72 lines
2.4 KiB
Markdown
Executable file
72 lines
2.4 KiB
Markdown
Executable file
## Next
|
|
- [ ] secrets management pleaseeeeeeeeeeeeeeeeeeeeee
|
|
|
|
- [ ] figure out how Cerulean could aid CI/CD (ie hydra + nix-unit)
|
|
you can
|
|
https://github.com/NotAShelf/nix-bindings/tree/main/nix-bindings
|
|
https://notashelf.github.io/nix-bindings/nix_bindings/#structs
|
|
https://github.com/nixops4/nix-bindings-rust
|
|
https://nix.dev/manual/nix/2.34/c-api.html
|
|
|
|
- [ ] move home management to `~/.snow/flake.nix`, then the `/etc/snow/flake.nix`
|
|
will only contain base definitions for the home
|
|
|
|
- [ ] write a key management system that supports activation time, run time, and build time
|
|
https://docs.aws.amazon.com/kms/latest/developerguide/overview.html
|
|
|
|
- [ ] formalize how the snow flake system compiles outputs, this would remove the need for `mapNodes`
|
|
- [ ] groups should allow you to set node configuration defaults
|
|
|
|
- [ ] add `options.experimental` for snowflake
|
|
- [ ] add `legacyImports` support
|
|
|
|
- [ ] support hs system per dir, ie hosts/<name>/overlays or hosts/<name>/nixpkgs.nix
|
|
|
|
## Queued
|
|
- [ ] per node home configuration is a lil jank rn
|
|
|
|
- [ ] deploy port should default to the first port given to `services.openssh`
|
|
|
|
- [ ] create an alternative to nixos-install called cerulean-install that
|
|
allows people to easily bootstrap new machines (and host it on dobutterfliescry.net)
|
|
|
|
- [ ] find an alternative to `nix.settings.trusted-users` probably
|
|
- [ ] add the ceru-build user,
|
|
- [ ] add support for github:microvm-nix/microvm.nix
|
|
- [ ] add support for sops-nix
|
|
|
|
- [ ] it would be cool to enable/disable groups and hosts
|
|
- [ ] find a standard for how nixpkgs.nix can have a different base per group
|
|
|
|
- [ ] go through all flake inputs (recursively) and ENSURE we remove all duplicates by using follows!!
|
|
|
|
- [ ] allow multiple privesc methods, the standard is pam_ssh_agent_auth
|
|
|
|
## Low Priority
|
|
- [ ] make an extension to the nix module system (different to mix)
|
|
that allows transformations (ie a stop post config, ie outputs, which
|
|
it then returns instead of config)
|
|
- [ ] support `legacyImports` (?)
|
|
|
|
- [ ] patch microvm so that acpi=off https://github.com/microvm-nix/microvm.nix/commit/b59a26962bb324cc0a134756a323f3e164409b72
|
|
cause otherwise 2GB causes a failure
|
|
|
|
- [ ] write the cerulean cli
|
|
|
|
|
|
```nix
|
|
# REF: foxora
|
|
vms = {
|
|
home-assistant = {
|
|
autostart = true;
|
|
# matches in vms/*
|
|
image = "home-assistant";
|
|
options = {
|
|
mem = 2048;
|
|
};
|
|
};
|
|
equinox = {
|
|
image = "home-assistant";
|
|
};
|
|
};
|
|
```
|