factor out sources from flake stuff

Split nameservers between IPv4 and IPv6 (#420 )
Reviewed-on: Fediversity/Fediversity#420 Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com> Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
2025-07-01 13:31:06 +02:00 · 2025-07-01 13:09:06 +02:00
6 changed files with 26 additions and 13 deletions
--- a/deployment/check/basic/flake-part.nix
+++ b/deployment/check/basic/flake-part.nix
@ -2,6 +2,7 @@
  self,
  inputs,
  lib,
  sources,
  ...
 }:
@ -27,7 +28,9 @@ in
          ../common/nixosTest.nix
          ./nixosTest.nix
        ];
-        _module.args.inputs = inputs;
+        _module.args = {
          inherit inputs sources;
        };
        inherit targetMachines pathToRoot pathFromRoot;
      };
    };
@ -44,7 +47,9 @@ in
          inputs.nixops4-nixos.modules.nixops4Resource.nixos
          ../common/targetResource.nix
        ];
-        _module.args.inputs = inputs;
+        _module.args = {
          inherit inputs sources;
        };
        inherit nodeName pathToRoot pathFromRoot;
        nixos.module =
          { pkgs, ... }:
--- a/deployment/check/common/deployerNode.nix
+++ b/deployment/check/common/deployerNode.nix
@ -3,6 +3,7 @@
  lib,
  pkgs,
  config,
  sources,
  ...
 }:
@ -14,8 +15,6 @@ let
    types
    ;
  sources = import ../../../npins;
 in
 {
  _class = "nixos";
--- a/deployment/check/common/nixosTest.nix
+++ b/deployment/check/common/nixosTest.nix
@ -3,6 +3,7 @@
  lib,
  config,
  hostPkgs,
  sources,
  ...
 }:
@ -61,7 +62,9 @@ in
      {
        deployer = {
          imports = [ ./deployerNode.nix ];
-          _module.args.inputs = inputs;
+          _module.args = {
            inherit inputs sources;
          };
          enableAcme = config.enableAcme;
          acmeNodeIP = config.nodes.acme.networking.primaryIPAddress;
        };
--- a/flake.nix
+++ b/flake.nix
@ -31,6 +31,9 @@
          inherit nixpkgs;
        };
        self = self';
        specialArgs = {
          inherit sources;
        };
      }
      (
        { inputs, ... }:
--- a/infra/common/nixos/networking.nix
+++ b/infra/common/nixos/networking.nix
@ -21,13 +21,8 @@ in
        ## REVIEW: Do we actually need that, considering that we have static IPs?
        useDHCP = mkDefault true;
-        nameservers = [
+        ## Disable the default firewall and use nftables instead, with a custom
-          "95.215.185.6"
+        ## Procolix-made ruleset.
          "95.215.185.7"
          "2a00:51c0::5fd7:b906"
          "2a00:51c0::5fd7:b907"
        ];
        firewall.enable = false;
        nftables = {
          enable = true;
@ -44,6 +39,10 @@ in
          address = config.fediversityVm.ipv4.gateway;
          interface = config.fediversityVm.ipv4.interface;
        };
        nameservers = [
          "95.215.185.6"
          "95.215.185.7"
        ];
      })
      ## IPv6
@ -55,6 +54,10 @@ in
          address = config.fediversityVm.ipv6.gateway;
          interface = config.fediversityVm.ipv6.interface;
        };
        nameservers = [
          "2a00:51c0::5fd7:b906"
          "2a00:51c0::5fd7:b907"
        ];
      })
    ];
  };
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -1,6 +1,7 @@
 {
  inputs,
  lib,
  sources,
  ...
 }:
@ -13,7 +14,6 @@ let
    filterAttrs
    ;
  inherit (lib.attrsets) genAttrs;
  sources = import ../../npins;
  ## Given a machine's name and whether it is a test VM, make a resource module,
  ## except for its missing provider. (Depending on the use of that resource, we