fix update script fqdn

2025-11-07 18:04:54 +01:00 · 2025-11-07 18:04:54 +01:00 · 0f2922dffd
commit 0f2922dffd
parent 6f94a03a3c
5 changed files with 24 additions and 33 deletions
--- a/flake.nix
+++ b/flake.nix
@ -41,8 +41,23 @@
            result: name:
            result
            // {
-              "${name}-iso" = nixosConfigurations."${name}-installer".config.system.build.isoImage;
-              "${name}-container" = nixosConfigurations."${name}-container".config.system.build.tarball;
+              "${name}-iso" = (nixosConfigurations."${name}".extendModules {
+                modules = [
+                  "${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
+                  {
+                    users.users.administration.password = "test";
+                    users.users.root.password = "test";
+                  }
+                ];
+              }).config.system.build.isoImage;
+              "${name}-container" = (nixosConfigurations."${name}".extendModules {
+                modules = [
+                  "${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
+                  {
+                    networking.defaultGateway.interface = "enp1s0";
+                  }
+                ];
+              }).config.system.build.tarball;
              "${name}-update" = nixpkgs.legacyPackages.x86_64-linux.writeShellScriptBin "update" ''
              nixos-rebuild switch --flake .#${name} --target-host root@${name}.test.htw.stura-dresden.de
              '';
@ -79,37 +94,6 @@
              mailserver.nixosModules.mailserver
            ];
          };
-
-          # build iso image vor every config
-          "${input}-installer" = nixpkgs.lib.nixosSystem {
-            system = "x86_64-linux";
-            modules = [
-              ./hosts/${input}
-              ./default.nix
-              disko.nixosModules.disko
-              authentik.nixosModules.default
-              mailserver.nixosModules.mailserver
-              "${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
-              {
-                users.users.administration.password = "test";
-                users.users.root.password = "test";
-              }
-            ];
-          };
-          "${input}-container" = nixpkgs.lib.nixosSystem {
-            system = "x86_64-linux";
-            modules = [
-              ./hosts/${input}
-              ./default.nix
-              disko.nixosModules.disko
-              authentik.nixosModules.default
-              mailserver.nixosModules.mailserver
-              "${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
-              {
-                networking.defaultGateway.interface = "enp1s0";
-              }
-            ];
-          };
        }
      ) { } (builtins.attrNames (builtins.readDir ./hosts));
    };
--- a/hosts/authentik/authentik.nix
+++ b/hosts/authentik/authentik.nix
@ -42,6 +42,13 @@
    };
  };

+  systemd.services.authentik-secrets-generator = {
+    enable = true;
+    requiredBy = [ "authentik-secrets-setup.service" "authentik-worker.service" ];
+    script = ''
+      echo "AUTHENTIK_SECRET_KEY=$(${pkgs.openssl}/bin/openssl rand -hex 32)" > /var/lib/authentik_secret
+    '';
+  };

  services.nginx = {
    enable = true;
--- a/hosts/authentik/default.nix
+++ b/hosts/authentik/default.nix
--- a/hosts/authentik/hardware-configuration.nix
+++ b/hosts/authentik/hardware-configuration.nix
--- a/hosts/authentik/hetzner-disk.nix
+++ b/hosts/authentik/hetzner-disk.nix