From 439bb14368af4f40dd07e80fc45af26c16eade99 Mon Sep 17 00:00:00 2001
From: Joshua Potter <jrpotter2112@gmail.com>
Date: Tue, 23 Jan 2024 20:06:58 -0700
Subject: [PATCH] Allow phobos local deployment. Make interface consistent.

---
 flake.nix               | 34 +++++++++++++++++++++++++---------
 hive/deimos/default.nix |  2 --
 hive/phobos/default.nix |  6 ++++--
 hive/thebe/default.nix  |  2 --
 4 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/flake.nix b/flake.nix
index ebc6dea..f3a53e6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -37,12 +37,12 @@
             thebe = tapir.pkgs;
           };
           nodeSpecialArgs = {
-            framework = {
-              inherit (tapir) home-manager;
-            };
             deimos = {
               inherit (tapir) sops-nix;
             };
+            framework = {
+              inherit (tapir) home-manager;
+            };
             phobos = {
               inherit (tapir) home-manager;
             };
@@ -52,21 +52,37 @@
           };
         };
 
-        # Local machines. Deploy using `colmena apply-local [--sudo]`
+        deimos = {
+          imports = [ ./hive/deimos ];
+          deployment = {
+            allowLocalDeployment = false;
+            targetHost = "24.199.110.222";
+          };
+        };
 
         framework = {
           imports = [ ./hive/framework ];
           deployment = {
             allowLocalDeployment = true;
-            targetHost = null;  # Disable SSH deployment.
+            targetHost = null;
           };
         };
 
-        # Remote machines. Deploy using `colmena apply`
+        phobos = {
+          imports = [ ./hive/phobos ];
+          deployment = {
+            allowLocalDeployment = true;
+            targetHost = "144.126.218.252";
+          };
+        };
 
-        deimos.imports = [ ./hive/deimos ];
-        phobos.imports = [ ./hive/phobos ];
-        thebe.imports = [ ./hive/thebe ];
+        thebe = {
+          imports = [ ./hive/thebe ];
+          deployment = {
+            allowLocalDeployment = false;
+            targetHost = "64.23.168.148";
+          };
+        };
       };
 
       packages.${system}.digital-ocean = {
diff --git a/hive/deimos/default.nix b/hive/deimos/default.nix
index 75b8e33..1d1e891 100644
--- a/hive/deimos/default.nix
+++ b/hive/deimos/default.nix
@@ -7,8 +7,6 @@
     ../../services/portfolio.nix
   ];
 
-  deployment.targetHost = "24.199.110.222";
-
   networking = {
     hostName = "deimos";
     firewall = {
diff --git a/hive/phobos/default.nix b/hive/phobos/default.nix
index ea53ed3..6167f71 100644
--- a/hive/phobos/default.nix
+++ b/hive/phobos/default.nix
@@ -5,8 +5,6 @@
     home-manager.nixosModules.home-manager
   ];
 
-  deployment.targetHost = "144.126.218.252";
-
   environment = {
     systemPackages = with pkgs; [
       gcc
@@ -60,6 +58,10 @@
 
   programs.mosh.enable = true;
 
+  # Our NixOS droplet's do not have a root password set. Disable so we can still
+  # run commands that require sudo (e.g. `colmena apply-local --sudo`).
+  security.sudo.wheelNeedsPassword = false;
+
   services.openssh.enable = true;
 
   time.timeZone = "America/Denver";
diff --git a/hive/thebe/default.nix b/hive/thebe/default.nix
index b98a77c..089de9c 100644
--- a/hive/thebe/default.nix
+++ b/hive/thebe/default.nix
@@ -7,8 +7,6 @@
     ../../services/forgejo.nix
   ];
 
-  deployment.targetHost = "64.23.168.148";
-
   networking = {
     hostName = "thebe";
     firewall = {