Commit `b020d93cab13`

Vincent Demeester <vincent@sbr.pm>

2025-05-06 22:46:41

systems: setup some globals

This is very bare for now, but the idea is to rely on this for a lot of things and get rid of `ops/host.toml` *and* `secrets/machines.nix`. Signed-off-by: Vincent Demeester <vincent@sbr.pm>

main

1 parent c1ffad6

Changed files (3)

lib

default.nix

systems

kyushu

extra.nix

globals.nix

@@ -43,6 +43,7 @@
       homeInput ? inputs.home-manager,
     }:
     let
+      globals = import ../globals.nix;
       specialArgs = {
         inherit
           self
@@ -53,6 +54,7 @@
           desktop
           syncthingFolders
           system
+          globals
           ;
       };
     in

@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, lib, globals, ... }:
 {
 
   imports = [
@@ -18,9 +18,9 @@
   services.wireguard = {
     enable = true;
     # FIXME get this from some globals
-    ips = [ "10.100.0.19/24" ];
-    endpoint = "167.99.17.238";
-    endpointPublicKey = "+H3fxErP9HoFUrPgU19ra9+GDLQw+VwvLWx3lMct7QI=";
+    ips = globals.fn.wg-ips globals.machines.kyushu.net.vpn.ips;
+    endpoint = "${globals.net.vpn.endpoint}";
+    endpointPublicKey = "${globals.net.vpn.pubkey}";
   };
 
   environment.systemPackages = with pkgs; [

@@ -0,0 +1,25 @@
+{
+  net = {
+    vpn = {
+      endpoint = "167.99.17.238";
+      pubkey = "+H3fxErP9HoFUrPgU19ra9+GDLQw+VwvLWx3lMct7QI=";
+    };
+  };
+  machines = {
+    kyushu = {
+      net = {
+        ips = [
+          "192.168.1.36"
+          "192.168.1.68"
+        ];
+        vpn = {
+          pubkey = "KVRzoPUw8UTQblYtbs/NLYLIVmtQehrc4Hacbpf5Ugs=";
+          ips = [ "10.100.0.19" ];
+        };
+      };
+    };
+  };
+  fn = {
+    wg-ips = ips: builtins.map (x: "${x}/24") ips;
+  };
+}

Commit b020d93cab13

Commit `b020d93cab13`