refactor: mkHost load-all infrastructure and convert simple features

2026-04-12 21:27:43 +00:00
parent 3ff4583017
commit 6770bc76a2
18 changed files with 455 additions and 210 deletions
--- a/features/harmonia/default.nix
+++ b/features/harmonia/default.nix
@@ -1,12 +1,14 @@
 {
  nixos =
    {
-      pkgs,
      config,
+      lib,
+      pkgs,
      inputs,
      ...
    }:
    let
+      cfg = config.features.harmonia;
      hosts = [
        "fw16"
        "tower"
@@ -17,34 +19,38 @@
      flakeRef = inputs.self.outPath;
    in
    {
-      services.harmonia.cache = {
-        enable = true;
-        signKeyPaths = [ config.sops.secrets.nix-signing-key.path ];
-      };
+      options.features.harmonia.enable = lib.mkEnableOption "harmonia";

-      networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 5000 ];
-
-      systemd.services.cache-builder = {
-        description = "Build all host closures for binary cache";
-        serviceConfig = {
-          Type = "oneshot";
-          ExecStart = "${pkgs.bash}/bin/bash ${./cache-builder.sh}";
+      config = lib.mkIf cfg.enable {
+        services.harmonia.cache = {
+          enable = true;
+          signKeyPaths = [ config.sops.secrets.nix-signing-key.path ];
        };
-        environment = {
-          FLAKE_REF = flakeRef;
-          HOSTS = builtins.concatStringsSep " " hosts;
-          GC_ROOT_DIR = "/nix/var/nix/gcroots/cache-builder";
-        };
-        path = [ config.nix.package ];
-      };

-      systemd.timers.cache-builder = {
-        description = "Periodically build all host closures";
-        wantedBy = [ "timers.target" ];
-        timerConfig = {
-          OnUnitActiveSec = "15min";
-          OnBootSec = "5min";
-          Persistent = true;
+        networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 5000 ];
+
+        systemd.services.cache-builder = {
+          description = "Build all host closures for binary cache";
+          serviceConfig = {
+            Type = "oneshot";
+            ExecStart = "${pkgs.bash}/bin/bash ${./cache-builder.sh}";
+          };
+          environment = {
+            FLAKE_REF = flakeRef;
+            HOSTS = builtins.concatStringsSep " " hosts;
+            GC_ROOT_DIR = "/nix/var/nix/gcroots/cache-builder";
+          };
+          path = [ config.nix.package ];
+        };
+
+        systemd.timers.cache-builder = {
+          description = "Periodically build all host closures";
+          wantedBy = [ "timers.target" ];
+          timerConfig = {
+            OnUnitActiveSec = "15min";
+            OnBootSec = "5min";
+            Persistent = true;
+          };
        };
      };
    };