1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# TODO: Somehow auto-generate this via Nix? Since all the hosts are defined there.
# FIXME: This is currently backwards in tamma, fix there...
# Or just remove default actions completely
default_actions: true
# NOTE: .A.host.Name should match the hostname of the machine, which in turn
# should match the hostname of the machine in my tailnet
hosts:
- name: auth
data:
user: root
- name: cloud
data:
user: root
- name: dns
data:
user: root
- name: metrics
data:
user: root
- name: oci
data:
user: root
- name: proxy
data:
user: root
- name: social
data:
user: root
actions:
- name: ssh (tailscale)
exectemplate: ssh {{ .A.host.Data.user }}@{{ .A.host.Name }}
- name: remote rebuild switch (tailscale)
exectemplate: nixos-rebuild switch --flake ".#{{ .A.host.Name }}" --target-host {{ .A.host.Data.user }}@{{ .A.host.Name }}
- name: remote rebuild dry-activate (tailscale)
exectemplate: nixos-rebuild dry-activate --flake ".#{{ .A.host.Name }}" --target-host {{ .A.host.Data.user }}@{{ .A.host.Name }}
- name: edit secrets
exectemplate: sops ../secrets/{{ .A.host.Name }}/secrets.yaml