flake.nix: system -> stdenv.hostPlatform.system

skrott: use stable kernel
flake.lock: bump
2026-01-09 00:48:25 +01:00 · 2026-01-09 06:17:57 +09:00 · 2026-01-09 06:17:57 +09:00 · 2026-01-09 06:17:57 +09:00 · 2026-01-07 22:51:24 +09:00 · 2026-01-06 17:40:10 +09:00
18 changed files with 1237 additions and 54 deletions
--- a/.gitea/workflows/build-topology-graph.yml
+++ b/.gitea/workflows/build-topology-graph.yml
@@ -0,0 +1,32 @@
 name: "Build topology graph"
 on:
  push:
    branches:
      - main
 jobs:
  evals:
    runs-on: debian-latest
    steps:
    - uses: actions/checkout@v6
    - name: Install sudo
      run: apt-get update && apt-get -y install sudo
    - uses: https://github.com/cachix/install-nix-action@v31
    - name: Configure Nix
      run: echo -e "show-trace = true\nmax-jobs = auto\ntrusted-users = root\nexperimental-features = nix-command flakes\nbuild-users-group =" > /etc/nix/nix.conf
    - name: Build topology graph
      run: nix build .#topology -L
    - name: Upload topology graph
      uses: https://git.pvv.ntnu.no/Projects/rsync-action@v2
      with:
        source: result/*.svg
        quote-source: false
        target: ${{ gitea.ref_name }}/topology_graph/
        username: gitea-web
        ssh-key: ${{ secrets.WEB_SYNC_SSH_KEY }}
        host: pages.pvv.ntnu.no
        known-hosts: "pages.pvv.ntnu.no ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH2QjfFB+city1SYqltkVqWACfo1j37k+oQQfj13mtgg"
--- a/base/default.nix
+++ b/base/default.nix
@@ -16,7 +16,6 @@
    ./flake-input-exporter.nix
    ./services/acme.nix
    ./services/uptimed.nix
    ./services/auto-upgrade.nix
    ./services/dbus.nix
    ./services/fwupd.nix
@@ -28,8 +27,10 @@
    ./services/prometheus-node-exporter.nix
    ./services/prometheus-systemd-exporter.nix
    ./services/promtail.nix
    ./services/roowho2.nix
    ./services/smartd.nix
    ./services/thermald.nix
    ./services/uptimed.nix
    ./services/userborn.nix
    ./services/userdbd.nix
  ];
--- a/base/services/roowho2.nix
+++ b/base/services/roowho2.nix
@@ -0,0 +1,12 @@
 { lib, values, ... }:
 {
  services.roowho2.enable = lib.mkDefault true;
  systemd.sockets.roowho2-rwhod.socketConfig = {
    IPAddressDeny = "any";
    IPAddressAllow = [
      "127.0.0.1"
      values.ipv4-space
    ];
  };
 }
--- a/docs/development.md
+++ b/docs/development.md
@@ -7,7 +7,7 @@ the links from the *Upstream documentation* section below, or in [Miscellaneous
 ## Editing nix files
-> [!WARN]
+> [!WARNING]
 > Before editing any nix files, make sure to read [Secret management and `sops-nix`](./secret-management.md)!
 > We do not want to add any secrets in plaintext to the nix files, and certainly not commit and publish
 > them into the common public.
@@ -158,7 +158,7 @@ nix build .#
 ### Deploying to machines
-> [!WARN]
+> [!WARNING]
 > Be careful to think about state when testing changes against the machines. Sometimes, a certain change
 > can lead to irreversible changes to the data stored on the machine. An example would be a set of database
 > migrations applied when testing a newer version of a service. Unless that service also comes with downwards
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,48 @@
 {
  "nodes": {
    "devshell": {
      "inputs": {
        "nixpkgs": [
          "nix-topology",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1764011051,
        "narHash": "sha256-M7SZyPZiqZUR/EiiBJnmyUbOi5oE/03tCeFrTiUZchI=",
        "owner": "numtide",
        "repo": "devshell",
        "rev": "17ed8d9744ebe70424659b0ef74ad6d41fc87071",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "devshell",
        "type": "github"
      }
    },
    "dibbler": {
      "inputs": {
        "flake-utils": "flake-utils",
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1767906875,
        "narHash": "sha256-S88Qh7TJwuTkMQqAdXmF3JMkuV2e5GHTdom02QrtdIs=",
        "ref": "main",
        "rev": "b86962ef0e15d1a7de445172d4acea454b119a91",
        "revCount": 220,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
      },
      "original": {
        "ref": "main",
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
      }
    },
    "disko": {
      "inputs": {
        "nixpkgs": [
@@ -21,6 +64,57 @@
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1761588595,
        "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "flake-utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1731533236,
        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
        "id": "flake-utils",
        "type": "indirect"
      }
    },
    "flake-utils_2": {
      "inputs": {
        "systems": "systems_2"
      },
      "locked": {
        "lastModified": 1731533236,
        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "gergle": {
      "inputs": {
        "nixpkgs": [
@@ -28,11 +122,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1764868579,
+        "lastModified": 1767906545,
-        "narHash": "sha256-rfTUOIc0wnC4+19gLVfPbHfXx/ilfuUix6bWY+yaM2U=",
+        "narHash": "sha256-LOf08pcjEQFLs3dLPuep5d1bAXWOFcdfxuk3YMb5KWw=",
        "ref": "main",
-        "rev": "9c923d1d50daa6a3b28c3214ad2300bfaf6c8fcd",
+        "rev": "e55cbe0ce0b20fc5952ed491fa8a553c8afb1bdd",
-        "revCount": 22,
+        "revCount": 23,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Grzegorz/gergle.git"
      },
@@ -42,6 +136,28 @@
        "url": "https://git.pvv.ntnu.no/Grzegorz/gergle.git"
      }
    },
    "gitignore": {
      "inputs": {
        "nixpkgs": [
          "nix-topology",
          "pre-commit-hooks",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1709087332,
        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
        "type": "github"
      },
      "original": {
        "owner": "hercules-ci",
        "repo": "gitignore.nix",
        "type": "github"
      }
    },
    "greg-ng": {
      "inputs": {
        "nixpkgs": [
@@ -50,11 +166,11 @@
        "rust-overlay": "rust-overlay"
      },
      "locked": {
-        "lastModified": 1765760377,
+        "lastModified": 1767906494,
-        "narHash": "sha256-2+lgzUjVas9hPSeWn52MwuX+iidMN4RkzkHo4vrGmR8=",
+        "narHash": "sha256-Dd6gtdZfRMAD6JhdX0GdJwIHVaBikePSpQXhIdwLlWI=",
        "ref": "main",
-        "rev": "f340dc5b9c9f3b75b7aca41f56f8869b9e28cf8c",
+        "rev": "7258822e2e90fea2ea00b13b5542f63699e33a9e",
-        "revCount": 58,
+        "revCount": 61,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Grzegorz/greg-ng.git"
      },
@@ -114,11 +230,11 @@
        "rust-overlay": "rust-overlay_2"
      },
      "locked": {
-        "lastModified": 1766407405,
+        "lastModified": 1767906976,
-        "narHash": "sha256-UEJ8F8/oG70biWRrGbL5/aB7OXzzvnYs+jxkR07UHvA=",
+        "narHash": "sha256-igCg8I83eO+noF00raXVJqDxzLS2SrZN8fK5bnvO+xI=",
        "ref": "main",
-        "rev": "e719840f72ca1b0cd169562a3a0de69899821de0",
+        "rev": "626bc9b6bae6a997b347cdbe84080240884f2955",
-        "revCount": 16,
+        "revCount": 17,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git"
      },
@@ -135,11 +251,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1765904683,
+        "lastModified": 1767906653,
-        "narHash": "sha256-uXM56y5n5GWpCiCNdKlTcCAy2IntgDB21c4gBDU30io=",
+        "narHash": "sha256-KMiVvnlkRpW4/MVloLURfjv3bvjcae0X9skext2jKVE=",
        "ref": "main",
-        "rev": "6fae27b1659efb6774cf08a4e36ed29ab0e24105",
+        "rev": "584fd6379c905a6370484c5b5ba0623b4fcb778f",
-        "revCount": 26,
+        "revCount": 27,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/minecraft-kartverket.git"
      },
@@ -156,11 +272,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1743881366,
+        "lastModified": 1767906352,
-        "narHash": "sha256-ScGA2IHPk9ugf9bqEZnp+YB/OJgrkZblnG/XLEKvJAo=",
+        "narHash": "sha256-wYsH9MMAPFG3XTL+3DwI39XMG0F2fTmn/5lt265a3Es=",
        "ref": "main",
-        "rev": "db2e4becf1b11e5dfd33de12a90a7d089fcf68ec",
+        "rev": "d054c5d064b8ed6d53a0adb0cf6c0a72febe212e",
-        "revCount": 11,
+        "revCount": 13,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Drift/nix-gitea-themes.git"
      },
@@ -170,13 +286,37 @@
        "url": "https://git.pvv.ntnu.no/Drift/nix-gitea-themes.git"
      }
    },
    "nix-topology": {
      "inputs": {
        "devshell": "devshell",
        "flake-utils": "flake-utils_2",
        "nixpkgs": [
          "nixpkgs"
        ],
        "pre-commit-hooks": "pre-commit-hooks"
      },
      "locked": {
        "lastModified": 1767888340,
        "narHash": "sha256-CccRg4d8TpOUGz2HefBZLNYtGrcAyCMa7GVJHcUd8W4=",
        "owner": "oddlama",
        "repo": "nix-topology",
        "rev": "416ff06f72e810c554761e3f5dbf33b4f331e73e",
        "type": "github"
      },
      "original": {
        "owner": "oddlama",
        "ref": "main",
        "repo": "nix-topology",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1764806471,
+        "lastModified": 1767871818,
-        "narHash": "sha256-Qk0SArnS83KqyS9wNt1YoTkkYKDraNrjRWKUtB9DKoM=",
+        "narHash": "sha256-SOIHRu1sk+dW5f5DNTN5xYoeuZCyGIlKqxZ8RRj4lCM=",
-        "rev": "6707b1809330d0f912f5813963bb29f6f194ee81",
+        "rev": "6eb8dee465373971d4495d92e23c2f0979384f76",
        "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.896.6707b1809330/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.3412.6eb8dee46537/nixexprs.tar.xz"
      },
      "original": {
        "type": "tarball",
@@ -185,17 +325,40 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1764854611,
+        "lastModified": 1767870855,
-        "narHash": "sha256-MVzFp4ZKwdh6U1wy4fJe/GY3Hb4cvvyJbAZOhaeBQoo=",
+        "narHash": "sha256-SmrGFE9SdHFz60YbSCF7TtZ+GV8nIiYiI8fTEDyUouc=",
-        "rev": "3a4b875aef660bbd148e86b92cffea2a360c3275",
+        "rev": "719f19e8e447a52152aee8061c7a2951f9254f14",
        "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre906534.3a4b875aef66/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre924399.719f19e8e447/nixexprs.tar.xz"
      },
      "original": {
        "type": "tarball",
        "url": "https://nixos.org/channels/nixos-unstable-small/nixexprs.tar.xz"
      }
    },
    "pre-commit-hooks": {
      "inputs": {
        "flake-compat": "flake-compat",
        "gitignore": "gitignore",
        "nixpkgs": [
          "nix-topology",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1765911976,
        "narHash": "sha256-t3T/xm8zstHRLx+pIHxVpQTiySbKqcQbK+r+01XVKc0=",
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
        "rev": "b68b780b69702a090c8bb1b973bab13756cc7a27",
        "type": "github"
      },
      "original": {
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
        "type": "github"
      }
    },
    "pvv-calendar-bot": {
      "inputs": {
        "nixpkgs": [
@@ -224,11 +387,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1765978548,
+        "lastModified": 1767906725,
-        "narHash": "sha256-VDSPpw+/Mgo+JujoW12CRlkTs9o0tX/FEL2AR5kl5+Q=",
+        "narHash": "sha256-AZpNzcnbl855mqemSrWbYl2mEgngC2lmiI6yiszEgQw=",
        "ref": "main",
-        "rev": "961f021d27f86b2aedd16290dbf85bdd9d50fd42",
+        "rev": "65118b6abebd339e071c38f00a23b92dbbb72b38",
-        "revCount": 532,
+        "revCount": 537,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
      },
@@ -240,6 +403,7 @@
    },
    "root": {
      "inputs": {
        "dibbler": "dibbler",
        "disko": "disko",
        "gergle": "gergle",
        "greg-ng": "greg-ng",
@@ -248,13 +412,37 @@
        "minecraft-heatmap": "minecraft-heatmap",
        "minecraft-kartverket": "minecraft-kartverket",
        "nix-gitea-themes": "nix-gitea-themes",
        "nix-topology": "nix-topology",
        "nixpkgs": "nixpkgs",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "pvv-calendar-bot": "pvv-calendar-bot",
        "pvv-nettsiden": "pvv-nettsiden",
        "roowho2": "roowho2",
        "sops-nix": "sops-nix"
      }
    },
    "roowho2": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ],
        "rust-overlay": "rust-overlay_3"
      },
      "locked": {
        "lastModified": 1767903580,
        "narHash": "sha256-UtulIUyFv6HcU5BUcQONtyG29XPTOBMsJ4N0nJGNOUk=",
        "ref": "main",
        "rev": "dd23346bda46629788b08aba2e8af3b3f13335af",
        "revCount": 38,
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
      },
      "original": {
        "ref": "main",
        "type": "git",
        "url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
      }
    },
    "rust-overlay": {
      "inputs": {
        "nixpkgs": [
@@ -263,11 +451,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1765680428,
+        "lastModified": 1767840362,
-        "narHash": "sha256-fyPmRof9SZeI14ChPk5rVPOm7ISiiGkwGCunkhM+eUg=",
+        "narHash": "sha256-ZtsFqUhilubohNZ1TgpQIFsi4biZTwRH9rjZsDRDik8=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "eb3898d8ef143d4bf0f7f2229105fc51c7731b2f",
+        "rev": "d159ea1fc321c60f88a616ac28bab660092a227d",
        "type": "github"
      },
      "original": {
@@ -297,6 +485,27 @@
        "type": "github"
      }
    },
    "rust-overlay_3": {
      "inputs": {
        "nixpkgs": [
          "roowho2",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1767322002,
        "narHash": "sha256-yHKXXw2OWfIFsyTjduB4EyFwR0SYYF0hK8xI9z4NIn0=",
        "owner": "oxalica",
        "repo": "rust-overlay",
        "rev": "03c6e38661c02a27ca006a284813afdc461e9f7e",
        "type": "github"
      },
      "original": {
        "owner": "oxalica",
        "repo": "rust-overlay",
        "type": "github"
      }
    },
    "sops-nix": {
      "inputs": {
        "nixpkgs": [
@@ -304,11 +513,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1766894905,
+        "lastModified": 1767826491,
-        "narHash": "sha256-pn8AxxfajqyR/Dmr1wnZYdUXHgM3u6z9x0Z1Ijmz2UQ=",
+        "narHash": "sha256-WSBENPotD2MIhZwolL6GC9npqgaS5fkM7j07V2i/Ur8=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "61b39c7b657081c2adc91b75dd3ad8a91d6f07a7",
+        "rev": "ea3adcb6d2a000d9a69d0e23cad1f2cacb3a9fbe",
        "type": "github"
      },
      "original": {
@@ -317,6 +526,36 @@
        "repo": "sops-nix",
        "type": "github"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "systems_2": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@@ -11,12 +11,18 @@
    disko.url = "github:nix-community/disko/v1.11.0";
    disko.inputs.nixpkgs.follows = "nixpkgs";
    nix-topology.url = "github:oddlama/nix-topology/main";
    nix-topology.inputs.nixpkgs.follows = "nixpkgs";
    pvv-nettsiden.url = "git+https://git.pvv.ntnu.no/Projects/nettsiden.git?ref=main";
    pvv-nettsiden.inputs.nixpkgs.follows = "nixpkgs";
    pvv-calendar-bot.url = "git+https://git.pvv.ntnu.no/Projects/calendar-bot.git?ref=main";
    pvv-calendar-bot.inputs.nixpkgs.follows = "nixpkgs";
    dibbler.url = "git+https://git.pvv.ntnu.no/Projects/dibbler.git?ref=main";
    dibbler.inputs.nixpkgs.follows = "nixpkgs";
    matrix-next.url = "github:dali99/nixos-matrix-modules/v0.8.0";
    matrix-next.inputs.nixpkgs.follows = "nixpkgs";
@@ -26,6 +32,9 @@
    minecraft-heatmap.url = "git+https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git?ref=main";
    minecraft-heatmap.inputs.nixpkgs.follows = "nixpkgs";
    roowho2.url = "git+https://git.pvv.ntnu.no/Projects/roowho2.git?ref=main";
    roowho2.inputs.nixpkgs.follows = "nixpkgs";
    greg-ng.url = "git+https://git.pvv.ntnu.no/Grzegorz/greg-ng.git?ref=main";
    greg-ng.inputs.nixpkgs.follows = "nixpkgs";
    gergle.url = "git+https://git.pvv.ntnu.no/Grzegorz/gergle.git?ref=main";
@@ -74,23 +83,30 @@
        nixpkgs:
        name:
        configurationPath:
-        extraArgs:
+        extraArgs@{
          system ? "x86_64-linux",
          specialArgs ? { },
          modules ? [ ],
          overlays ? [ ],
          enableDefaults ? true,
          ...
        }:
        lib.nixosSystem (lib.recursiveUpdate
-        (let
+        {
          system = "x86_64-linux";
        in {
          inherit system;
          specialArgs = {
            inherit unstablePkgs inputs;
            values = import ./values.nix;
            fp = path: ./${path};
-          } // extraArgs.specialArgs or { };
+          } // specialArgs;
          modules = [
            configurationPath
          ] ++ (lib.optionals enableDefaults [
            sops-nix.nixosModules.sops
-          ] ++ extraArgs.modules or [];
+            inputs.roowho2.nixosModules.default
          ]) ++ modules;
          pkgs = import nixpkgs {
            inherit system;
@@ -99,15 +115,18 @@
                "nvidia-x11"
                "nvidia-settings"
              ];
-            overlays = [
+            overlays = (lib.optionals enableDefaults [
              # Global overlays go here
-            ] ++ extraArgs.overlays or [ ];
+              inputs.roowho2.overlays.default
            ]) ++ overlays;
          };
-        })
+        }
        (builtins.removeAttrs extraArgs [
          "system"
          "modules"
          "overlays"
          "specialArgs"
          "enableDefaults"
        ])
      );
@@ -131,7 +150,7 @@
          inputs.pvv-calendar-bot.overlays.default
          inputs.minecraft-heatmap.overlays.default
          (final: prev: {
-            inherit (self.packages.${prev.system}) out-of-your-element;
+            inherit (self.packages.${prev.stdenv.hostPlatform.system}) out-of-your-element;
          })
        ];
      };
@@ -192,6 +211,16 @@
          inputs.gergle.overlays.default
        ];
      };
      skrott = stableNixosConfig "skrott" {
        system = "aarch64-linux";
        modules = [
          (nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64.nix")
          inputs.dibbler.nixosModules.default
        ];
        overlays = [
          inputs.dibbler.overlays.default
        ];
      };
    }
    //
    (let
@@ -240,14 +269,67 @@
        bluemap = pkgs.callPackage ./packages/bluemap.nix { };
        out-of-your-element = pkgs.callPackage ./packages/out-of-your-element.nix { };
-      } //
+      }
      //
      # Mediawiki extensions
      (lib.pipe null [
        (_: pkgs.callPackage ./packages/mediawiki-extensions { })
        (lib.flip builtins.removeAttrs ["override" "overrideDerivation"])
        (lib.mapAttrs' (name: lib.nameValuePair "mediawiki-${name}"))
      ])
-      // lib.genAttrs allMachines
+      //
-        (machine: self.nixosConfigurations.${machine}.config.system.build.toplevel);
+      # Machines
      lib.genAttrs allMachines
        (machine: self.nixosConfigurations.${machine}.config.system.build.toplevel)
      //
      # Skrott is exception
      {
        skrott = self.nixosConfigurations.skrott.config.system.build.sdImage;
      }
      //
      # Nix-topology
      (let
        topology' = import inputs.nix-topology {
          pkgs = import nixpkgs {
            system = "x86_64-linux";
            overlays = [
              inputs.nix-topology.overlays.default
              (final: prev: {
                inherit (nixpkgs-unstable.legacyPackages.x86_64-linux) super-tiny-icons;
              })
            ];
          };
          specialArgs = {
            values = import ./values.nix;
          };
          modules = [
            ./topology
            {
              nixosConfigurations = lib.mapAttrs (_name: nixosCfg: nixosCfg.extendModules {
                modules = [
                  inputs.nix-topology.nixosModules.default
                  ./topology/service-extractors/greg-ng.nix
                  ./topology/service-extractors/postgresql.nix
                  ./topology/service-extractors/mysql.nix
                  ./topology/service-extractors/gitea-runners.nix
                ];
              }) self.nixosConfigurations;
            }
          ];
        };
      in {
        topology = topology'.config.output;
        topology-png = pkgs.runCommand "pvv-config-topology-png" {
          nativeBuildInputs = [ pkgs.writableTmpDirAsHomeHook ];
        } ''
          mkdir -p "$out"
          for file in '${topology'.config.output}'/*.svg; do
            ${lib.getExe pkgs.imagemagick} -density 300 -background none "$file" "$out"/"$(basename "''${file%.svg}.png")"
          done
        '';
      });
    };
  };
 }
--- a/hosts/bekkalokk/configuration.nix
+++ b/hosts/bekkalokk/configuration.nix
@@ -5,6 +5,7 @@
    (fp /base)
    ./services/alps.nix
    ./services/bluemap.nix
    ./services/idp-simplesamlphp
    ./services/kerberos.nix
--- a/hosts/bekkalokk/services/alps.nix
+++ b/hosts/bekkalokk/services/alps.nix
@@ -0,0 +1,22 @@
 { config, lib, ... }:
 let
  cfg = config.services.alps;
 in
 {
  services.alps = {
    enable = true;
    theme = "sourcehut";
    smtps.host = "smtp.pvv.ntnu.no";
    imaps.host = "imap.pvv.ntnu.no";
    bindIP = "127.0.0.1";
  };
  services.nginx.virtualHosts."alps.pvv.ntnu.no" = lib.mkIf cfg.enable {
    enableACME = true;
    forceSSL = true;
    kTLS = true;
    locations."/" = {
      proxyPass = "http://${cfg.bindIP}:${toString cfg.port}";
    };
  };
 }
--- a/hosts/skrott/configuration.nix
+++ b/hosts/skrott/configuration.nix
@@ -0,0 +1,61 @@
 { pkgs, lib, fp, ... }: {
  imports = [
    # ./hardware-configuration.nix
    (fp /base)
  ];
  boot = {
    consoleLogLevel = 0;
    enableContainers = false;
    loader.grub.enable = false;
    kernelPackages = pkgs.linuxPackages;
  };
  # Now turn off a bunch of stuff lol
  system.autoUpgrade.enable = lib.mkForce false;
  services.irqbalance.enable = lib.mkForce false;
  services.logrotate.enable = lib.mkForce false;
  services.nginx.enable = lib.mkForce false;
  services.postfix.enable = lib.mkForce false;
  # TODO: can we reduce further?
  system.stateVersion = "25.05";
  # sops.defaultSopsFile = fp /secrets/skrott/skrott.yaml;
  # sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
  # sops.age.keyFile = "/var/lib/sops-nix/key.txt";
  # sops.age.generateKey = true;
  # zramSwap.enable = true;
  networking = {
    hostName = "skrot";
    interfaces.eth0 = {
      useDHCP = false;
      ipv4.addresses = [{
        address = "129.241.210.235";
        prefixLength = 25;
      }];
    };
  };
  services.dibbler = {
    enable = true;
    kioskMode = true;
    limitScreenWidth = 80;
    limitScreenHeight = 42;
  };
  # https://github.com/NixOS/nixpkgs/issues/84105
  boot.kernelParams = [
    "console=ttyUSB0,9600"
    # "console=tty1" # Already part of the module
  ];
  systemd.services."serial-getty@ttyUSB0" = {
    enable = true;
    wantedBy = [ "getty.target" ]; # to start at boot
    serviceConfig.Restart = "always"; # restart when session is closed
  };
 }
--- a/topology/default.nix
+++ b/topology/default.nix
@@ -0,0 +1,264 @@
 { config, pkgs, lib, values, ... }:
 let
  inherit
    (config.lib.topology)
    mkInternet
    mkRouter
    mkSwitch
    mkDevice
    mkConnection
    mkConnectionRev;
 in {
  imports = [
    ./non-nixos-machines.nix
  ];
  ### Networks
  networks.pvv = {
    name = "PVV Network";
    cidrv4 = values.ipv4-space;
    cidrv6 = values.ipv6-space;
  };
  networks.site-vpn = {
    name = "OpenVPN Site to Site";
    style = {
      primaryColor = "#9dd68d";
      secondaryColor = null;
      pattern = "dashed";
    };
  };
  networks.ntnu = {
    name = "NTNU";
    cidrv4 = values.ntnu.ipv4-space;
    cidrv6 = values.ntnu.ipv6-space;
  };
  nodes.internet = mkInternet {
    connections = mkConnection "ntnu" "wan1";
  };
  nodes.ntnu = mkRouter "NTNU" {
    interfaceGroups = [ ["wan1"] ["eth1" "eth2" "eth3"] ];
    connections.eth1 = mkConnection "ntnu-pvv-router" "wan1";
    connections.eth2 = mkConnection "ntnu-veggen" "wan1";
    connections.eth3 = mkConnection "stackit" "*";
    interfaces.eth1.network = "ntnu";
  };
  ### Brus
  nodes.ntnu-pvv-router = mkRouter "NTNU PVV Gateway" {
    interfaceGroups = [ ["wan1"] ["eth1"] ];
    connections.eth1 = mkConnection "knutsen" "em1";
    interfaces.eth1.network = "pvv";
  };
  nodes.knutsen = mkRouter "knutsen" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/freebsd.svg";
    interfaceGroups = [ ["em0"] ["em1"] ["vpn1"] ];
    connections.em0 = mkConnection "nintendo" "eth0";
    # connections.vpn1 = mkConnection "ludvigsen" "vpn1";
    interfaces.vpn1.network = "site-vpn";
    interfaces.vpn1.virtual = true;
    interfaces.vpn1.icon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/openvpn.svg";
    interfaces.em0.network = "pvv";
    interfaces.em1.network = "ntnu";
  };
  nodes.nintendo = mkSwitch "Nintendo (brus switch)" {
    interfaceGroups =  [ (lib.genList (i: "eth${toString i}") 16) ];
    connections = let
      connections' = [
        (mkConnection "bekkalokk" "enp2s0")
        # (mkConnection "bicep" "enp6s0f0") # NOTE: physical machine is dead at the moment
        (mkConnection "buskerud" "eth1")
        # (mkConnection "knutsen" "eth1")
        (mkConnection "powerpuff-cluster" "eth1")
        (mkConnection "lupine-1" "enp0s31f6")
        (mkConnection "lupine-2" "enp0s31f6")
        (mkConnection "lupine-3" "enp0s31f6")
        (mkConnection "lupine-4" "enp0s31f6")
        (mkConnection "lupine-5" "enp0s31f6")
        (mkConnection "innovation" "em0")
        (mkConnection "microbel" "eth0")
        (mkConnection "isvegg" "eth0")
        (mkConnection "ameno" "eth0")
        (mkConnection "sleipner" "eno0")
      ];
    in
    assert (lib.length connections' <= 15);
    builtins.listToAttrs (
      lib.zipListsWith
        (a: b: lib.nameValuePair a b)
        (lib.genList (i: "eth${toString (i + 1)}") 15)
        connections'
    );
  };
  nodes.bekkalokk.hardware.info = "Supermicro X9SCL/X9SCM";
  nodes.lupine-1.hardware.info = "Dell OptiPlex 7040";
  # nodes.lupine-2.hardware.info = "Dell OptiPlex 5050";
  nodes.lupine-3.hardware.info = "Dell OptiPlex 5050";
  nodes.lupine-4.hardware.info = "Dell OptiPlex 5050";
  # nodes.lupine-5.hardware.info = "Dell OptiPlex 5050";
  nodes.buskerud = mkDevice "buskerud" {
    deviceIcon = ./icons/proxmox.svg;
    interfaceGroups = [ [ "eth1" ] ];
    interfaces.eth1.network = "pvv";
    services = {
      proxmox = {
        name = "Proxmox web interface";
        info = "https://buskerud.pvv.ntnu.no:8006/";
      };
    };
  };
  nodes.shark = {
    guestType = "proxmox";
    parent = config.nodes.buskerud.id;
    interfaces.ens18.network = "pvv";
  };
  ### Powerpuff
  nodes.powerpuff-cluster = mkDevice "Powerpuff Cluster" {
    deviceIcon = ./icons/proxmox.svg;
    hardware.info = "Dell PowerEdge R730 x 3";
    interfaceGroups = [ [ "eth1" ] ];
    services = {
      proxmox = {
        name = "Proxmox web interface";
        details.bubbles.text = "https://bubbles.pvv.ntnu.no:8006/";
        details.blossom.text = "https://blossom.pvv.ntnu.no:8006/";
        details.buttercup.text = "https://buttercup.pvv.ntnu.no:8006/";
      };
    };
  };
  nodes.kommode = {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    interfaces.ens18.network = "pvv";
  };
  nodes.bicep = {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    # hardware.info = "HP Proliant DL370G6";
    interfaces.ens18.network = "pvv";
  };
  nodes.ustetind = {
    guestType = "proxmox LXC";
    parent = config.nodes.powerpuff-cluster.id;
    # TODO: the interface name is likely wrong
    # interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      network = "pvv";
      # mac = "";
      addresses = [
        "129.241.210.234"
        "2001:700:300:1900::234"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  ### PVV
  nodes.ntnu-veggen = mkRouter "NTNU-Veggen" {
    interfaceGroups = [ ["wan1"] ["eth1"] ];
    connections.eth1 = mkConnection "ludvigsen" "re0";
  };
  nodes.ludvigsen = mkRouter "ludvigsen" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/freebsd.svg";
    interfaceGroups = [ [ "re0" ] [ "em0" ] [ "vpn1" ] ];
    connections.em0 = mkConnection "pvv-switch" "eth0";
    interfaces.vpn1.network = "site-vpn";
    interfaces.vpn1.virtual = true;
    interfaces.vpn1.icon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/openvpn.svg";
    interfaces.re0.network = "ntnu";
    interfaces.em0.network = "pvv";
  };
  nodes.pvv-switch = mkSwitch "PVV Switch (Terminalrommet)" {
    interfaceGroups =  [ (lib.genList (i: "eth${toString i}") 16) ];
    connections = let
      connections' = [
        (mkConnection "brzeczyszczykiewicz" "eno1")
        (mkConnection "georg" "eno1")
        (mkConnection "wegonke" "enp4s0")
        (mkConnection "demiurgen" "eno1")
        (mkConnection "sanctuary" "ethernet_0")
        (mkConnection "torskas" "eth0")
        (mkConnection "skrott" "eth0")
        (mkConnection "homeassistant" "eth0")
        (mkConnection "orchid" "eth0")
        (mkConnection "principal" "em0")
      ];
    in
    assert (lib.length connections' <= 15);
    builtins.listToAttrs (
      lib.zipListsWith
        (a: b: lib.nameValuePair a b)
        (lib.genList (i: "eth${toString (i + 1)}") 15)
        connections'
    );
  };
  ### Openstack
  nodes.stackit = mkDevice "stackit" {
    interfaceGroups = [ [ "*" ] ];
    interfaces."*".network = "ntnu";
  };
  nodes.ildkule = {
    guestType = "openstack";
    parent = config.nodes.stackit.id;
    interfaces.ens4.network = "ntnu";
  };
  nodes.wenche = {
    guestType = "openstack";
    parent = config.nodes.stackit.id;
    interfaces.ens18.network = "pvv";
  };
  nodes.bakke = {
    guestType = "openstack";
    parent = config.nodes.stackit.id;
    interfaces.enp2s0.network = "pvv";
  };
 }
--- a/topology/icons/bind9.png
+++ b/topology/icons/bind9.png
--- a/topology/icons/greg-ng.png
+++ b/topology/icons/greg-ng.png
--- a/topology/icons/proxmox.svg
+++ b/topology/icons/proxmox.svg
@@ -0,0 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
 <svg width="800px" height="800px" viewBox="0 0 1024 1024" xmlns="http://www.w3.org/2000/svg">
   <circle cx="512" cy="512" r="512" style="fill:#e57000"/>
   <path d="M512 497.8 342.7 311.6c6.6-6.6 14.2-11.7 22.9-15.5 8.7-3.8 18.1-5.7 28.1-5.7 10.7.1 20.4 2.2 29.3 6.3 8.9 4.1 16.6 9.8 23.1 17l65.8 71.9 65.4-71.9c6.8-7.2 14.7-12.9 23.6-17 9-4.1 18.7-6.2 29.2-6.3 10 .1 19.4 2 28.1 5.7 8.7 3.8 16.4 8.9 22.9 15.5L512 497.8m0 28.4L342.7 712.4c6.6 6.6 14.2 11.7 22.9 15.5 8.7 3.8 18.1 5.7 28.1 5.7 10.5-.1 20.2-2.2 29.2-6.3s16.9-9.8 23.6-17l65.4-71.9 65.8 71.9c6.5 7.2 14.2 12.9 23.1 17 8.9 4.1 18.6 6.2 29.3 6.3 10-.1 19.4-2 28.1-5.7 8.7-3.8 16.4-8.9 22.9-15.5L512 526.2M497.8 512 370.3 372.2c-7.4-7.9-16-14.1-25.9-18.7-9.8-4.5-20.5-6.8-31.9-6.9-11 .1-21.3 2.2-30.8 6.3-9.6 4.1-17.9 9.8-25.1 16.9L385.9 512 256.5 654.2c7.2 7.4 15.6 13.2 25.1 17.4 9.6 4.2 19.8 6.3 30.8 6.3 11.5-.1 22.2-2.4 32.1-6.9 9.9-4.5 18.5-10.8 25.7-18.7L497.8 512m28.4 0 127.5 140.3c7.2 7.9 15.8 14.1 25.7 18.7 9.9 4.5 20.6 6.8 32.1 6.9 11-.1 21.3-2.2 30.8-6.3 9.6-4.2 17.9-9.9 25.1-17.4L638.1 512l129.4-142.2c-7.2-7.2-15.6-12.8-25.1-16.9-9.6-4.1-19.8-6.2-30.8-6.3-11.4.1-22.1 2.4-31.9 6.9-9.8 4.5-18.5 10.8-25.9 18.7L526.2 512" style="fill:#fff"/>
 </svg>
--- a/topology/non-nixos-machines.nix
+++ b/topology/non-nixos-machines.nix
@@ -0,0 +1,402 @@
 { config, pkgs, lib, values, ... }:
 let
  inherit (config.lib.topology) mkDevice;
 in {
  nodes.balduzius = mkDevice "balduzius" {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    interfaceGroups = [ [ "ens18" ] ];
    interfaces.ens18 = {
      network = "pvv";
      mac = "00:0c:29:de:05:0f";
      addresses = [
        "129.241.210.192"
        "2001:700:300:1900::1:42"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      kdc = {
        name = "Heimdal KDC";
        info = "kdc.pvv.ntnu.no";
        details.kdc.text = "0.0.0.0:88";
        details.kpasswd.text = "0.0.0.0:464";
      };
    };
  };
  nodes.tom = mkDevice "tom" {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    interfaceGroups = [ [ "ens18" ] ];
    interfaces.ens18 = {
      network = "pvv";
      mac = "00:0c:29:4d:f7:56";
      addresses = [
        "129.241.210.180"
        "2001:700:300:1900::180"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      apache2 = {
        name = "Apache2 - user websites";
        info = "www.pvv.ntnu.no/~";
        details.listen.text = "0.0.0.0:443";
      };
    };
  };
  nodes.hildring = mkDevice "hildring" {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    deviceType = "loginbox";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      network = "pvv";
      mac = "00:0c:29:e7:dd:79";
      addresses = [
        "129.241.210.176"
        "2001:700:300:1900::1:9"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.drolsum = mkDevice "drolsum" {
    guestType = "proxmox";
    parent = config.nodes.powerpuff-cluster.id;
    deviceType = "loginbox";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      network = "pvv";
      # mac = "";
      addresses = [
        "129.241.210.217"
        "2001:700:300:1900::217"
        "2001:700:300:1900::1:217"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.microbel = mkDevice "microbel" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    hardware.info = "Supermicro X8ST3";
    interfaceGroups = [ [ "eth0" "eth1" ] ];
    interfaces.eth0 = {
      mac = "00:25:90:24:76:2c";
      addresses = [
        "129.241.210.179"
        "2001:700:300:1900::1:2"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      dovecot = {
        name = "Dovecot";
        info = "imap.pvv.ntnu.no pop.pvv.ntnu.no";
        icon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/dovecot.svg";
        details.imap.text = "0.0.0.0:993";
        details.pop3.text = "0.0.0.0:995";
      };
      exim4 = {
        name = "Exim4";
        info = "mail.pvv.ntnu.no mailhost.pvv.ntnu.no";
        details.smtp.text = "0.0.0.0:25";
        details.smtps.text = "0.0.0.0:465";
        details.starttls.text = "0.0.0.0:587";
      };
      nfs = {
        name = "NFS";
        info = "homepvv.pvv.ntnu.no";
        details.rpcbind.text = "0.0.0.0:111";
      };
    };
  };
  nodes.innovation = mkDevice "innovation" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/freebsd.svg";
    hardware.info = "Dell Optiplex 9010";
    interfaceGroups = [ [ "em0" ] ];
    interfaces.em0 = {
      mac = "18:03:73:20:18:d3";
      addresses = [
        "129.241.210.214"
        "2001:700:300:1900::1:56"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      minecraft = {
        name = "Minecraft";
        icon = "services.minecraft";
        info = "minecraft.pvv.ntnu.no";
        details.listen.text = "0.0.0.0:25565";
        details.directory.text = "/srv/minecraft-pvv";
      };
    };
  };
  nodes.principal = mkDevice "principal" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/freebsd.svg";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "em0" ] ];
    interfaces.em0 = {
      # mac = "";
      addresses = [
        "129.241.210.233"
        "2001:700:300:1900::1:233"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.homeassistant = mkDevice "homeassistant" {
    deviceIcon = "services.home-assistant";
    hardware.info = "Raspberry Pi 4B";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      # mac = "";
      addresses = [
        "129.241.210.229"
        "2001:700:300:1900::4:229"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.sleipner = mkDevice "sleipner" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    interfaceGroups = [ [ "eno0" "enp2s0" ] ];
    interfaces.enp2s0 = {
      mac = "00:25:90:57:35:8e";
      addresses = [
        "129.241.210.193"
        "2001:700:300:1900:fab:cab:dab:7ab"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.isvegg = mkDevice "isvegg" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      # mac = "";
      addresses = [
        "129.241.210.175"
        "2001:700:300:1900::1:a"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      mapcrafter = {
        name = "Mapcrafter Minecraft Map";
        info = "http://isvegg.pvv.ntnu.no/kart/";
        details.directory.text = "/scratch/mckart/kart";
      };
      gophernicus = {
        name = "Gophernicus";
        info = "gopher://gopher.pvv.ntnu.no/";
        details.directory.text = "/var/gopher";
      };
    };
  };
  nodes.ameno = mkDevice "ameno" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/ubuntu.svg";
    hardware.info = "Raspberry Pi 2B 1.1";
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      mac = "b8:27:eb:62:1d:d8";
      addresses = [
        "129.241.210.230"
        "129.241.210.211"
        "129.241.210.153"
        "2001:700:300:1900:ba27:ebff:fe62:1dd8"
        "2001:700:300:1900::4:230"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
    services = {
      bind = {
        name = "Bind DNS";
        icon = ./icons/bind9.png;
        info = "hostmaster.pvv.ntnu.no";
        details.listen.text = "0.0.0.0:53";
      };
    };
  };
  nodes.skrott = mkDevice "skrott" {
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      # mac = "";
      addresses = [
        "129.241.210.235"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.torskas = mkDevice "torskas" {
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/arch_linux.svg";
    hardware.info = "Raspberry pi 4B";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      # mac = "";
      addresses = [
        "129.241.210.241"
        "2001:700:300:1900::241"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.wegonke = mkDevice "wegonke" {
    deviceType = "terminal";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    hardware.info = "ASUSTeK G11CD-K";
    interfaceGroups = [ [ "enp4s0" ] ];
    interfaces.enp4s0 = {
      mac = "70:4d:7b:a3:32:57";
      addresses = [
        "129.241.210.218"
        "2001:700:300:1900::1:218"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.demiurgen = mkDevice "demiurgen" {
    deviceType = "terminal";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    interfaceGroups = [ [ "eno1" ] ];
    interfaces.eno1 = {
      mac = "18:03:73:1f:f4:1f";
      addresses = [
        "129.241.210.201"
        "2001:700:300:1900::1:4e"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.sanctuary = mkDevice "sanctuary" {
    deviceType = "terminal";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/windows.svg";
    interfaceGroups = [ [ "ethernet_0" ] ];
    interfaces.ethernet_0 = {
      addresses = [
        "129.241.210.170"
        "2001:700:300:1900::1337"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
  nodes.orchid = mkDevice "orchid" {
    deviceType = "terminal";
    deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/debian.svg";
    hardware.info = "Ryzen1600 Nvidia GTX 1060";
    # TODO: the interface name is likely wrong
    interfaceGroups = [ [ "eth0" ] ];
    interfaces.eth0 = {
      addresses = [
        "129.241.210.210"
        "2001:700:300:1900::210"
      ];
      gateways = [
        values.hosts.gateway
        values.hosts.gateway6
      ];
    };
  };
 }
--- a/topology/service-extractors/gitea-runners.nix
+++ b/topology/service-extractors/gitea-runners.nix
@@ -0,0 +1,13 @@
 { config, unstablePkgs, lib, ... }:
 let
  cfg = config.services.gitea-actions-runner;
 in
 {
  config.topology.self.services = lib.mapAttrs' (name: instance: {
    name = "gitea-runner-${name}";
    value = {
      name = "Gitea runner ${name}";
      icon = "services.gitea";
    };
  }) (lib.filterAttrs (_: instance: instance.enable) cfg.instances);
 }
--- a/topology/service-extractors/greg-ng.nix
+++ b/topology/service-extractors/greg-ng.nix
@@ -0,0 +1,11 @@
 { config, lib, ... }:
 let
  cfg = config.services.greg-ng or { enable = false; };
 in
 {
  config.topology.self.services.greg-ng = lib.mkIf cfg.enable {
    name = "Greg-ng";
    icon = ../icons/greg-ng.png;
    details.listen = { text = "${cfg.settings.host}:${toString cfg.settings.port}"; };
  };
 }
--- a/topology/service-extractors/mysql.nix
+++ b/topology/service-extractors/mysql.nix
@@ -0,0 +1,19 @@
 { config, unstablePkgs, lib, ... }:
 let
  cfg = config.services.mysql;
  cfgBak = config.services.mysqlBackup;
 in
 {
  config.topology.self.services.mysql = lib.mkIf cfg.enable {
    name = "MySQL";
    icon = "${unstablePkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/mysql.svg";
    details.listen.text = "${cfg.settings.mysqld.bind-address or "127.0.0.1"}:${toString (cfg.settings.mysqld.port or 3306)}";
    details.socket.text = cfg.settings.mysqld.socket or "/run/mysqld/mysqld.sock";
    details.type.text = cfg.package.pname;
    details.dataDir.text = cfg.dataDir;
    # details.backup-time = lib.mkIf cfgBak.enable cfgBak.calendar;
    # details.backup-location = lib.mkIf cfgBak.enable cfgBak.location;
  };
 }
--- a/topology/service-extractors/postgresql.nix
+++ b/topology/service-extractors/postgresql.nix
@@ -0,0 +1,19 @@
 { config, unstablePkgs, lib, ... }:
 let
  cfg = config.services.postgresql;
  cfgBak = config.services.postgresqlBackup;
 in
 {
  config.topology.self.services.postgresql = lib.mkIf cfg.enable {
    name = "PostgreSQL";
    icon = "${unstablePkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/postgresql.svg";
    details.listen.text = lib.mkIf cfg.enableTCPIP "0.0.0.0:${toString cfg.settings.port}";
    details.socket.text = "/run/postgresql/.s.PGSQL.${toString cfg.settings.port}";
    details.version.text = cfg.package.version;
    details.dataDir.text = cfg.dataDir;
    # details.backup-time = lib.mkIf cfgBak.enable cfgBak.startAt;
    # details.backup-location = lib.mkIf cfgBak.enable cfgBak.location;
  };
 }
Author	SHA1	Message	Date
h7x4	21d28f44e2	flake.nix: `system` -> `stdenv.hostPlatform.system`	2026-01-09 06:17:57 +09:00
h7x4	ea5850c18b	skrott: use stable kernel	2026-01-09 06:17:57 +09:00
h7x4	b4a43128fb	flake.lock: bump	2026-01-09 06:17:57 +09:00
h7x4	e1482ce795	docs/development: fix warning blocks	2026-01-07 22:51:24 +09:00
h7x4	0c66cff9f2	hosts/skrott: move here from the dibbler repo	2026-01-06 17:40:10 +09:00
h7x4	893de326af	flake.nix: allow disabling defaults for `nixosConfig` func	2026-01-06 17:11:15 +09:00
h7x4	4abe86dc07	base/roowho2: traffic filter to PVV IP-space	2026-01-06 12:23:39 +09:00
h7x4	25c8171e3d	base/roowho2: init	2026-01-06 12:23:39 +09:00
h7x4	7cff6b197c	topology: extend some more	2025-12-31 03:42:26 +09:00
h7x4	843f8d6a02	bekkalokk/alps: init	2025-12-30 22:40:56 +09:00
h7x4	c0000a1eb6	flake.lock: bump	2025-12-30 16:39:12 +09:00
h7x4	243b665eae	topology: extend some more	2025-12-30 14:23:09 +09:00
h7x4	ab5be48b1c	.gitea/workflows/build-topology-graph: init	2025-12-30 13:09:59 +09:00
h7x4	f671db8a12	topology: extend	2025-12-30 13:00:52 +09:00
h7x4	ad61336a20	topology: add a bunch of non-nixos machines	2025-12-30 02:53:39 +09:00
h7x4	197433a4c3	topology: localize nixos module, add custom extractor, fix misc	2025-12-30 02:02:12 +09:00
Daniel Olsen	58be01e620	buskerud no longer nix rip	2025-12-30 00:39:56 +09:00
Daniel Olsen	0f72ea9241	topology: init with placeholder values	2025-12-30 00:38:12 +09:00