clan config

flake.nix

{
  inputs = {
    # NIX BASE #
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    clan-core = {
      url = "git+https://git.clan.lol/clan/clan-core";
      # Don't do this if your machines are on nixpkgs stable.
      inputs.nixpkgs.follows = "nixpkgs"; # https://git.clan.lol/clan/clan-core/issues/3079
    };
  };

  outputs = { self, nixpkgs, clan-core, ... }@inputs:
    let
      inherit (self) outputs;

      # https://docs.clan.lol/manual/migration-guide/
      clan = clan-core.lib.buildClan {
        self = self; # this needs to point at the repository root
        specialArgs = { inherit inputs outputs lib; };
        inventory.meta.name = "tam";
        inventory = {
          services = {
            # admin.manu = {
            #   roles.default.machines = [ "duploy" ];
            #   # config.allowedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINpFo0kO4oIM3QUc71B2Iigx5YiGZdtTdTjnolCzb/LU manu@nix-framework" ];
            # };
            # sshd.manu = {
            #   roles.server.machines = [ "duploy" ];
            #   # config.allowedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINpFo0kO4oIM3QUc71B2Iigx5YiGZdtTdTjnolCzb/LU manu@nix-framework" ];
            # };
            # sshd.
          };
        };

        machines = {
          # berlin = {
          #   nixpkgs.hostPlatform = "x86_64-linux";
          #   imports = [ ./machines/berlin/configuration.nix ];
          # };

          # Laptops
          framework = { imports = [ ./hosts/framework ]; };
          duplo = { imports = [ ./hosts/duplo ]; };
          dellio = { imports = [ ./hosts/dellio ]; };

          # Workstations
          icase = { imports = [ ./hosts/icase ]; };
          # Servers
          toykio = { imports = [ ./hosts/server/toykio ]; };
          rose-pi4 = { imports = [ ./hosts/server/rose-pi4 ]; };
          rose-cool = { imports = [ ./hosts/server/rose-cool ]; };
          rose-targa = { imports = [ ./hosts/server/rose-targa ]; };

          # Installer
          installer = { imports = [ ./hosts/installer-image.nix ]; };
          installer32 = { imports = [ ./hosts/installer-image-32.nix ]; };

        };
      };

    in
    {
      inherit (clan) clanInternals;
      nixosConfigurations = clan.nixosConfigurations;
    };

  nixConfig = {
    extra-substituters = [
      "https://nix-community.cachix.org"
      "https://devenv.cachix.org"
    ];
    extra-trusted-public-keys = [
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
      "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
    ];
  };

}

hosts__common__server__server.nix

{ inputs, ... }: {
  imports = [
    inputs.clan-core.clanModules.root-password
    inputs.clan-core.clanModules.admin
    inputs.clan-core.clanModules.sshd
    inputs.clan-core.clanModules.trusted-nix-caches
  ];

  clan.admin.allowedKeys = {
    "manu@nix-framework" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINpFo0kO4oIM3QUc71B2Iigx5YiGZdtTdTjnolCzb/LU";
  };
}

machines__duploy__configuration.nix

{ pkgs, config, modulesPath, inputs, ... }: {

  imports = [
    # ../../hosts/_common/global
    ../../hosts/_common/server

    ../../hosts/_common/optional/docker.nix
    # ../../hosts/_common/optional/podman.nix
    # ../../hosts/_common/optional/ipfs.nix
    # ../../hosts/_users/manu
  ];

  networking.hostName = "duploy";
  clan.core.networking.targetHost = "root@server";
  time.timeZone = "Europe/Berlin";
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINpFo0kO4oIM3QUc71B2Iigx5YiGZdtTdTjnolCzb/LU manu@nix-framework"
  ];
  networking.firewall.enable = false;
}