fix: allow 'astyanax' to cross-compile to ARM (e.g. for eetion)

fix: add public hostname to ssh config and refactor
feat: host 'ActualBudget' on 'eetion' host
2026-02-02 18:37:01 +01:00 · 2026-02-02 18:37:01 +01:00 · 2026-02-02 18:37:01 +01:00 · 2026-02-02 18:37:01 +01:00
6 changed files with 49 additions and 33 deletions
--- a/deploy/colmena.nix
+++ b/deploy/colmena.nix
@@ -3,6 +3,16 @@
  inputs,
 }:
 let
  mkNode = hostname: tags: {
    imports = [ ../hosts/${hostname} ];
    deployment = {
      targetHost = self.nixosConfigurations.${hostname}.config.ssh.publicHostname;
      targetUser = self.nixosConfigurations.${hostname}.config.ssh.username;
      inherit tags;
    };
  };
 in
 inputs.colmena.lib.makeHive {
  meta = {
    nixpkgs = import inputs.nixpkgs {
@@ -13,34 +23,9 @@ inputs.colmena.lib.makeHive {
    nodeSpecialArgs = builtins.mapAttrs (_: v: v._module.specialArgs or { }) self.nixosConfigurations;
  };
-  astyanax = {
+  astyanax = mkNode "astyanax" [ "local" ];
-    imports = [ ../hosts/astyanax ];
+  andromache = mkNode "andromache" [ "local" ];
-    deployment.tags = [ "local" ];
+  vm = mkNode "vm" [ "local" ];
-  };
+  hecuba = mkNode "hecuba" [ "cloud" ];
-
+  eetion = mkNode "eetion" [ "arm" ];
  andromache = {
    imports = [ ../hosts/andromache ];
    deployment.tags = [ "local" ];
  };
  vm = {
    imports = [ ../hosts/vm ];
    deployment.tags = [ "local" ];
  };
  hecuba = {
    imports = [ ../hosts/hecuba ];
    deployment = {
      targetUser = "username";
      tags = [ "cloud" ];
    };
  };
  eetion = {
    imports = [ ../hosts/eetion ];
    deployment = {
      targetUser = "h";
      tags = [ "arm" ];
    };
  };
 }
--- a/home/modules/ssh.nix
+++ b/home/modules/ssh.nix
@@ -18,8 +18,20 @@ in
    enable = true;
    enableDefaultConfig = false;
-    matchBlocks = lib.genAttrs hostsWithKeys (hostname: {
+    matchBlocks = lib.genAttrs hostsWithKeys (
      hostname:
      let
        hostConfig = outputs.nixosConfigurations.${hostname}.config;
        publicHostname = hostConfig.ssh.publicHostname;
        targetUser = hostConfig.ssh.username;
      in
      {
        host = hostname;
-    });
+        user = targetUser;
      }
      // lib.optionalAttrs (publicHostname != "") {
        hostname = publicHostname;
      }
    );
  };
 }
--- a/hosts/astyanax/default.nix
+++ b/hosts/astyanax/default.nix
@@ -91,6 +91,8 @@ in
    hostId = "80eef97e";
  };
  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  services = {
    fwupd.enable = true;
    openssh = {
--- a/hosts/eetion/default.nix
+++ b/hosts/eetion/default.nix
@@ -42,6 +42,18 @@ in
    harden = true;
  };
  virtualisation = {
    podman.enable = true;
    oci-containers = {
      backend = "podman";
      containers.actualbudget = {
        image = "docker.io/actualbudget/actual-server:latest-alpine";
        ports = [ "5006:5006" ];
        volumes = [ "/var/lib/actualbudget:/data" ];
      };
    };
  };
  environment.systemPackages = with pkgs; [
    vim
    git
--- a/hosts/hecuba/default.nix
+++ b/hosts/hecuba/default.nix
@@ -24,6 +24,7 @@ in
  networking.hostName = hostName;
  ssh.username = username;
  ssh.publicHostname = "server.hektormisplon.xyz";
  ssh.authorizedHosts = [
    "andromache"
    "astyanax"
--- a/modules/ssh/authorized-keys.nix
+++ b/modules/ssh/authorized-keys.nix
@@ -9,6 +9,10 @@
      type = lib.types.str;
      default = "h";
    };
    publicHostname = lib.mkOption {
      type = lib.types.str;
      default = "";
    };
  };
  # auto generate authorized_keys from `authorizedHosts`
Author	SHA1	Message	Date
hektor	b59eb6889a	fix: allow 'astyanax' to cross-compile to ARM (e.g. for eetion)	2026-02-02 18:37:01 +01:00
hektor	c538c5ad08	fix: add public hostname to ssh config and refactor	2026-02-02 18:37:01 +01:00
hektor	4236aa1def	feat: host 'ActualBudget' on 'eetion' host	2026-02-02 18:37:01 +01:00
hektor	9ea3a7c984	fix(colmena): add hostname to 'hecuba' host	2026-02-02 18:37:01 +01:00