From e3c602e41ee0a31da4e415adb68a18134a071957 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 09:22:28 +0200 Subject: [PATCH 1/8] . --- sops/machines/c1/key.json | 0 sops/machines/c2/key.json | 0 sops/machines/c3/key.json | 0 sops/machines/m1/key.json | 0 sops/users/chris/key.json | 0 vars/per-machine/c1/openssh/ssh.id_ed25519/machines/c1 | 1 - vars/per-machine/c1/openssh/ssh.id_ed25519/users/chris | 1 - vars/per-machine/c1/root-password/password-hash/machines/c1 | 1 - vars/per-machine/c1/root-password/password-hash/users/chris | 1 - vars/per-machine/c1/root-password/password/users/chris | 1 - vars/per-machine/c2/openssh/ssh.id_ed25519/machines/c2 | 1 - vars/per-machine/c2/openssh/ssh.id_ed25519/users/chris | 1 - vars/per-machine/c2/root-password/password-hash/machines/c2 | 1 - vars/per-machine/c2/root-password/password-hash/users/chris | 1 - vars/per-machine/c2/root-password/password/users/chris | 1 - vars/per-machine/c3/openssh/ssh.id_ed25519/machines/c3 | 1 - vars/per-machine/c3/openssh/ssh.id_ed25519/users/chris | 1 - vars/per-machine/c3/root-password/password-hash/machines/c3 | 1 - vars/per-machine/c3/root-password/password-hash/users/chris | 1 - vars/per-machine/c3/root-password/password/users/chris | 1 - vars/per-machine/m1/openssh/ssh.id_ed25519/machines/m1 | 1 - vars/per-machine/m1/openssh/ssh.id_ed25519/users/chris | 1 - vars/per-machine/m1/root-password/password-hash/machines/m1 | 1 - vars/per-machine/m1/root-password/password-hash/users/chris | 1 - vars/per-machine/m1/root-password/password/users/chris | 1 - .../per-machine/m1/zerotier/zerotier-identity-secret/machines/m1 | 1 - .../per-machine/m1/zerotier/zerotier-identity-secret/users/chris | 1 - 27 files changed, 22 deletions(-) mode change 100755 => 100644 sops/machines/c1/key.json mode change 100755 => 100644 sops/machines/c2/key.json mode change 100755 => 100644 sops/machines/c3/key.json mode change 100755 => 100644 sops/machines/m1/key.json mode change 100755 => 100644 sops/users/chris/key.json delete mode 120000 vars/per-machine/c1/openssh/ssh.id_ed25519/machines/c1 delete mode 120000 vars/per-machine/c1/openssh/ssh.id_ed25519/users/chris delete mode 120000 vars/per-machine/c1/root-password/password-hash/machines/c1 delete mode 120000 vars/per-machine/c1/root-password/password-hash/users/chris delete mode 120000 vars/per-machine/c1/root-password/password/users/chris delete mode 120000 vars/per-machine/c2/openssh/ssh.id_ed25519/machines/c2 delete mode 120000 vars/per-machine/c2/openssh/ssh.id_ed25519/users/chris delete mode 120000 vars/per-machine/c2/root-password/password-hash/machines/c2 delete mode 120000 vars/per-machine/c2/root-password/password-hash/users/chris delete mode 120000 vars/per-machine/c2/root-password/password/users/chris delete mode 120000 vars/per-machine/c3/openssh/ssh.id_ed25519/machines/c3 delete mode 120000 vars/per-machine/c3/openssh/ssh.id_ed25519/users/chris delete mode 120000 vars/per-machine/c3/root-password/password-hash/machines/c3 delete mode 120000 vars/per-machine/c3/root-password/password-hash/users/chris delete mode 120000 vars/per-machine/c3/root-password/password/users/chris delete mode 120000 vars/per-machine/m1/openssh/ssh.id_ed25519/machines/m1 delete mode 120000 vars/per-machine/m1/openssh/ssh.id_ed25519/users/chris delete mode 120000 vars/per-machine/m1/root-password/password-hash/machines/m1 delete mode 120000 vars/per-machine/m1/root-password/password-hash/users/chris delete mode 120000 vars/per-machine/m1/root-password/password/users/chris delete mode 120000 vars/per-machine/m1/zerotier/zerotier-identity-secret/machines/m1 delete mode 120000 vars/per-machine/m1/zerotier/zerotier-identity-secret/users/chris diff --git a/sops/machines/c1/key.json b/sops/machines/c1/key.json old mode 100755 new mode 100644 diff --git a/sops/machines/c2/key.json b/sops/machines/c2/key.json old mode 100755 new mode 100644 diff --git a/sops/machines/c3/key.json b/sops/machines/c3/key.json old mode 100755 new mode 100644 diff --git a/sops/machines/m1/key.json b/sops/machines/m1/key.json old mode 100755 new mode 100644 diff --git a/sops/users/chris/key.json b/sops/users/chris/key.json old mode 100755 new mode 100644 diff --git a/vars/per-machine/c1/openssh/ssh.id_ed25519/machines/c1 b/vars/per-machine/c1/openssh/ssh.id_ed25519/machines/c1 deleted file mode 120000 index 01430a8..0000000 --- a/vars/per-machine/c1/openssh/ssh.id_ed25519/machines/c1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c1 \ No newline at end of file diff --git a/vars/per-machine/c1/openssh/ssh.id_ed25519/users/chris b/vars/per-machine/c1/openssh/ssh.id_ed25519/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c1/openssh/ssh.id_ed25519/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c1/root-password/password-hash/machines/c1 b/vars/per-machine/c1/root-password/password-hash/machines/c1 deleted file mode 120000 index 01430a8..0000000 --- a/vars/per-machine/c1/root-password/password-hash/machines/c1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c1 \ No newline at end of file diff --git a/vars/per-machine/c1/root-password/password-hash/users/chris b/vars/per-machine/c1/root-password/password-hash/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c1/root-password/password-hash/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c1/root-password/password/users/chris b/vars/per-machine/c1/root-password/password/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c1/root-password/password/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c2/openssh/ssh.id_ed25519/machines/c2 b/vars/per-machine/c2/openssh/ssh.id_ed25519/machines/c2 deleted file mode 120000 index 42c1f4d..0000000 --- a/vars/per-machine/c2/openssh/ssh.id_ed25519/machines/c2 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c2 \ No newline at end of file diff --git a/vars/per-machine/c2/openssh/ssh.id_ed25519/users/chris b/vars/per-machine/c2/openssh/ssh.id_ed25519/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c2/openssh/ssh.id_ed25519/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c2/root-password/password-hash/machines/c2 b/vars/per-machine/c2/root-password/password-hash/machines/c2 deleted file mode 120000 index 42c1f4d..0000000 --- a/vars/per-machine/c2/root-password/password-hash/machines/c2 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c2 \ No newline at end of file diff --git a/vars/per-machine/c2/root-password/password-hash/users/chris b/vars/per-machine/c2/root-password/password-hash/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c2/root-password/password-hash/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c2/root-password/password/users/chris b/vars/per-machine/c2/root-password/password/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c2/root-password/password/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c3/openssh/ssh.id_ed25519/machines/c3 b/vars/per-machine/c3/openssh/ssh.id_ed25519/machines/c3 deleted file mode 120000 index 4115c15..0000000 --- a/vars/per-machine/c3/openssh/ssh.id_ed25519/machines/c3 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c3 \ No newline at end of file diff --git a/vars/per-machine/c3/openssh/ssh.id_ed25519/users/chris b/vars/per-machine/c3/openssh/ssh.id_ed25519/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c3/openssh/ssh.id_ed25519/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c3/root-password/password-hash/machines/c3 b/vars/per-machine/c3/root-password/password-hash/machines/c3 deleted file mode 120000 index 4115c15..0000000 --- a/vars/per-machine/c3/root-password/password-hash/machines/c3 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c3 \ No newline at end of file diff --git a/vars/per-machine/c3/root-password/password-hash/users/chris b/vars/per-machine/c3/root-password/password-hash/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c3/root-password/password-hash/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/c3/root-password/password/users/chris b/vars/per-machine/c3/root-password/password/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/c3/root-password/password/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/m1/openssh/ssh.id_ed25519/machines/m1 b/vars/per-machine/m1/openssh/ssh.id_ed25519/machines/m1 deleted file mode 120000 index 9be3644..0000000 --- a/vars/per-machine/m1/openssh/ssh.id_ed25519/machines/m1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/m1 \ No newline at end of file diff --git a/vars/per-machine/m1/openssh/ssh.id_ed25519/users/chris b/vars/per-machine/m1/openssh/ssh.id_ed25519/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/m1/openssh/ssh.id_ed25519/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/m1/root-password/password-hash/machines/m1 b/vars/per-machine/m1/root-password/password-hash/machines/m1 deleted file mode 120000 index 9be3644..0000000 --- a/vars/per-machine/m1/root-password/password-hash/machines/m1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/m1 \ No newline at end of file diff --git a/vars/per-machine/m1/root-password/password-hash/users/chris b/vars/per-machine/m1/root-password/password-hash/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/m1/root-password/password-hash/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/m1/root-password/password/users/chris b/vars/per-machine/m1/root-password/password/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/m1/root-password/password/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file diff --git a/vars/per-machine/m1/zerotier/zerotier-identity-secret/machines/m1 b/vars/per-machine/m1/zerotier/zerotier-identity-secret/machines/m1 deleted file mode 120000 index 9be3644..0000000 --- a/vars/per-machine/m1/zerotier/zerotier-identity-secret/machines/m1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/m1 \ No newline at end of file diff --git a/vars/per-machine/m1/zerotier/zerotier-identity-secret/users/chris b/vars/per-machine/m1/zerotier/zerotier-identity-secret/users/chris deleted file mode 120000 index 91b7741..0000000 --- a/vars/per-machine/m1/zerotier/zerotier-identity-secret/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/chris \ No newline at end of file From 8756b1b65ee781db58446b801669c489bba4c479 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 13:36:12 +0200 Subject: [PATCH 2/8] set up initial k3s config --- clan.nix | 7 + flake.lock | 318 ++++++++++++++++++-- flake.nix | 9 +- sops/secrets/zitadel_inital_password/secret | 15 + 4 files changed, 329 insertions(+), 20 deletions(-) create mode 100644 sops/secrets/zitadel_inital_password/secret diff --git a/clan.nix b/clan.nix index 4e373a3..0582c93 100644 --- a/clan.nix +++ b/clan.nix @@ -42,6 +42,13 @@ roles.controller.machines."m1" = { }; roles.peer.tags.all = { }; }; + + k3s = { + module = { + name = "@amarth/k3s"; + input = "amarth"; + }; + }; }; # Additional NixOS configuration can be added here. diff --git a/flake.lock b/flake.lock index acbceee..0b21c58 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,30 @@ { "nodes": { + "amarth": { + "inputs": { + "clan-core": "clan-core", + "flake-parts": "flake-parts_2", + "nixpkgs": [ + "amarth", + "clan-core", + "nixpkgs" + ], + "systems": "systems_2" + }, + "locked": { + "lastModified": 1757947021, + "narHash": "sha256-BinQx0l//FdLRxYzvQG6lwP8HR9g8iiJ5I6vt5Mm1Fs=", + "ref": "refs/heads/main", + "rev": "5525d770f1f73145860f2f929496d3d85ee058dc", + "revCount": 3, + "type": "git", + "url": "https://git.amarth.cloud/amarth/services.git" + }, + "original": { + "type": "git", + "url": "https://git.amarth.cloud/amarth/services.git" + } + }, "clan-core": { "inputs": { "data-mesher": "data-mesher", @@ -14,11 +39,36 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1756806573, - "narHash": "sha256-NHpnZrZ2bploGlGEUEvTvhDZRpI1yjFj72SSTmw56GI=", - "rev": "f97e22e125143e8e58325aa614aee59ed868296b", + "lastModified": 1757912940, + "narHash": "sha256-Xypz7pxa1L09GooMueosv0CRW4Cx5/gdtvSPBrnXf6M=", + "rev": "93280a9f987bbe689c74f1ea21d0c2fa4645c359", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/f97e22e125143e8e58325aa614aee59ed868296b.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/93280a9f987bbe689c74f1ea21d0c2fa4645c359.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://git.clan.lol/clan/clan-core/archive/main.tar.gz" + } + }, + "clan-core_2": { + "inputs": { + "data-mesher": "data-mesher_2", + "disko": "disko_2", + "flake-parts": "flake-parts_3", + "nix-darwin": "nix-darwin_2", + "nix-select": "nix-select_2", + "nixos-facter-modules": "nixos-facter-modules_2", + "nixpkgs": "nixpkgs_2", + "sops-nix": "sops-nix_2", + "systems": "systems_3", + "treefmt-nix": "treefmt-nix_2" + }, + "locked": { + "lastModified": 1757912940, + "narHash": "sha256-Xypz7pxa1L09GooMueosv0CRW4Cx5/gdtvSPBrnXf6M=", + "rev": "93280a9f987bbe689c74f1ea21d0c2fa4645c359", + "type": "tarball", + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/93280a9f987bbe689c74f1ea21d0c2fa4645c359.tar.gz" }, "original": { "type": "tarball", @@ -26,6 +76,36 @@ } }, "data-mesher": { + "inputs": { + "flake-parts": [ + "amarth", + "clan-core", + "flake-parts" + ], + "nixpkgs": [ + "amarth", + "clan-core", + "nixpkgs" + ], + "treefmt-nix": [ + "amarth", + "clan-core", + "treefmt-nix" + ] + }, + "locked": { + "lastModified": 1757905600, + "narHash": "sha256-Yd7buL9N7N7IaDVViItqP9HsECfnlDFykxvvNgMYcKk=", + "rev": "c10c4002bdc5aef040fcbb814d5f482e82dc8345", + "type": "tarball", + "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/c10c4002bdc5aef040fcbb814d5f482e82dc8345.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://git.clan.lol/clan/data-mesher/archive/main.tar.gz" + } + }, + "data-mesher_2": { "inputs": { "flake-parts": [ "clan-core", @@ -41,11 +121,11 @@ ] }, "locked": { - "lastModified": 1756695982, - "narHash": "sha256-dyLhOSDzxZtRgi5aj/OuaZJUsuvo+8sZ9CU/qieZ15c=", - "rev": "cc8f26e7e6c2dc985526ba59b286ae5a83168cdb", + "lastModified": 1757905600, + "narHash": "sha256-Yd7buL9N7N7IaDVViItqP9HsECfnlDFykxvvNgMYcKk=", + "rev": "c10c4002bdc5aef040fcbb814d5f482e82dc8345", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/cc8f26e7e6c2dc985526ba59b286ae5a83168cdb.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/c10c4002bdc5aef040fcbb814d5f482e82dc8345.tar.gz" }, "original": { "type": "tarball", @@ -55,16 +135,38 @@ "disko": { "inputs": { "nixpkgs": [ + "amarth", "clan-core", "nixpkgs" ] }, "locked": { - "lastModified": 1756733629, - "narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=", + "lastModified": 1757508292, + "narHash": "sha256-7lVWL5bC6xBIMWWDal41LlGAG+9u2zUorqo3QCUL4p4=", "owner": "nix-community", "repo": "disko", - "rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1", + "rev": "146f45bee02b8bd88812cfce6ffc0f933788875a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "disko_2": { + "inputs": { + "nixpkgs": [ + "clan-core", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757508292, + "narHash": "sha256-7lVWL5bC6xBIMWWDal41LlGAG+9u2zUorqo3QCUL4p4=", + "owner": "nix-community", + "repo": "disko", + "rev": "146f45bee02b8bd88812cfce6ffc0f933788875a", "type": "github" }, "original": { @@ -74,6 +176,49 @@ } }, "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "amarth", + "clan-core", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "4524271976b625a4a605beefd893f270620fd751", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "amarth", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "4524271976b625a4a605beefd893f270620fd751", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "clan-core", @@ -97,16 +242,38 @@ "nix-darwin": { "inputs": { "nixpkgs": [ + "amarth", "clan-core", "nixpkgs" ] }, "locked": { - "lastModified": 1755825449, - "narHash": "sha256-XkiN4NM9Xdy59h69Pc+Vg4PxkSm9EWl6u7k6D5FZ5cM=", + "lastModified": 1757430124, + "narHash": "sha256-MhDltfXesGH8VkGv3hmJ1QEKl1ChTIj9wmGAFfWj/Wk=", "owner": "nix-darwin", "repo": "nix-darwin", - "rev": "8df64f819698c1fee0c2969696f54a843b2231e8", + "rev": "830b3f0b50045cf0bcfd4dab65fad05bf882e196", + "type": "github" + }, + "original": { + "owner": "nix-darwin", + "repo": "nix-darwin", + "type": "github" + } + }, + "nix-darwin_2": { + "inputs": { + "nixpkgs": [ + "clan-core", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757430124, + "narHash": "sha256-MhDltfXesGH8VkGv3hmJ1QEKl1ChTIj9wmGAFfWj/Wk=", + "owner": "nix-darwin", + "repo": "nix-darwin", + "rev": "830b3f0b50045cf0bcfd4dab65fad05bf882e196", "type": "github" }, "original": { @@ -128,6 +295,19 @@ "url": "https://git.clan.lol/clan/nix-select/archive/main.tar.gz" } }, + "nix-select_2": { + "locked": { + "lastModified": 1755887746, + "narHash": "sha256-lzWbpHKX0WAn/jJDoCijIDss3rqYIPawe46GDaE6U3g=", + "rev": "92c2574c5e113281591be01e89bb9ddb31d19156", + "type": "tarball", + "url": "https://git.clan.lol/api/v1/repos/clan/nix-select/archive/92c2574c5e113281591be01e89bb9ddb31d19156.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://git.clan.lol/clan/nix-select/archive/main.tar.gz" + } + }, "nixos-facter-modules": { "locked": { "lastModified": 1756491981, @@ -143,6 +323,21 @@ "type": "github" } }, + "nixos-facter-modules_2": { + "locked": { + "lastModified": 1756491981, + "narHash": "sha256-lXyDAWPw/UngVtQfgQ8/nrubs2r+waGEYIba5UX62+k=", + "owner": "nix-community", + "repo": "nixos-facter-modules", + "rev": "c1b29520945d3e148cd96618c8a0d1f850965d8c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-facter-modules", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 315532800, @@ -156,9 +351,23 @@ "url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 315532800, + "narHash": "sha256-h8Sx4S+/0FpodZji6W9lHzwY5BcuUG85Aj3GfhvGC2o=", + "rev": "a650b5d0de99158323597f048667c4d914243224", + "type": "tarball", + "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre845298.a650b5d0de99/nixexprs.tar.xz" + }, + "original": { + "type": "tarball", + "url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz" + } + }, "root": { "inputs": { - "clan-core": "clan-core", + "amarth": "amarth", + "clan-core": "clan-core_2", "nixpkgs": [ "clan-core", "nixpkgs" @@ -168,16 +377,38 @@ "sops-nix": { "inputs": { "nixpkgs": [ + "amarth", "clan-core", "nixpkgs" ] }, "locked": { - "lastModified": 1754988908, - "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=", + "lastModified": 1757449901, + "narHash": "sha256-qwN8nYdSRnmmyyi+uR6m4gXnVktmy5smG1MOrSFD8PI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48", + "rev": "3b4a369df9dd6ee171a7ea4448b50e2528faf850", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "sops-nix_2": { + "inputs": { + "nixpkgs": [ + "clan-core", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757449901, + "narHash": "sha256-qwN8nYdSRnmmyyi+uR6m4gXnVktmy5smG1MOrSFD8PI=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "3b4a369df9dd6ee171a7ea4448b50e2528faf850", "type": "github" }, "original": { @@ -201,7 +432,58 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "amarth", + "clan-core", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756662192, + "narHash": "sha256-F1oFfV51AE259I85av+MAia221XwMHCOtZCMcZLK2Jk=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "1aabc6c05ccbcbf4a635fb7a90400e44282f61c4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_2": { "inputs": { "nixpkgs": [ "clan-core", diff --git a/flake.nix b/flake.nix index 340c1b7..ffd0b70 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,11 @@ { - inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - inputs.nixpkgs.follows = "clan-core/nixpkgs"; + inputs = { + clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + + nixpkgs.follows = "clan-core/nixpkgs"; + + amarth.url = "git+https://git.amarth.cloud/amarth/services.git"; + }; outputs = { diff --git a/sops/secrets/zitadel_inital_password/secret b/sops/secrets/zitadel_inital_password/secret new file mode 100644 index 0000000..a4eec86 --- /dev/null +++ b/sops/secrets/zitadel_inital_password/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:goNAmzE7VSnSeW3VmCg8ZM6iq66WN2Lo8UqSTN3t9rbmqm0L+Ho8SqfqiKX7gCrid1A=,iv:fgU2T94TRRH00GcLtUc6/TaTv/HyvZrOok5zrBFpyoI=,tag:lJr/KUSVupAwI1/Cp/er5A==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsMUQ5VkRnT3BtYlMvUVYx\nOEwrUjF4dUQxRU93ZkE0RUl5YlFRa29veVJzCjlLOGNGWEw0Sm5RaFFDekNhL1Ft\nY3NwNjZIRHpmMGVPU3FiS0VOVlV5WlUKLS0tIEQvc21HaER3VUQ2ZE5LdjREdFVo\nek95a3kwTWVLODJPRE5NM2paamZ1UHcKcdPkfgbrFOepolCt8Z/Qcd2FyUDHuDlG\nKLKqzwu5ieWk7A3BQ3Q03on5WYLhbY51PxAIDFbQzOgBSrcP7R52RQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-15T09:17:20Z", + "mac": "ENC[AES256_GCM,data:x58lVbUftxLT27hsSNSjX7Oy55W7UXiaLa4uQA4o+wxH4JlPR75sa/UGOVhufQoEi4hOPc/9b4kDt9jEasNJpdCaUrtsstfe69ZpWtCrnfZMAywlplKofRzMuxbvJHlU8Wn+gGll5BFz400fJMq2qPDLhVEo4eUzcX/RqDGymC0=,iv:BdkvmpEdMmTMkxbs+yvHxZWUgxf8flqhkjSitUlU3CU=,tag:usXzrIPEwKrQFs3vL/Ss4g==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} From f28941dfa4e00699422c19f58375f4c5ae87aa17 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 12:11:39 +0000 Subject: [PATCH 3/8] Update vars via generator k3s-ip for machine c1 --- vars/shared/k3s-ip/ip_v4/value | 1 + vars/shared/k3s-ip/ip_v6/value | 1 + 2 files changed, 2 insertions(+) create mode 100644 vars/shared/k3s-ip/ip_v4/value create mode 100644 vars/shared/k3s-ip/ip_v6/value diff --git a/vars/shared/k3s-ip/ip_v4/value b/vars/shared/k3s-ip/ip_v4/value new file mode 100644 index 0000000..7b9ad53 --- /dev/null +++ b/vars/shared/k3s-ip/ip_v4/value @@ -0,0 +1 @@ +127.0.0.1 diff --git a/vars/shared/k3s-ip/ip_v6/value b/vars/shared/k3s-ip/ip_v6/value new file mode 100644 index 0000000..20e29b1 --- /dev/null +++ b/vars/shared/k3s-ip/ip_v6/value @@ -0,0 +1 @@ +::1 From cc0593787b8084d67975810633cb6aa51f77a597 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 12:11:41 +0000 Subject: [PATCH 4/8] Update vars via generator k3s-token for machine c1 --- vars/shared/k3s-token/token/secret | 15 +++++++++++++++ vars/shared/k3s-token/token/users/nixos | 1 + 2 files changed, 16 insertions(+) create mode 100644 vars/shared/k3s-token/token/secret create mode 120000 vars/shared/k3s-token/token/users/nixos diff --git a/vars/shared/k3s-token/token/secret b/vars/shared/k3s-token/token/secret new file mode 100644 index 0000000..b44800d --- /dev/null +++ b/vars/shared/k3s-token/token/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:BOewQTwOh0/4jc4nCrIMagpR0875lfermaywa6SYoWhJI/eJEZHYhMI768dyzYe0r1xb,iv:zygnLd+e58BKLV5FTJ/XrYxcGumOmtw3KfH/GJyZP1U=,tag:u7xE06ObElNWh8jIb/cZeQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvSHhvNVRhVVl1VzlVQlpF\nOUZ2RHlEMUViOW5ZMVJ0ZzMwekcrWEMvckZNCnR3ZmdQWlQ0ZEFGczFMVlY3QThS\nTFNQVUJkNkFCV0hieUdEaGh2MXJmUmsKLS0tIEl6YnAzMU1BeThJRTJxMHYwb254\nWkFZQ2dQc3dnQlkyS0RKemJ5Rmh0OXcK7XJhESkmaNK7d6sFEPZXlt9X5EH8Evtr\nzbZpY8n/d5/hx1v3yELOMCaT72Sn4W7EM5J8TxYc/pSsB4w4bR5jnQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-16T12:11:40Z", + "mac": "ENC[AES256_GCM,data:KGx82ishq62L5XqTHuoxYvIBH8mpiYSRnCjY0Jnlh1fxsy2nvWMpR+SBnjyGZpn+hGRPEr9nr3Cy/0gdrI7vcpZKzqGCSla26lW9xQixpl3nf0dEJEvCdanlYBZq/Y5zOeZD3CA9XKv+4qwj7UnJnW9dLwb74cOWEwfGviA5dHU=,iv:hb2raFi0UNCL8siYr6IZ+z8e6nSxOX7yel3r8nh5des=,tag:MeanXTvPCJ2W0GnYZ719gA==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/shared/k3s-token/token/users/nixos b/vars/shared/k3s-token/token/users/nixos new file mode 120000 index 0000000..f8de8df --- /dev/null +++ b/vars/shared/k3s-token/token/users/nixos @@ -0,0 +1 @@ +../../../../../sops/users/nixos \ No newline at end of file From 3eb6cb8fe6942015a63470f8d0cde80404f55062 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 12:11:45 +0000 Subject: [PATCH 5/8] Update vars via generator zerotier for machine c1 --- .../zerotier-identity-secret/machines/c1 | 1 + .../zerotier/zerotier-identity-secret/secret | 19 +++++++++++++++++++ .../zerotier-identity-secret/users/nixos | 1 + .../per-machine/c1/zerotier/zerotier-ip/value | 1 + 4 files changed, 22 insertions(+) create mode 120000 vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 create mode 100644 vars/per-machine/c1/zerotier/zerotier-identity-secret/secret create mode 120000 vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos create mode 100644 vars/per-machine/c1/zerotier/zerotier-ip/value diff --git a/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 b/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 new file mode 120000 index 0000000..01430a8 --- /dev/null +++ b/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 @@ -0,0 +1 @@ +../../../../../../sops/machines/c1 \ No newline at end of file diff --git a/vars/per-machine/c1/zerotier/zerotier-identity-secret/secret b/vars/per-machine/c1/zerotier/zerotier-identity-secret/secret new file mode 100644 index 0000000..ecbf66f --- /dev/null +++ b/vars/per-machine/c1/zerotier/zerotier-identity-secret/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:aWunrs+Y0zsINHpVRHpBsj1loN3K4qP8rfWz4QY7DyteXQbCoomZuoc+OCJuQ8Y2VPDlc93shaRXcarnKTwztVZezfs09KazxALmwQmKzExY/4Fg2pnc8A18JKAY0PmSbcpKiMCUfwuD8XsAUPQ09aJQTBPPWOq23VDujlnQTO/waO/zaYhgOHw9QKFxknOL+Jyd2T9coB6aK8pkgOu65RbC5nlzS7noUGIVPA+5pi1y16p6f/1MibIV0oMO7+7Tgx8jKKESYbQUCuPqJUJsiMTEu6JXf25eLaHEmsPYTkaPYXda2bcAt4nA5DEq+vFhb3KYiSXbxoRp2phaozZSb4VgzqNUaoDCPwsn4bo7,iv:NPDB2pe++UNXjM3MQUvDMh4qDD072G+onboqGuZb4QU=,tag:QWByLe294QAqmH0HVsnGOQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19cnepqj2xclqwgv9esldz3znsezxazz0599ctkn2t5znsvxjxdjqvnxl80", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUMGlzZzEzTTNhRzYrNG9Q\nMTFGNEtmVVdMRlNrellBb0diR2dTWmhYbURNCmR3bmE3VWkvd1EzRFRKQWRkT2g0\nd0dVUUtKTTlmL3YvTUdPZ0VKT1ZabVEKLS0tIGVteVFCNnVHS25VY3U3OUpCNHg3\nSUZaYU9iVWY1MXRqZjhRYTRIVUpqNWsKFjrxGe+1zGBQrJzfPrPyTX5cQ2aQs2V7\njMUY6l9/RmYhmHnvaTiEzKfBmJKBV284G2N3zLg3jORboYNe6gmU0A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBZWdqaVpwZjVHMlNJbmFF\nSjF3ODNiNGVGMkZNUDFycVNQNGFpVDJvU21FCmdML1VMMzFYcHd2Rk0vMUg1Uzg5\neEVhUW1FNWVzeHZlWldLQ1kxcmlyYzAKLS0tIEhMdkYwOHo0b2E2OS9RekY4a3c1\naW1uTklBQVgxdHYxYzRhbjVTRXBxNUEK7szc1EoEfLP7w5KM8p+Nt/zxNm/Zih7r\nyjMWJ8upJ3baL6fCJAwI8DhBQy3WenQKHXp4g2cH2AUxOnYk1jaPIA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-16T12:11:44Z", + "mac": "ENC[AES256_GCM,data:bbZVtnTwkWC+9w/zM6FfAr42wmsm0ymDBmtc4ZGCDtsizMYKB955B4XG0jI8oavyv4HxPZo/XETo7Eo30T6LpGge0qQ53ZMygYP/xIsM9vwF8rk8f1qNGfNAUDYSBk95Fe5/l9YzCRwZunGw0Dz427VeSJnKLXPjYdvGctWlowM=,iv:DGMxTXhNHgoLI+8E6SaKbALwqsq68A/qXhqTmqRYvdE=,tag:6iSUxFnE1lb7kTc3+VTewQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos b/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos new file mode 120000 index 0000000..b1bb8e7 --- /dev/null +++ b/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos @@ -0,0 +1 @@ +../../../../../../sops/users/nixos \ No newline at end of file diff --git a/vars/per-machine/c1/zerotier/zerotier-ip/value b/vars/per-machine/c1/zerotier/zerotier-ip/value new file mode 100644 index 0000000..62c0836 --- /dev/null +++ b/vars/per-machine/c1/zerotier/zerotier-ip/value @@ -0,0 +1 @@ +fd03:2623:9523:e639:2899:933b:7273:40e9 \ No newline at end of file From bbb8a97c59936ec94a56256ec96f51bd683d56a6 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 12:17:59 +0000 Subject: [PATCH 6/8] Update vars via generator k3s-ip for machine c1 --- vars/{shared => per-machine/c1}/k3s-ip/ip_v4/value | 0 vars/{shared => per-machine/c1}/k3s-ip/ip_v6/value | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename vars/{shared => per-machine/c1}/k3s-ip/ip_v4/value (100%) rename vars/{shared => per-machine/c1}/k3s-ip/ip_v6/value (100%) diff --git a/vars/shared/k3s-ip/ip_v4/value b/vars/per-machine/c1/k3s-ip/ip_v4/value similarity index 100% rename from vars/shared/k3s-ip/ip_v4/value rename to vars/per-machine/c1/k3s-ip/ip_v4/value diff --git a/vars/shared/k3s-ip/ip_v6/value b/vars/per-machine/c1/k3s-ip/ip_v6/value similarity index 100% rename from vars/shared/k3s-ip/ip_v6/value rename to vars/per-machine/c1/k3s-ip/ip_v6/value From 9ec0fc4a96c3469997326c304bb850f9844920df Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 12:18:01 +0000 Subject: [PATCH 7/8] Update vars via generator k3s-token for machine c1 --- vars/per-machine/c1/k3s-token/token/secret | 15 +++++++++++++++ vars/per-machine/c1/k3s-token/token/users/nixos | 1 + vars/shared/k3s-token/token/secret | 15 --------------- vars/shared/k3s-token/token/users/nixos | 1 - 4 files changed, 16 insertions(+), 16 deletions(-) create mode 100644 vars/per-machine/c1/k3s-token/token/secret create mode 120000 vars/per-machine/c1/k3s-token/token/users/nixos delete mode 100644 vars/shared/k3s-token/token/secret delete mode 120000 vars/shared/k3s-token/token/users/nixos diff --git a/vars/per-machine/c1/k3s-token/token/secret b/vars/per-machine/c1/k3s-token/token/secret new file mode 100644 index 0000000..0c21df6 --- /dev/null +++ b/vars/per-machine/c1/k3s-token/token/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:KAyQJfDtHcwT2MP+C74ovM1k5Rw1rEjF5LsyH2CjS1VBxbQ+ACen/qEDzGw5db15/NZW,iv:1HzHYAgHtcyQbJRN2BHK+DPhhIPTao2yJMSZTDWO5xQ=,tag:vUKOJTpv/y6pm6pzzfEfZw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1dmZJNCtGeXNCTEp6T2Fq\nRmxsUHBVRmszT0RhdDUyckh1MHZhNUxkUTB3ClYxWnFOaWpocXBhY2EvbWJCaEVa\nQUR6cnBmajkySVo4dHdlTnl0NVJFQTQKLS0tIEQ3UW5ZUGVQckorWlpMSkovaGZt\nblJRaVd1NkkxLzJRT0o0Y1JPMlpwaW8KaqYT1lqsLjzRScgSapz+5anOGaS/SXPW\nzZkKQbYKa6ZmjOwuBJ2GBdni7iNSd7BGmZhyzgvs1h30kMLEkW2GtA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-16T12:18:00Z", + "mac": "ENC[AES256_GCM,data:VD+Swc/5+f3vWHIoTBQmtiLc6GhEKX/suygfKJWpum3INnxCTvj4QXcGVc6Hzn5Yeat9tdiiXXcuu0F2zTcDjikGL167iuf6HlC1ASfBh/gt7yau5SiD0WYhouxZFo+b4FvnNv0sb4+JTGMSkOLdJD2h6UvA15iXe5vTS9+ZCq8=,iv:f4TZkVrriKxZBMcJLLtyR/RJ7vDtBOSx/stwoWV/A3A=,tag:JGIExjoT/zTj4NPEsJ+vBg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/c1/k3s-token/token/users/nixos b/vars/per-machine/c1/k3s-token/token/users/nixos new file mode 120000 index 0000000..b1bb8e7 --- /dev/null +++ b/vars/per-machine/c1/k3s-token/token/users/nixos @@ -0,0 +1 @@ +../../../../../../sops/users/nixos \ No newline at end of file diff --git a/vars/shared/k3s-token/token/secret b/vars/shared/k3s-token/token/secret deleted file mode 100644 index b44800d..0000000 --- a/vars/shared/k3s-token/token/secret +++ /dev/null @@ -1,15 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:BOewQTwOh0/4jc4nCrIMagpR0875lfermaywa6SYoWhJI/eJEZHYhMI768dyzYe0r1xb,iv:zygnLd+e58BKLV5FTJ/XrYxcGumOmtw3KfH/GJyZP1U=,tag:u7xE06ObElNWh8jIb/cZeQ==,type:str]", - "sops": { - "age": [ - { - "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvSHhvNVRhVVl1VzlVQlpF\nOUZ2RHlEMUViOW5ZMVJ0ZzMwekcrWEMvckZNCnR3ZmdQWlQ0ZEFGczFMVlY3QThS\nTFNQVUJkNkFCV0hieUdEaGh2MXJmUmsKLS0tIEl6YnAzMU1BeThJRTJxMHYwb254\nWkFZQ2dQc3dnQlkyS0RKemJ5Rmh0OXcK7XJhESkmaNK7d6sFEPZXlt9X5EH8Evtr\nzbZpY8n/d5/hx1v3yELOMCaT72Sn4W7EM5J8TxYc/pSsB4w4bR5jnQ==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2025-09-16T12:11:40Z", - "mac": "ENC[AES256_GCM,data:KGx82ishq62L5XqTHuoxYvIBH8mpiYSRnCjY0Jnlh1fxsy2nvWMpR+SBnjyGZpn+hGRPEr9nr3Cy/0gdrI7vcpZKzqGCSla26lW9xQixpl3nf0dEJEvCdanlYBZq/Y5zOeZD3CA9XKv+4qwj7UnJnW9dLwb74cOWEwfGviA5dHU=,iv:hb2raFi0UNCL8siYr6IZ+z8e6nSxOX7yel3r8nh5des=,tag:MeanXTvPCJ2W0GnYZ719gA==,type:str]", - "unencrypted_suffix": "_unencrypted", - "version": "3.10.2" - } -} diff --git a/vars/shared/k3s-token/token/users/nixos b/vars/shared/k3s-token/token/users/nixos deleted file mode 120000 index f8de8df..0000000 --- a/vars/shared/k3s-token/token/users/nixos +++ /dev/null @@ -1 +0,0 @@ -../../../../../sops/users/nixos \ No newline at end of file From 81bc14dcb9b649451939a01d3828ca4c170dc897 Mon Sep 17 00:00:00 2001 From: clan-tool Date: Tue, 16 Sep 2025 15:16:12 +0200 Subject: [PATCH 8/8] kaas --- clan.nix | 5 +++ flake.lock | 41 ++++++------------- .../c1/k3s-token/token/users/nixos | 1 - .../zerotier-identity-secret/machines/c1 | 1 - .../zerotier-identity-secret/users/nixos | 1 - 5 files changed, 18 insertions(+), 31 deletions(-) delete mode 120000 vars/per-machine/c1/k3s-token/token/users/nixos delete mode 120000 vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 delete mode 120000 vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos diff --git a/clan.nix b/clan.nix index 0582c93..2d030e3 100644 --- a/clan.nix +++ b/clan.nix @@ -48,6 +48,11 @@ name = "@amarth/k3s"; input = "amarth"; }; + + roles.server.machines."c1" = {}; + + roles.agent.machines."c2" = {}; + roles.agent.machines."c3" = {}; }; }; diff --git a/flake.lock b/flake.lock index 0b21c58..90ca109 100644 --- a/flake.lock +++ b/flake.lock @@ -8,15 +8,14 @@ "amarth", "clan-core", "nixpkgs" - ], - "systems": "systems_2" + ] }, "locked": { - "lastModified": 1757947021, - "narHash": "sha256-BinQx0l//FdLRxYzvQG6lwP8HR9g8iiJ5I6vt5Mm1Fs=", + "lastModified": 1758024845, + "narHash": "sha256-aMhb+b0LA3IxoaXJ+5YoGSs5mf/N18z+/tj+NjASTmU=", "ref": "refs/heads/main", - "rev": "5525d770f1f73145860f2f929496d3d85ee058dc", - "revCount": 3, + "rev": "ceed1a0cdf5b72c290ad5e060f8a68539847df67", + "revCount": 8, "type": "git", "url": "https://git.amarth.cloud/amarth/services.git" }, @@ -60,15 +59,15 @@ "nixos-facter-modules": "nixos-facter-modules_2", "nixpkgs": "nixpkgs_2", "sops-nix": "sops-nix_2", - "systems": "systems_3", + "systems": "systems_2", "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1757912940, - "narHash": "sha256-Xypz7pxa1L09GooMueosv0CRW4Cx5/gdtvSPBrnXf6M=", - "rev": "93280a9f987bbe689c74f1ea21d0c2fa4645c359", + "lastModified": 1758021280, + "narHash": "sha256-tnXjO1KpfFRKqe9tPZ5ZrM6O2E1DG2nJiE0QKJACPG8=", + "rev": "f2134754c5f0fdca982487de82a16428021a0e0e", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/93280a9f987bbe689c74f1ea21d0c2fa4645c359.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/f2134754c5f0fdca982487de82a16428021a0e0e.tar.gz" }, "original": { "type": "tarball", @@ -404,11 +403,11 @@ ] }, "locked": { - "lastModified": 1757449901, - "narHash": "sha256-qwN8nYdSRnmmyyi+uR6m4gXnVktmy5smG1MOrSFD8PI=", + "lastModified": 1758007585, + "narHash": "sha256-HYnwlbY6RE5xVd5rh0bYw77pnD8lOgbT4mlrfjgNZ0c=", "owner": "Mic92", "repo": "sops-nix", - "rev": "3b4a369df9dd6ee171a7ea4448b50e2528faf850", + "rev": "f77d4cfa075c3de66fc9976b80e0c4fc69e2c139", "type": "github" }, "original": { @@ -433,20 +432,6 @@ } }, "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "id": "systems", - "type": "indirect" - } - }, - "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", diff --git a/vars/per-machine/c1/k3s-token/token/users/nixos b/vars/per-machine/c1/k3s-token/token/users/nixos deleted file mode 120000 index b1bb8e7..0000000 --- a/vars/per-machine/c1/k3s-token/token/users/nixos +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/nixos \ No newline at end of file diff --git a/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 b/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 deleted file mode 120000 index 01430a8..0000000 --- a/vars/per-machine/c1/zerotier/zerotier-identity-secret/machines/c1 +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/machines/c1 \ No newline at end of file diff --git a/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos b/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos deleted file mode 120000 index b1bb8e7..0000000 --- a/vars/per-machine/c1/zerotier/zerotier-identity-secret/users/nixos +++ /dev/null @@ -1 +0,0 @@ -../../../../../../sops/users/nixos \ No newline at end of file