diff --git a/flake.nix b/flake.nix index 7c80052..465f510 100644 --- a/flake.nix +++ b/flake.nix @@ -44,7 +44,7 @@ constants = import ./lib/constants.nix; user = constants.user; darwinHosts = ["chidi" "jason"]; - nixosHosts = ["michael" "mindy" "tahani"]; + nixosHosts = ["michael" "tahani"]; overlays = import ./overlays {inherit inputs;}; in { systems = [ @@ -144,7 +144,14 @@ "build-switch" "rollback" ]; - in { + in { + flake.nixosModules = { + pgbackrest = ./modules/pgbackrest.nix; + }; + + flake.lib = { + constants = import ./lib/constants.nix; + }; apps = builtins.listToAttrs ( map (n: { diff --git a/hosts/mindy/default.nix b/hosts/mindy/default.nix deleted file mode 100644 index cd1bba4..0000000 --- a/hosts/mindy/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ - modulesPath, - hostname, - inputs, - user, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - (modulesPath + "/profiles/qemu-guest.nix") - ./disk-config.nix - ./hardware-configuration.nix - ./pgbackrest.nix - ./secrets.nix - ../../modules/pgbackrest.nix - ../../profiles/core.nix - ../../profiles/openssh.nix - ../../profiles/fail2ban.nix - ../../profiles/nixos.nix - ../../profiles/postgresql.nix - ../../profiles/tailscale.nix - inputs.disko.nixosModules.disko - inputs.sops-nix.nixosModules.sops - ]; - - home-manager.users.${user} = { - imports = [ - inputs.nixvim.homeModules.nixvim - ../../profiles/bash.nix - ../../profiles/bat.nix - ../../profiles/direnv.nix - ../../profiles/eza.nix - ../../profiles/fish.nix - ../../profiles/fzf.nix - ../../profiles/git.nix - ../../profiles/home.nix - ../../profiles/jjui.nix - ../../profiles/jujutsu.nix - ../../profiles/lazygit.nix - ../../profiles/neovim - ../../profiles/ripgrep.nix - ../../profiles/ssh.nix - ../../profiles/starship.nix - ../../profiles/zoxide.nix - ]; - }; - - virtualisation.docker = { - enable = true; - daemon.settings = { - log-driver = "local"; - }; - }; - - networking.hostName = hostname; - - services.postgresql = { - ensureDatabases = ["shnosh"]; - ensureUsers = [ - { - name = "shnosh"; - ensureDBOwnership = true; - ensureClauses.superuser = true; - } - ]; - }; -} diff --git a/hosts/mindy/disk-config.nix b/hosts/mindy/disk-config.nix deleted file mode 100644 index c851874..0000000 --- a/hosts/mindy/disk-config.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ - disko.devices = { - disk = { - main = { - type = "disk"; - device = "/dev/sda"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; - }; - ESP = { - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = ["umask=0077"]; - }; - }; - root = { - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/mindy/hardware-configuration.nix b/hosts/mindy/hardware-configuration.nix deleted file mode 100644 index e9ba45b..0000000 --- a/hosts/mindy/hardware-configuration.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - - networking.useDHCP = lib.mkDefault true; -} diff --git a/hosts/mindy/pgbackrest.nix b/hosts/mindy/pgbackrest.nix deleted file mode 100644 index d1f219b..0000000 --- a/hosts/mindy/pgbackrest.nix +++ /dev/null @@ -1,7 +0,0 @@ -{...}: { - my.pgbackrest = { - enable = true; - secretFile = "/run/secrets/mindy-pgbackrest"; - s3.bucket = "mindy-pgbackrest"; - }; -} diff --git a/hosts/mindy/secrets.nix b/hosts/mindy/secrets.nix deleted file mode 100644 index c61eda9..0000000 --- a/hosts/mindy/secrets.nix +++ /dev/null @@ -1,8 +0,0 @@ -{...}: { - sops.secrets.mindy-pgbackrest = { - sopsFile = ../../secrets/mindy-pgbackrest; - format = "binary"; - owner = "postgres"; - group = "postgres"; - }; -} diff --git a/secrets/mindy-pgbackrest b/secrets/mindy-pgbackrest deleted file mode 100644 index 2242d42..0000000 --- a/secrets/mindy-pgbackrest +++ /dev/null @@ -1,31 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:eKRNy5UoUlvAhUraxQwVYA23z8+TRG/iKJRamOtyrBO+Xbgb2sh5JR7ALO8D1OzY/g6urs5/DJIEufD26ahwMiCiJyoVV6GP1/bBxBu2OYmsj6nq6f8RubEgk5zpBclmG/RhnSXVJ87XhfijbLkq1RGRvH460mUKHf4wV3xPVUk6LXxH99oaTpgRXgmC7XD+4hYSueWQ,iv:2sDqY9rZH9W8l5vPn+IfumLvPIBvTLX3hhbMRhZ0nac=,tag:eNnWLm65gp7oBHuwGsQa7g==,type:str]", - "sops": { - "age": [ - { - "recipient": "age1njjegjjdqzfnrr54f536yl4lduqgna3wuv7ef6vtl9jw5cju0grsgy62tm", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvRUJjeDJRZEJHVTB1MVIv\nRXA5Qmhndzc4akR6QVBGZnk5blBhQTBMd2pvCmpqWTFHdnZOd3A4RnBBYjVuN05o\ndlhxUkgyWEJYdlNidHlnNjFNV3A1cUUKLS0tIEhjMzBUb1Fqd2FsTldieEF1azA1\nN0ppVmlidFJ4bzVvMjRwa1A2MFl0SnMKITpT4ituZzPVSqIEpElrHnrW+V0qGoiR\nnCN8WAEjOYEfEVZEcFsnGkwR6JMMTnKm4y5SoA8teYFvGxRNrjGoPw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age187jl7e4k9n4guygkmpuqzeh0wenefwrfkpvuyhvwjrjwxqpzassqq3x67j", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiRUJwMmIxWWpESWY5c0xF\nR3NUMUZnNkNGeWtpb2Z1ZEt1QitLenN5M0JvCmFYV0lwdys4UDVXTHpGNFVOblBE\nNmVaWlFXYUo1ZXUvdDVxaHBrK1YybDgKLS0tIFJyREdXbTllRVFnWUsrNWZ4VzYy\nVkFjbjFpWmFXZ2hTVU82MkhnM2JGQlEKtqITcrlUuzb8UZd6iGP300dvqGS68h3z\nmVE1EhgOKWOvA/cQoJcvgF8s2/STpAMQcrVkTOKqxZxHB1trsTODEw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1dqt3znmzcgghsjjzzax0pf0eyu95h0p7kaf5v988ysjv7fl7lumsatl048", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLRGtkbXFqbldVSmFhN0FS\nWE02aWRoRGhwT1hKME9QM1JidWdtUU1FdkZNClhVNlppTkNSMjh4UERwY3UyY0tW\nSDMzWnU1dThLWENUdjJKb0FPZGpHVDgKLS0tIG1jRXhwcTBUVWs1SDhIVzFTSndM\nUURXdUZhaGhnRHBRNmZVbHV5ZzRBU2cKQMWUQK+1kbm2Q0YRoH4Y6oAyEJF5q0fb\npYTYJ8gNu7ZrCIVP+2nsQzp2Fh1EXgFj+gz7Hgp8gqDuGUpFS7x2Rw==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1ez6j3r5wdp0tjy7n5qzv5vfakdc2nh2zeu388zu7a80l0thv052syxq5e2", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxTVNxR0RieWo4QWJMQ2JZ\nWThKay85VFpCcWU1YU5UUVM0SzZtdXhkaGtrCnVXckd6MXdHVUNabGt4ekk3TGNK\nQzNuWjQycmNxQnJyb1RQeGp0OWg5b28KLS0tIE4xekRaTnJQVkxCN3dyRzhrdTJx\nMnhHMU5neS81d0U3ZnJlcm5FZUtxMWsKilYl0hRzQVDOgDTykPt/lA4+pQ0aZpcU\n9ZmLE2gEfgl6YA/5AMndsQho8fHXy5IJceXqAkdUgczGwJw08bfW4A==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1tlymdmaukhwupzrhszspp26lgd8s64rw4vu9lwc7gsgrjm78095s9fe9l3", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtblJGWVM5c1VsQ3NsOCtm\nN2JsYnNKNHhVWlc5d2hoUVRvS29sSGMraG5NClYvN1FvUFp4ejQwMW03TmQ2elVY\nYXdNUjdSQXlSZW92VWwyMitJdXFJZjQKLS0tIEMxUVZXOFRNN3ROL3hQaTFXZXBD\nelpSbTREdU4rdXpOQlhZOGxFc1lrVmMKnKcH2xoNJAkNrX2SbXpVKz7oIJ3blQhR\nBzLMfGFYXtnfZrxzYqUpazj6gjN7FArqk6ZHQqHoK0pLvc/WYUBJyg==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2025-12-20T20:11:07Z", - "mac": "ENC[AES256_GCM,data:GymmD13DXD0LMI1g9Xu14QMpXSgjzsvdnP5CkqzLvt6rAwA1RqnGIBA+Hs8auYv3PWR6yJ6CTICKRqr024Z9OWI72TwYtX0tkq3KNgbLvK/EQgfFGSD2zPWfodHbxgEzA4y9lhcpsPSkXZv5WPHZ8e2Qdi9cD2aHiV3NZ9cjctA=,iv:y51r2EKQkesTp31FsjAzJifVRIhUl8jpMEsKARr4O6w=,tag:C3veoHsHi+ND8LBVG3vjvQ==,type:str]", - "unencrypted_suffix": "_unencrypted", - "version": "3.11.0" - } -}