95 lines
2.9 KiB
Nix
95 lines
2.9 KiB
Nix
{ inputs }:
|
|
let
|
|
nlib = inputs.nixpkgs-edge.lib;
|
|
|
|
ellipsis =
|
|
maxlen: take: str:
|
|
if builtins.stringLength str > maxlen then builtins.substring 0 take str + "..." else str;
|
|
|
|
denix =
|
|
str:
|
|
builtins.concatStringsSep "/nix/store/..." (
|
|
builtins.filter builtins.isString (builtins.split "(/nix/store/[^ /-]+.?)" str)
|
|
);
|
|
|
|
# make a pretty summary of a lib.nixosSystem
|
|
mkNixosConfigSummary =
|
|
nixosSystem:
|
|
let
|
|
cfg = nixosSystem.config;
|
|
inherit (nixosSystem) pkgs;
|
|
inherit (pkgs) lib;
|
|
in
|
|
{
|
|
system =
|
|
if pkgs.stdenv.hostPlatform.system == pkgs.stdenv.buildPlatform.system then
|
|
pkgs.stdenv.hostPlatform.system
|
|
else
|
|
{
|
|
# inherit (pkgs.stdenv) hostPlatform buildPlatform;
|
|
hostPlatform = pkgs.stdenv.hostPlatform.system;
|
|
buildPlatform = pkgs.stdenv.buildPlatform.system;
|
|
};
|
|
inherit (cfg.boot.binfmt) emulatedSystems;
|
|
inherit (cfg.networking) hostName fqdn search;
|
|
inherit (cfg.networking.firewall) allowedTCPPorts allowedUDPPorts;
|
|
buildMachines = lib.pipe cfg.nix.buildMachines [
|
|
(map (buildMachine: "${buildMachine.protocol}:${buildMachine.sshUser}@${buildMachine.hostName}"))
|
|
(lib.sort (a: b: a < b))
|
|
];
|
|
users = lib.pipe cfg.users.users [
|
|
(lib.filterAttrs (uname: user: user.isNormalUser || user.openssh.authorizedKeys.keys != [ ]))
|
|
(lib.mapAttrs (
|
|
uname: user: {
|
|
inherit (user) home;
|
|
authorizedKeys = lib.sort (a: b: a < b) (
|
|
lib.forEach user.openssh.authorizedKeys.keys (
|
|
key:
|
|
lib.pipe key [
|
|
(lib.splitString " ")
|
|
(map denix)
|
|
(map (ellipsis 60 12))
|
|
(lib.concatStringsSep " ")
|
|
]
|
|
)
|
|
);
|
|
}
|
|
))
|
|
];
|
|
nix-system-features = cfg.nix.settings.system-features;
|
|
bootloader =
|
|
if cfg.boot.loader.grub.enable then
|
|
"grub"
|
|
else if cfg.boot.loader.systemd-boot.enable then
|
|
"systemd-boot"
|
|
else if cfg.boot.isContainer then
|
|
"container"
|
|
else
|
|
null;
|
|
mounts =
|
|
lib.pipe cfg.fileSystems [
|
|
(lib.filterAttrs (mount: fs: fs.fsType != "nfs")) # spammy
|
|
(lib.mapAttrs (mount: fs: "${fs.fsType}://${fs.device}"))
|
|
]
|
|
// lib.pipe cfg.swapDevices [
|
|
(lib.map (s: s.device or s.label))
|
|
(
|
|
sx:
|
|
lib.optionalAttrs (sx != [ ]) {
|
|
swap = if lib.length sx == 1 then lib.head sx else sx;
|
|
}
|
|
)
|
|
];
|
|
}
|
|
// lib.optionalAttrs cfg.services.nginx.enable {
|
|
nginx-vhosts = lib.pipe cfg.services.nginx.virtualHosts [
|
|
(lib.filterAttrs (domain: vhost: vhost == "_"))
|
|
(lib.mapAttrs (domain: vhost: vhost.serverAliases or [ ]))
|
|
];
|
|
};
|
|
|
|
in
|
|
{
|
|
inherit mkNixosConfigSummary;
|
|
}
|