2017-07-06 19:47:47 +00:00
|
|
|
with import <stockholm/lib>;
|
2018-01-02 19:22:44 +00:00
|
|
|
{ name
|
|
|
|
, dummy_secrets ? getEnv "dummy_secrets" == "true"
|
|
|
|
, override ? {}
|
|
|
|
, secure ? false
|
|
|
|
}@host: let
|
|
|
|
builder = if dummy_secrets then "buildbot" else "tv";
|
2017-07-06 19:47:47 +00:00
|
|
|
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
|
2018-02-28 13:47:12 +00:00
|
|
|
pkgs = import <nixpkgs> {
|
|
|
|
overlays = map import [
|
|
|
|
<stockholm/krebs/5pkgs>
|
2018-06-19 19:23:35 +00:00
|
|
|
<stockholm/submodules/nix-writers/pkgs>
|
2018-02-28 13:47:12 +00:00
|
|
|
];
|
|
|
|
};
|
2017-07-06 19:47:47 +00:00
|
|
|
in
|
2017-07-12 16:00:23 +00:00
|
|
|
evalSource (toString _file) [
|
|
|
|
{
|
|
|
|
nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
|
|
|
|
nixpkgs.git = {
|
2018-05-08 17:25:59 +00:00
|
|
|
ref = mkDefault "7cbf6ca1c84dfc917c1a99524e082fb677501844";
|
2017-07-12 16:00:23 +00:00
|
|
|
url = https://github.com/NixOS/nixpkgs;
|
|
|
|
};
|
|
|
|
secrets.file = getAttr builder {
|
|
|
|
buildbot = toString <stockholm/tv/dummy_secrets>;
|
|
|
|
tv = "/home/tv/secrets/${name}";
|
|
|
|
};
|
|
|
|
stockholm.file = toString <stockholm>;
|
2018-02-28 13:47:12 +00:00
|
|
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
2017-07-12 16:00:23 +00:00
|
|
|
}
|
2017-07-14 01:40:58 +00:00
|
|
|
(mkIf (builder == "tv") {
|
|
|
|
secrets-common.file = "/home/tv/secrets/common";
|
|
|
|
})
|
|
|
|
(mkIf (builder == "tv" && secure) {
|
2017-07-12 16:00:23 +00:00
|
|
|
secrets-master.file = "/home/tv/secrets/master";
|
|
|
|
})
|
|
|
|
override
|
|
|
|
]
|