chore: fix format

2024-01-13 10:47:37 +08:00 · 2024-01-13 10:47:37 +08:00 · 55473f78ad
commit 55473f78ad
parent 5da958c996
4 changed files with 60 additions and 47 deletions
--- a/flake.nix
+++ b/flake.nix
@ -9,7 +9,7 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

-    nix-vscode-extensions =  {
+    nix-vscode-extensions = {
      url = "github:nix-community/nix-vscode-extensions";
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.flake-utils.follows = "flake-utils";
@ -86,7 +86,7 @@
          };
        };
      };
-      mkNixos = { system, modules, specialArgs ? {}}: nixpkgs.lib.nixosSystem {
+      mkNixos = { system, modules, specialArgs ? { } }: nixpkgs.lib.nixosSystem {
        inherit system;
        specialArgs = specialArgs // { inherit inputs system; };
        modules = [
@ -102,57 +102,65 @@

      homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ];

-      colmenaHive = colmena.lib.makeHive {
+      colmenaHive =
+        let
+          deploymentModule = {
+            deployment.targetUser = "xin";
+          };
+          sharedModules = [
+            self.nixosModules.default
+            deploymentModule
+          ];
+        in
+        colmena.lib.makeHive {
          meta = {
-              nixpkgs = import nixpkgs {
-                  system = "x86_64-linux";
-              };
-              machinesFile = ./nixbuild.net;
-              specialArgs = {
-                inherit inputs;
-              };
+            nixpkgs = import nixpkgs {
+              system = "x86_64-linux";
+            };
+            machinesFile = ./nixbuild.net;
+            specialArgs = {
+              inherit inputs;
+            };
          };

          massicot = { name, nodes, pkgs, ... }: with inputs; {
-              deployment.targetHost = "49.13.13.122";
+            deployment.targetHost = "49.13.13.122";
+            deployment.buildOnTarget = true;

-              imports = [
-                  { nixpkgs.system = "aarch64-linux"; }
-                  self.nixosModules.default
-                  machines/massicot
-              ];
+            imports = [
+              { nixpkgs.system = "aarch64-linux"; }
+              machines/massicot
+            ] ++ sharedModules;
          };

          sgp-00 = { name, nodes, pkgs, ... }: with inputs; {
-              imports = [
-                self.nixosModules.default
-                machines/dolomite
-              ];
-              nixpkgs.system = "x86_64-linux";
-              networking.hostName = "sgp-00";
-              system.stateVersion = "23.11";
-              deployment = {
-                targetHost = "video.namely.icu";
-                buildOnTarget = false;
-                tags = [ "proxy" ];
-              };
+            imports = [
+              machines/dolomite
+            ] ++ sharedModules;
+            nixpkgs.system = "x86_64-linux";
+            networking.hostName = "sgp-00";
+            system.stateVersion = "23.11";
+            deployment = {
+              targetHost = "video.namely.icu";
+              buildOnTarget = false;
+              tags = [ "proxy" ];
+            };
          };

          tok-00 = { name, nodes, pkgs, ... }: with inputs; {
-              imports = [
-                self.nixosModules.default
-                machines/dolomite
-              ];
-              nixpkgs.system = "x86_64-linux";
-              networking.hostName = "tok-00";
-              system.stateVersion = "23.11";
-              deployment = {
-                targetHost = "video01.namely.icu";
-                buildOnTarget = false;
-                tags = [ "proxy" ];
-              };
+            imports = [
+              machines/dolomite
+            ] ++ sharedModules;
+            nixpkgs.system = "x86_64-linux";
+            networking.hostName = "tok-00";
+            system.stateVersion = "23.11";
+            deployment = {
+              targetHost = "video01.namely.icu";
+              buildOnTarget = false;
+              tags = [ "proxy" ];
+            };
          };
-      };
+        };

      nixosConfigurations = {
        calcite = mkNixos {
@ -191,7 +199,7 @@
      {
        devShells = {
          default = pkgs.mkShell {
-            packages = with pkgs; [ git colmena sops nix-output-monitor ];
+            packages = with pkgs; [ git colmena sops nix-output-monitor rnix-lsp ];
          };
        };
      }
--- a/machines/dolomite/default.nix
+++ b/machines/dolomite/default.nix
@ -66,12 +66,17 @@
      };
    };
    services.fail2ban.enable = true;
+    programs.mosh.enable = true;

    security.sudo = {
      execWheelOnly = true;
      wheelNeedsPassword = false;
    };

+    nix.settings = {
+      trusted-users = config.users.groups.wheel.members;
+    };
+
    services.sing-box = let
      singTls = {
        enabled = true;
--- a/machines/massicot/default.nix
+++ b/machines/massicot/default.nix
@ -87,8 +87,8 @@
      KerberosAuthentication = "no";
    };
  };
-
  services.fail2ban.enable = true;
+  programs.mosh.enable = true;
  
  systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
 }