diff --git a/launch/flake.lock b/launch/flake.lock deleted file mode 100644 index e1b4f6df..00000000 --- a/launch/flake.lock +++ /dev/null @@ -1,158 +0,0 @@ -{ - "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager", - "nixpkgs": "nixpkgs", - "systems": "systems" - }, - "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "disko": { - "inputs": { - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1741786315, - "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", - "owner": "nix-community", - "repo": "disko", - "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703113217, - "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1703013332, - "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1741402956, - "narHash": "sha256-y2hByvBM03s9T2fpeLjW6iprbxnhV9mJMmSwCHc41ZQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ed0b1881565c1ffef490c10d663d4f542031dad3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1743046730, - "narHash": "sha256-3ON6kKBQ4pz/IVZylcbw28K/Jm5cym4V/Z+VmPzR9/4=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "67545051fd77a131ebab477fbf2bb4d9473edd35", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "release-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "agenix": "agenix", - "disko": "disko", - "nixpkgs": "nixpkgs_3" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/launch/flake.nix b/launch/flake.nix deleted file mode 100644 index 9d126b9e..00000000 --- a/launch/flake.nix +++ /dev/null @@ -1,125 +0,0 @@ -{ - inputs = { - agenix.url = "github:ryantm/agenix"; - disko.url = "github:nix-community/disko"; - nixpkgs.url = "github:nixos/nixpkgs/release-24.11"; - }; - outputs = - inputs@{ nixpkgs, ... }: - let - system = "x86_64-linux"; - inherit (nixpkgs) lib; - in - { - nixosConfigurations = - let - ## NOTE: All of these secrets are publicly available in this source file - ## and will end up in the Nix store. We don't care as they are only ever - ## used for testing anyway. - ## - ## FIXME: Generate and store in NixOps4's state. - mastodonS3KeyConfig = - { pkgs, ... }: - { - s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK3515373e4c851ebaad366558"; - s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7d37d093435a41f2aab8f13c19ba067d9776c90215f56614adad6ece597dbb34"; - }; - peertubeS3KeyConfig = - { pkgs, ... }: - { - s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GK1f9feea9960f6f95ff404c9b"; - s3SecretKeyFile = pkgs.writeText "s3SecretKey" "7295c4201966a02c2c3d25b5cea4a5ff782966a2415e3a196f91924631191395"; - }; - pixelfedS3KeyConfig = - { pkgs, ... }: - { - s3AccessKeyFile = pkgs.writeText "s3AccessKey" "GKb5615457d44214411e673b7b"; - s3SecretKeyFile = pkgs.writeText "s3SecretKey" "5be6799a88ca9b9d813d1a806b64f15efa49482dbe15339ddfaf7f19cf434987"; - }; - in - lib.mapAttrs - ( - _: module: - lib.nixosSystem { - inherit system; - specialArgs = { inherit system inputs; }; - modules = [ - inputs.disko.nixosModules.default - inputs.agenix.nixosModules.default - ../services/fediversity - ./resource.nix - module - { - nixpkgs = { inherit system; }; - } - ( - { pkgs, terraform, ... }: - let - inherit (terraform) hostname; - in - { - imports = [ - # FIXME: get VM details from TF - ../infra/test-machines/${hostname} - ]; - fediversityVm.name = hostname; - fediversity = { - inherit (terraform) domain; - temp.initialUser = { - inherit (terraform.initialUser) username email displayName; - # FIXME: disgusting, but nvm, this is going to be replaced by - # proper central authentication at some point - passwordFile = pkgs.writeText "password" terraform.initialUser.password; - }; - }; - } - ) - ]; - } - ) - { - garage = - { pkgs, ... }: - { - fediversity = { - garage.enable = true; - pixelfed = pixelfedS3KeyConfig { inherit pkgs; }; - mastodon = mastodonS3KeyConfig { inherit pkgs; }; - peertube = peertubeS3KeyConfig { inherit pkgs; }; - }; - }; - mastodon = - { pkgs, ... }: - { - fediversity = { - mastodon = mastodonS3KeyConfig { inherit pkgs; } // { - enable = true; - }; - temp.cores = 1; # FIXME: should come from NixOps4 eventually - }; - }; - peertube = - { pkgs, ... }: - { - fediversity = { - peertube = peertubeS3KeyConfig { inherit pkgs; } // { - enable = true; - ## NOTE: Only ever used for testing anyway. - ## - ## FIXME: Generate and store in NixOps4's state. - secretsFile = pkgs.writeText "secret" "574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24"; - }; - }; - }; - pixelfed = - { pkgs, ... }: - { - fediversity = { - pixelfed = pixelfedS3KeyConfig { inherit pkgs; } // { - enable = true; - }; - }; - }; - }; - }; -}