Bump version + minor cleanups

Signed-off-by: jeltz@federez.net

hive.nix

@@ -1,6 +1,8 @@
 let
   src = import ./npins;
-  pkgs = import src.nixpkgs { };
+  pkgs = import src.nixpkgs {
+    config.permittedInsecurePackages = [ "olm-3.2.16" ];
+  };
   disko = (import src.disko { inherit (pkgs) lib; });
   diskConfig = import ./disks/ext4.nix {
     inherit (pkgs) lib;
@@ -8,7 +10,11 @@ let
 in
 {
   meta = {
-    nixpkgs = src.nixpkgs;
+    nixpkgs = pkgs;
+    nodeNixpkgs = {
+      # FIXME discourse est cassé en unstable
+      pendragon = src."nixpkgs-24.11";
+    };
   };
 
   # FIXME
@@ -21,6 +27,9 @@ in
       "${src.agenix}/modules/age.nix"
     ];
 
+    deployment.targetHost = "${name}.federez.net";
+    networking.hostName = name;
+
     security.acme.defaults.email = "monitoring@federez.net";
     security.acme.acceptTerms = true;
 
@@ -45,10 +54,8 @@ in
     time.timeZone = "Europe/Paris";
   };
 
-  vogon = { name, nodes, ... }: {
+  vogon = { ... }: {
     deployment.tags = [ "hypervisor" ];
-    deployment.targetHost = "vogon.federez.net";
-    networking.hostName = name;
     networking.hostId = "1751e2a7";
 
     imports = [
@@ -57,12 +64,8 @@ in
     ];
   };
 
-  estragon = { name, nodes, pkgs, ... }: {
+  estragon = { pkgs, ... }: {
     deployment.tags = [ "matrix" ];
-    deployment.targetHost = "estragon.federez.net";
-    networking.hostName = name;
-
-    environment.systemPackages = [ pkgs.tcpdump pkgs.openssl ];
 
     glucagon.networking = {
       nibble = 227;
@@ -88,10 +91,8 @@ in
     system.build.diskoScript = disko.diskoScript diskConfig pkgs;
   };
 
-  wagon = { name, nodes, ... }: {
+  wagon = { pkgs, ... }: {
     deployment.tags = [ "vaultwarden" "pass" "passwords" ];
-    deployment.targetHost = "wagon.federez.net";
-    networking.hostName = name;
 
     glucagon.networking = {
       nibble = 228;
@@ -114,10 +115,8 @@ in
     system.build.diskoScript = disko.diskoScript diskConfig pkgs;
   };
 
-  lagon = { name, nodes, ... }: {
+  lagon = { pkgs, ... }: {
     deployment.tags = [ "keycloak" "wayf" ];
-    deployment.targetHost = "lagon.federez.net";
-    networking.hostName = name;
 
     glucagon.networking = {
       nibble = 229;
@@ -140,10 +139,8 @@ in
     system.build.diskoScript = disko.diskoScript diskConfig pkgs;
   };
 
-  aragon = { name, nodes, ... }: {
+  aragon = { pkgs, ... }: {
     deployment.tags = [ "gitlab" ];
-    deployment.targetHost = "aragon.federez.net";
-    networking.hostName = name;
 
     glucagon.networking = {
       nibble = 231;
@@ -166,11 +163,8 @@ in
     system.build.diskoScript = disko.diskoScript diskConfig pkgs;
   };
 
-  # FIXME can't update: discourse pkg is broken
-  pendragon = { name, nodes, ... }: {
+  pendragon = { pkgs, ... }: {
     deployment.tags = [ "discourse" ];
-    deployment.targetHost = "pendragon.federez.net";
-    networking.hostName = name;
 
     glucagon.networking = {
       nibble = 233;
@@ -193,18 +187,21 @@ in
     system.build.diskoScript = disko.diskoScript diskConfig pkgs;
   };
 
-  perdrigon = { name, nodes, ... }: {
+  perdrigon = { pkgs, ... }: {
     deployment.tags = [ "indico" ];
-    deployment.targetHost = "perdrigon.federez.net";
-    federez.monitoring.apiKey = "370a181d-6b00-4c3d-af27-ca65e6e4c1b0";
-    networking.hostName = name;
 
     glucagon.networking = {
       nibble = 234;
       wan-mac = "BC:24:11:04:9B:51";
     };
 
+    infra-net.leaf = {
+      mac = "BC:24:11:09:B8:76";
+      id = 17;
+    };
+
     imports = [
+      (disko.config diskConfig)
       ./profiles/vm.nix
       ./profiles/indico.nix
     ];