/server
@@ -10,6 +10,8 @@
# $ zpool import -f zroot && mount -t zfs zroot/root/nixos /mnt && mount -t zfs zroot/root/home /mnt/home && mount /dev/md[0-9]* /mnt/boot
# $ nixos-enter
imports = [
+ inputs.srvos.nixosModules.mixins-nginx
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
../roles/common.nix
../roles/hercules-ci
../roles/watch-store.nix
diff --git a/build04/configuration.nix b/build04/configuration.nix
index 6c77710..35e6663 100644
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@@ -1,5 +1,7 @@
+{ inputs, ... }:
{
imports = [
+ inputs.disko.nixosModules.disko
./hardware-configuration.nix
../roles/common.nix
../roles/hercules-ci
diff --git a/flake.nix b/flake.nix
index 815054c..803c35c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -91,59 +91,28 @@
flake.nixosConfigurations =
let
- inherit (inputs.nixpkgs.lib) nixosSystem;
- common = [
- { _module.args.inputs = inputs; }
- { srvos.flake = inputs.self; }
- inputs.sops-nix.nixosModules.sops
- inputs.srvos.nixosModules.server
-
- inputs.srvos.nixosModules.mixins-telegraf
- { networking.firewall.allowedTCPPorts = [ 9273 ]; }
- ];
+ inherit (self.lib) nixosSystem;
in
{
build01 = nixosSystem {
system = "x86_64-linux";
- modules =
- common
- ++ [
- ./build01/configuration.nix
- inputs.srvos.nixosModules.hardware-hetzner-online-amd
- ];
+ modules = [ ./build01/configuration.nix ];
};
-
build02 = nixosSystem {
system = "x86_64-linux";
- modules =
- common
- ++ [
- ./build02/configuration.nix
- inputs.srvos.nixosModules.mixins-nginx
- inputs.srvos.nixosModules.hardware-hetzner-online-amd
- ];
+ modules = [ ./build02/configuration.nix ];
};
-
build03 = nixosSystem {
system = "x86_64-linux";
- modules =
- common
- ++ [
- ./build03/configuration.nix
- inputs.srvos.nixosModules.mixins-nginx
- inputs.srvos.nixosModules.hardware-hetzner-online-amd
- ];
+ modules = [ ./build03/configuration.nix ];
};
-
build04 = nixosSystem {
system = "aarch64-linux";
- modules =
- common
- ++ [
- ./build04/configuration.nix
- inputs.disko.nixosModules.disko
- ];
+ modules = [ ./build04/configuration.nix ];
};
};
+
+ flake.lib.nixosSystem = args:
+ inputs.nixpkgs.lib.nixosSystem ({ specialArgs = { inherit inputs; }; } // args);
};
}
diff --git a/roles/common.nix b/roles/common.nix
index af3be6c..7150849 100644
--- a/roles/common.nix
+++ b/roles/common.nix
@@ -1,3 +1,4 @@
+{ inputs, ... }:
{
imports = [
./auto-upgrade.nix
@@ -5,8 +6,15 @@
./security.nix
./sops-nix.nix
./users.nix
+ inputs.sops-nix.nixosModules.sops
+ inputs.srvos.nixosModules.mixins-telegraf
+ inputs.srvos.nixosModules.server
];
+ networking.firewall.allowedTCPPorts = [ 9273 ];
+
+ srvos.flake = inputs.self;
+
zramSwap.enable = true;
security.acme.defaults.email = "trash@nix-community.org";