StuRa/stura-infra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix update script fqdn

Browse source
This commit is contained in:
goeranh 2025-11-07 18:04:54 +01:00
parent 6f94a03a3c
commit 0f2922dffd
No known key found for this signature in database
5 changed files with 24 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

50
flake.nix
View file

@ -41,8 +41,23 @@
result: name: result: name:
result result
// { // {
"${name}-iso" = nixosConfigurations."${name}-installer".config.system.build.isoImage; "${name}-iso" = (nixosConfigurations."${name}".extendModules {
"${name}-container" = nixosConfigurations."${name}-container".config.system.build.tarball; modules = [
"${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
{
users.users.administration.password = "test";
users.users.root.password = "test";
}
];
}).config.system.build.isoImage;
"${name}-container" = (nixosConfigurations."${name}".extendModules {
modules = [
"${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
{
networking.defaultGateway.interface = "enp1s0";
}
];
}).config.system.build.tarball;
"${name}-update" = nixpkgs.legacyPackages.x86_64-linux.writeShellScriptBin "update" '' "${name}-update" = nixpkgs.legacyPackages.x86_64-linux.writeShellScriptBin "update" ''
nixos-rebuild switch --flake .#${name} --target-host root@${name}.test.htw.stura-dresden.de nixos-rebuild switch --flake .#${name} --target-host root@${name}.test.htw.stura-dresden.de
''; '';
@ -79,37 +94,6 @@
mailserver.nixosModules.mailserver mailserver.nixosModules.mailserver
]; ];
}; };
# build iso image vor every config
"${input}-installer" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/${input}
./default.nix
disko.nixosModules.disko
authentik.nixosModules.default
mailserver.nixosModules.mailserver
"${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
{
users.users.administration.password = "test";
users.users.root.password = "test";
}
];
};
"${input}-container" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/${input}
./default.nix
disko.nixosModules.disko
authentik.nixosModules.default
mailserver.nixosModules.mailserver
"${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
{
networking.defaultGateway.interface = "enp1s0";
}
];
};
} }
) { } (builtins.attrNames (builtins.readDir ./hosts)); ) { } (builtins.attrNames (builtins.readDir ./hosts));
}; };

7
hosts/authentik/authentik.nix → hosts/auth/authentik.nix
View file

@ -42,6 +42,13 @@
}; };
}; };
systemd.services.authentik-secrets-generator = {
enable = true;
requiredBy = [ "authentik-secrets-setup.service" "authentik-worker.service" ];
script = ''
echo "AUTHENTIK_SECRET_KEY=$(${pkgs.openssl}/bin/openssl rand -hex 32)" > /var/lib/authentik_secret
'';
};
services.nginx = { services.nginx = {
enable = true; enable = true;

0
hosts/authentik/default.nix → hosts/auth/default.nix
View file

0
hosts/authentik/hardware-configuration.nix → hosts/auth/hardware-configuration.nix
View file

0
hosts/authentik/hetzner-disk.nix → hosts/auth/hetzner-disk.nix
View file