From e5c7ebd23cbdd4d0fce26f67717e0eb3c1719bfd Mon Sep 17 00:00:00 2001
From: janabhumi <dmitriy@ideascup.me>
Date: Thu, 13 Oct 2022 07:47:31 +0300
Subject: [PATCH] add initial configs for vps

---
 data.nix                                    |  10 ++++++
 flake.nix                                   |  32 +++++++++++++++++--
 machines/asus-gl553vd/default.nix           |   2 ++
 machines/default.nix                        |   6 ++++
 machines/home/default.nix                   |   2 ++
 machines/magenta/default.nix                |  19 +++++++++++
 machines/magenta/hardware-configuration.nix |   9 ++++++
 machines/magenta/networking.nix             |  33 ++++++++++++++++++++
 secrets.config.nix                          | Bin 1502 -> 1724 bytes
 9 files changed, 110 insertions(+), 3 deletions(-)
 create mode 100644 data.nix
 create mode 100644 machines/magenta/default.nix
 create mode 100644 machines/magenta/hardware-configuration.nix
 create mode 100644 machines/magenta/networking.nix

diff --git a/data.nix b/data.nix
new file mode 100644
index 0000000..14daf74
--- /dev/null
+++ b/data.nix
@@ -0,0 +1,10 @@
+{
+  publicKeys = {
+    users = {
+      jan = [
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJKo68e8EuKlgYG/mxEsMsfWLHXkRulpscGZUD9lXbaEyTvaGalc82T4d7wXHgUi8/xpRbsfxxTV1bl1I7X+Vq7xmzfMP5a0NBIv5Lnh5C9WHEq1aw4fUFCxD5cwy9kt1jV3pSEN/+H5cg4T0OCVRikUZvfB9wng15fdw6JYoZWhWBwZHfISHhXqTXGDnMO7MvzFCl7Ek5WBvH6LoThJFVvKkab6Zg15FtuqNpCat0yEb5QMoFUbyp2Wm0eFU5eUVnlqC6IgG765Pbz+v4sJJo0q3+sZlIgzPeav3d7FEgZeqq+UZA3Hp+4T5ww+XEHDalxsB60VDeq85snVTO8XGt"
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDXNG/QeViH/SboWxbONAub/eim3NRm5MDtJA7gyTz7r"
+      ];
+    };
+  };
+}
diff --git a/flake.nix b/flake.nix
index 96ff644..44769ac 100644
--- a/flake.nix
+++ b/flake.nix
@@ -49,21 +49,33 @@
           inherit (pkgs) lib;
 
           nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixFlakes; };
+
+          localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations;
+          vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations;
         in
         {
           apps = lib.mapAttrs
             (name: program: { type = "app"; program = toString program; })
             (flake-utils.lib.flattenTree {
+              deploy = lib.recurseIntoAttrs (lib.mapAttrs
+                (hostname: machine: pkgs.writeShellScript "deploy-${hostname}" ''
+                  ${nixos-rebuild}/bin/nixos-rebuild switch \
+                    --flake .#${hostname} \
+                    --target-host ${machine.config.deployment.targetHost} 
+                '')
+                vpsMachines);
+
               switch = lib.recurseIntoAttrs (lib.mapAttrs
                 (hostname: machine: pkgs.writeShellScript "switch-${hostname}" ''
                   ${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname}
                 '')
-                self.nixosConfigurations);
+                localMachines);
+
               test = lib.recurseIntoAttrs (lib.mapAttrs
                 (hostname: machine: pkgs.writeShellScript "test-${hostname}" ''
                   ${nixos-rebuild}/bin/nixos-rebuild test --flake .#${hostname}
                 '')
-                self.nixosConfigurations);
+                localMachines);
             });
 
           devShells = {
@@ -83,6 +95,7 @@
                      , specialArgs ? { }
                      , extraModules ? [ ]
                      , extraHomeModule ? null
+                     , targetHost ? null
                      , nixpkgs ? inputs.nixpkgs
                      }:
             nixpkgs.lib.nixosSystem {
@@ -96,7 +109,20 @@
                   home-manager.nixosModule
                 ])
                 ++ [ ./machines/${hostname} ]
-                ++ extraModules;
+                ++ extraModules
+                ++ [
+                  # deployment settings
+                  ({ lib, ... }: {
+                    options.deployment = with lib; {
+                      targetHost = mkOption {
+                        type = types.nullOr types.str;
+                        readOnly = true;
+                        internal = true;
+                      };
+                    };
+                    config.deployment = { inherit targetHost; };
+                  })
+                ];
             })
           (import ./machines inputs);
     };
diff --git a/machines/asus-gl553vd/default.nix b/machines/asus-gl553vd/default.nix
index 7d72ee7..1a729c9 100644
--- a/machines/asus-gl553vd/default.nix
+++ b/machines/asus-gl553vd/default.nix
@@ -52,4 +52,6 @@ in
 
   # Enable the Docker
   virtualisation.docker.enable = true;
+
+  local.nix.enableMyRegistry = true;
 }
diff --git a/machines/default.nix b/machines/default.nix
index 6930425..2f2e97d 100644
--- a/machines/default.nix
+++ b/machines/default.nix
@@ -29,4 +29,10 @@ in
       local.alacritty.fontSize = 6.0;
     };
   };
+
+  magenta = {
+    system = "x86_64-linux";
+
+    targetHost = "45.131.41.215";
+  };
 }
diff --git a/machines/home/default.nix b/machines/home/default.nix
index 109eedd..981e5d2 100644
--- a/machines/home/default.nix
+++ b/machines/home/default.nix
@@ -79,4 +79,6 @@ in
 
   # Enable the Docker
   virtualisation.docker.enable = true;
+
+  local.nix.enableMyRegistry = true;
 }
diff --git a/machines/magenta/default.nix b/machines/magenta/default.nix
new file mode 100644
index 0000000..252d3e8
--- /dev/null
+++ b/machines/magenta/default.nix
@@ -0,0 +1,19 @@
+{ ... }:
+
+let
+  data = import ../../data.nix;
+in
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./networking.nix # generated at runtime by nixos-infect
+    ../modules/common.nix
+  ];
+
+  boot.cleanTmpDir = true;
+  zramSwap.enable = true;
+  networking.hostName = "magenta";
+
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = data.publicKeys.users.jan;
+}
diff --git a/machines/magenta/hardware-configuration.nix b/machines/magenta/hardware-configuration.nix
new file mode 100644
index 0000000..40c8d65
--- /dev/null
+++ b/machines/magenta/hardware-configuration.nix
@@ -0,0 +1,9 @@
+{ modulesPath, ... }:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+}
diff --git a/machines/magenta/networking.nix b/machines/magenta/networking.nix
new file mode 100644
index 0000000..e294e6e
--- /dev/null
+++ b/machines/magenta/networking.nix
@@ -0,0 +1,33 @@
+{ lib, ... }:
+
+{
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [
+      "188.93.16.19"
+      "188.93.17.19"
+      "8.8.8.8"
+    ];
+    defaultGateway = "45.131.41.1";
+    defaultGateway6 = "";
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address = "45.131.41.215"; prefixLength = 24; }
+        ];
+        ipv6.addresses = [
+          { address = "fe80::f816:3eff:fe58:d30a"; prefixLength = 64; }
+        ];
+        ipv4.routes = [{ address = "45.131.41.1"; prefixLength = 32; }];
+        ipv6.routes = [{ address = ""; prefixLength = 128; }];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="fa:16:3e:58:d3:0a", NAME="eth0"
+  '';
+}
diff --git a/secrets.config.nix b/secrets.config.nix
index cb038a51434035ebe72f11a30e01e6060235d349..16c5ea6c11027d54a11bd87240a403e86e4d7198 100644
GIT binary patch
literal 1724
zcmV;t21EG(M@dveQdv+`0AtD>;FLA#!i-hT8iUjkwv%9q1t)J`mj51rKOS|5i(uH9
z3`w#r<HW7zID-?l3}c?p3?9QE%7qKaJbl1+D!gzW`YB9|V<GQCtf@k99{Gz9$Y%D2
zbyfpgs^Q#FUE8ks^r9QK5T}GIo|OlAcOmjoT47L+2h!)x#qiLqv12}ZE0!>8Fm_6J
z8sr3M5lXH|A+-D=6bcb{S+I-+bCc1#PO7GKNz=irk}9kyh5ao^%A;q@6)3<KJXASP
zxkZ5J9_KFTs$D_@0`eh|fV@oVb54QKZZ`M>2m58m+L92T3xv%A_*+|n=x7sTY$c<h
zHhM%Q1C$t<zHt-s8|=_&<;D$b8WM{qJI`Qe>PTda>-hv>S9tSN7m`OSNz}w8yg!;7
z?ICqkq>;Az<T++Q>9a2NDPu!Jzo|n(&sfg#<gR!sFR(DO+o;y;Fd5v-?;0xttC%_R
ziDc{%6I$_LChKWX78hg8+kG!GE;M+iQ$)#}fNsE*l7yPxlI`UVqgaxHZwY*N10+Kx
zWSCb^g78TCZ|lhVZ!H8EC3UslpxdMKO<nLL4QL6sJ__qLK?8%QL-4^~p+3*p{l~UN
z6jrvwJrjwWELwBTu-cD|y6D8JOzb2;X^50yz6Rf!{78neaX3a7Rj&~25HiJXs2>7~
zHV9|?0723Dg{9N2KI{92)BQ=Cq--wLC%k-xrtd#uhM!#gYiU96R8cpXXE+3TP>Xj<
z#XXg8BXxhqzUq)`Ze?SbA*IS6{CKGmNuKqNe0ob=$u>_G6-xGG7k~RvHEfJNUUEYX
zjNm76^tEsVTx{YjZ)5F1=)k&5a!DF__{e%RG<MA~6+L|&cBbvew#hUDVZ!qk$Iy%<
zC~D-@=4Q1g!IcyMxq~oBD^)E;{cWr;Z=EZHj#X$2q(<a_rC^>cY2bGrnUk-d39b=a
znK~|@WD6~W8+2sSft?G{)jvOhN9sgvk@i#*u=))#>Agjr{1ZkL-m#Ef`Q>%R2*Qio
z#D5zA2RxP-e>1o)BS>o_&RDW1doQ+{ANy*BETGN)fI{b5=k>1H0KXr6hN=_VF?*q$
z&JD)X2~@l{&L`gK1gzU`B~Z$2XGmyi{srh6wAzDjO+FSQom3kVt1K#B#PRpKQh#r1
zh}VjM&@_5~*tp+3&`fIBBz)yHTeV4RWfOKUd4P_?H8Y%O$_;(=q-mrwWd>xPW?y;-
zf2GyD_wtGJ`9d9I$O%`w5?DPPe<&J%dt8nA^x>J-0FapCxt-2skAg^fp>7@U#&@vF
zbspqd_>qtJp``gb0CMM0ch1#hct~0-7#3I+FgZ=@K&;Ax#JOah!p>WHky&Qg*ckY#
z52t{$8%FtSp>`$BW#Qp#6LQu7Nqs9CkL>DZ%!hMg^MA0*DyaFB4USZh4dYHgGqq>c
z$13Lss9=o|dKs!+kv7?vu$wEOQN0efnBZMXj;2JG6SCTVA3qfDZbuKw<AP1lxv`Ne
zx}*p{RX*^*TYGnrprV(0NOro7L$nH;CruqtjuvXo`TmHUMfgkhy6)mSd=o5H&5AfM
z@un+@KCttVf*5aj+;SgZf)dAy)eFNgR{u_6u72c+UN|J*1*+z$O|;G{f9hMr?fG*o
zb;>mr^;m|7+oFHD;}ZP*dYaWb7&{Z_C9t&}(+1$gqp#WvQ`V3!jsQux=98yizk@Tn
zT1(K{Z_QY|+n+&fs}^Z>OzE9!axA^^*HBaBJ1rG0vTfoIIr1+C9B+}K2X^jrw{ryi
z=rm(&yjoMDENiWW@h>0pbN>YLe?FtC<yBnTkOc3R49u-~(~$ws^0_A@PURW@GRb$o
z+<w5~LK!M+4KYlrrQ;jk^&&S@?5a9I9ao|pba9*KpyP&r12h&$XeNyJU{kHq|H4iM
zjob+X<N8TaWVN!1k}MTu6FB1H*Y`R~>8!~^7si6Xh8cvS-PAPfdG9?6g{fv@1)<8j
z&SaVqt;Z0N0duanNL@c1M#u#TW1_2WDYKc+e7F{LEg+Fa=Eb}6i^1%e{nAZhlfARk
znFG&&BQ96sIVc73*mSU$O)aL#;_q!Q$bQA1p-8>H&C@WtedYdZkTgTxeO1~#{j_3%
zBcX!@E7FV7tI?nLA`IpJ;tK!M`VN|QYkdY7lQhwR@9au(^DcfVie!Az_^ka(keZIR
zjFbMIO0`&li6wW{%aiiv_<hh<A(3yYO5GEIBM?A%&orE#ONdDnTpZI4-?}S`A>AxI
S02F@Bg;-W6I142t^$%h1)=tL&

literal 1502
zcmV<41tIzXM@dveQdv+`03#KMM*ih&9*9cLZv#hUIyyrf<)C|vuE=kfJ=O-^pEdX4
z_R+0<&~kQJi~>#OT|R3U<N!y95ZJX-i2H9z@H!^R_s#nQY|AnsC<FKDH#KL<U_2YV
zj2C<GLX$x0&$>5C<!6>ZlS?~OxmB)FZf&+ZZ|;k1V+&q8>FU)a-C{CQJC%+4kA8)u
z5FE(Leosvb{!-a`mA33B-P21{U>CSa;=g4abq}KHMjfmnr&j<9;}w|z{*~}>X=`>E
z=ls&gjlG}#&$(qhcV;H{=No;0bBgLG6n@T|KR7%&l17|s{oWVmZXo<YE|m@{=6-E|
zC>aX|>mmpl`1yvnfQCw+tElUNhE2rw|Kk0lXI5~TH8D^n>*X3|9qMd_<?70TnK2Y8
z6oCH1)GxH$?__`!1B*vXen^+Der=HR{mS%)!P{Q0|7yl=JNC*{AzF}-N(ygItlET$
zR&Q;h$+d2TCgtn4cVUWX09knL-iR|pw!vFl%v!0G-gRVAsa1S!S7&tD;6pPsR(A1z
zrlGrzmEPq8r^brEfZx}NZIwH4S>Kj#F{9_`D~||!c6rL`A*|4i_3<zvvD_<`v<<|n
zn$<g(EEwAHtFZdq6)N%gu&Rg~5V{_AE45?-)8Mxd)3{l=%2haqF;#@;(-gm_pUE@=
zun4#722+Ffm@pj9^uD3LiS9~pZMI+1D%1A=Zf_r}GdWP=Xz5FxZC01FYl-`gJ2vN7
z8<4t-y_#1D6z93j1CF);ppgg0HiBL<13C8X$r2sS4j7C_6_MCj!dxyP?$LXh-k>#1
zeV~V#LlgC1ExRA&-tx&0NIwE#(#DDR$f@1B`V-GWy>Va}1bXE0K4AS);I3B=DRKue
zW-7@V7-~TQQfr!u*ca>j!fI52MbMN=H0K74l^iBTy>h?0k|M_C33@>e863*k&O)aK
zEaS<ssUmi#$rI005fcAlbh}nzl`;#X6D?GYi9;3$D2#h!qR0xVslw(i&^rORBvSBz
z(nh(n=?%+;Mn&azPY%Ahn9PyI2RM(xrlDlB(A{h6ZNkCrI;X?OiTUIG<R`3~)sJYY
zk%|Ao)yT$STxd-Ca0T9Db*3}gJxh3^%B8zr?w{#mgR27si!JZTk$r$F6BR71Qa1n0
zliw!wjbzgDAo1|d6nUx*#`B4e-x-nr(=iSq0zw3m_p!X)&FRUC-x(puGNt^>ILmb5
zDL4Z_SL9=|!cS3+)IVQh_kH3#NYNj(b3}-}WnbD5L5}~~e&71KMpCI~`;xC5vl+^x
zgub7S@{7QSd;YD^Gw)HC5NEtK#o*`COlj6B6;$7_791I=RtS7A)7}MTNT>ng!?sro
z^xZ^2ilwurWU{4FB-|1Khv=&t+~^y@`MOz-2t5*MwGjXV!#Whm>8)VtsVa=@PaifD
zSkPj7i4YKvT7Hy}G#}W#kT|2YH{=(vdPY5EGaq4;czPL7YD-vuiR{mR9rkA%hQk+<
zU}ai`wq#yTb6$sZAVowCpophS`=Sa#7Xk2I4HoN$$nHihlAboG9)13<q3I6kP_AbX
z@hkg5Lt7_8?-3`VE<V<Sybe2*HK3L&53CW8G8yfjrb-kr0h6`34=>!t$4d@<*j>`)
zV$(pb6Ca6*!mi{bWOm~UJTgiB%<_HolpTchn!2+=OYIn%*?u8Hi2Kzfh~TO5>vqk(
zfuwt)?;$^(lC-3z;zTnei0{<eBnKa*`pI`BX4q=S*7*?J>4ANfznfg#j7lQ`4S99^
zfULRl?dRd}2?#?l|NV{qy2_j~0c#fJa@WVx5FB_|vVQXxGIKmrD!Jo`?AYO0yP1rg
ze=JlumfzQ>*P@{7U_lnx677^ZYQn`~`nJ)=?Z)!-uHwSS*3_Thv2RG1yW)zs!Scvf
z+c8K{R;*{`6K-L&;#EzP<sT191&^p%3Q$gn6Y`Z{Qk5yp>TQDuIFk~Ub1hMLJM-db
Ej#cjaa{vGU