den
1{den, ...}: let
2 inherit (den.lib) __findFile;
3in {
4 flake-file.inputs = {
5 disko.url = "github:nix-community/disko/v1.11.0";
6 nix-cachyos-kernel = {
7 url = "github:xddxdd/nix-cachyos-kernel/release";
8 inputs.nixpkgs.follows = "nixpkgs";
9 };
10 nixos-hardware.url = "github:NixOS/nixos-hardware/master";
11 };
12
13 den.default.includes = [
14 <den/hostname>
15
16 <default/host>
17 ];
18
19 den.aspects.default.provides.host = {host, ...}: {
20 nixos = {config, ...}: {
21 users.users.root = {
22 hashedPasswordFile = config.vaultix.secrets."${host.name}-hashed-password".path;
23 openssh.authorizedKeys.keys = host.authorizedKeys;
24 };
25
26 vaultix.secrets."${host.name}-hashed-password".file = host.hashedPasswordAged;
27 };
28 };
29}