nix infinite recursion

This commit is contained in:
Alex 2022-04-19 17:41:18 +02:00
parent 65902d4780
commit 3d8989b9c9
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
4 changed files with 36 additions and 7 deletions

View file

@ -41,6 +41,7 @@ for NIXHOST in $NIXHOSTLIST; do
cat nix/configuration.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/configuration.nix > /dev/null cat nix/configuration.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/configuration.nix > /dev/null
cat nix/deuxfleurs.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/deuxfleurs.nix > /dev/null cat nix/deuxfleurs.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/deuxfleurs.nix > /dev/null
cat nix/remote-unlock.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/remote-unlock.nix > /dev/null cat nix/remote-unlock.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/remote-unlock.nix > /dev/null
cat nix/wesher.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/wesher.nix > /dev/null
cat cluster/$CLUSTER/cluster.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/cluster.nix > /dev/null cat cluster/$CLUSTER/cluster.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/cluster.nix > /dev/null
cat cluster/$CLUSTER/node/$NIXHOST.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/node.nix > /dev/null cat cluster/$CLUSTER/node/$NIXHOST.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/node.nix > /dev/null
cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null
@ -58,7 +59,7 @@ for NIXHOST in $NIXHOSTLIST; do
set -ex set -ex
cd $TMP_PATH cd $TMP_PATH
mv deuxfleurs.nix remote-unlock.nix configuration.nix cluster.nix node.nix site.nix /etc/nixos mv deuxfleurs.nix remote-unlock.nix wesher.nix configuration.nix cluster.nix node.nix site.nix /etc/nixos
nixos-rebuild switch nixos-rebuild switch

View file

@ -24,6 +24,10 @@
# replicates the default behaviour. # replicates the default behaviour.
networking.useDHCP = false; networking.useDHCP = false;
nixpkgs.overlays = [
(import ./wesher.nix)
];
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
@ -63,6 +67,7 @@ SystemMaxUse=1G
rclone rclone
docker docker
docker-compose docker-compose
wesher
]; ];
programs.vim.defaultEditor = true; programs.vim.defaultEditor = true;

View file

@ -106,18 +106,18 @@ in
}) cfg.admin_accounts; }) cfg.admin_accounts;
# Configure network interfaces # Configure network interfaces
networking.interfaces = attrsets.setAttrByPath [ config.deuxfleurs.network_interface ] { networking.interfaces = attrsets.setAttrByPath [ cfg.network_interface ] {
useDHCP = false; useDHCP = false;
ipv4.addresses = [ ipv4.addresses = [
{ {
address = config.deuxfleurs.lan_ip; address = cfg.lan_ip;
prefixLength = config.deuxfleurs.lan_ip_prefix_length; prefixLength = cfg.lan_ip_prefix_length;
} }
]; ];
}; };
networking.defaultGateway = { networking.defaultGateway = {
address = config.deuxfleurs.lan_default_gateway; address = cfg.lan_default_gateway;
interface = config.deuxfleurs.network_interface; interface = cfg.network_interface;
}; };
# Configure Wireguard VPN between all nodes # Configure Wireguard VPN between all nodes
@ -128,7 +128,7 @@ in
peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: { peers = map ({ publicKey, endpoint, IP, site_name, lan_endpoint, ... }: {
publicKey = publicKey; publicKey = publicKey;
allowedIPs = [ "${IP}/32" ]; allowedIPs = [ "${IP}/32" ];
endpoint = if site_name != null && site_name == config.deuxfleurs.site_name && lan_endpoint != null endpoint = if site_name != null && site_name == cfg.site_name && lan_endpoint != null
then lan_endpoint else endpoint; then lan_endpoint else endpoint;
persistentKeepalive = 25; persistentKeepalive = 25;
}) (cfg.cluster_nodes ++ cfg.admin_nodes); }) (cfg.cluster_nodes ++ cfg.admin_nodes);

23
nix/wesher.nix Normal file
View file

@ -0,0 +1,23 @@
pkgs:
pkgs.buildGoModule rec {
pname = "wesher";
version = "0.2.6";
src = pkgs.fetchFromGitHub {
owner = "costela";
repo = "wesher";
rev = "v${version}";
sha256 = "1fnclr556avxay6pvgw5ya3xbxfnf2gv4njq2hr4fd6fcjyslq5h";
};
vendorSha256 = null;
checkPhase = "true";
meta = with pkgs.lib; {
description = "wireguard overlay mesh network manager";
homepage = "https://github.com/costela/wesher";
license = licenses.gpl3Plus;
platforms = platforms.linux;
};
}