add initial configs for vps

This commit is contained in:
Dmitriy Pleshevskiy 2022-10-13 07:47:31 +03:00
parent 19dccaf985
commit e5c7ebd23c
Signed by: pleshevskiy
GPG key ID: 1B59187B161C0215
9 changed files with 110 additions and 3 deletions

10
data.nix Normal file
View file

@ -0,0 +1,10 @@
{
publicKeys = {
users = {
jan = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJKo68e8EuKlgYG/mxEsMsfWLHXkRulpscGZUD9lXbaEyTvaGalc82T4d7wXHgUi8/xpRbsfxxTV1bl1I7X+Vq7xmzfMP5a0NBIv5Lnh5C9WHEq1aw4fUFCxD5cwy9kt1jV3pSEN/+H5cg4T0OCVRikUZvfB9wng15fdw6JYoZWhWBwZHfISHhXqTXGDnMO7MvzFCl7Ek5WBvH6LoThJFVvKkab6Zg15FtuqNpCat0yEb5QMoFUbyp2Wm0eFU5eUVnlqC6IgG765Pbz+v4sJJo0q3+sZlIgzPeav3d7FEgZeqq+UZA3Hp+4T5ww+XEHDalxsB60VDeq85snVTO8XGt"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDXNG/QeViH/SboWxbONAub/eim3NRm5MDtJA7gyTz7r"
];
};
};
}

View file

@ -49,21 +49,33 @@
inherit (pkgs) lib; inherit (pkgs) lib;
nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixFlakes; }; nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixFlakes; };
localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations;
vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations;
in in
{ {
apps = lib.mapAttrs apps = lib.mapAttrs
(name: program: { type = "app"; program = toString program; }) (name: program: { type = "app"; program = toString program; })
(flake-utils.lib.flattenTree { (flake-utils.lib.flattenTree {
deploy = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "deploy-${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild switch \
--flake .#${hostname} \
--target-host ${machine.config.deployment.targetHost}
'')
vpsMachines);
switch = lib.recurseIntoAttrs (lib.mapAttrs switch = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "switch-${hostname}" '' (hostname: machine: pkgs.writeShellScript "switch-${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} ${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname}
'') '')
self.nixosConfigurations); localMachines);
test = lib.recurseIntoAttrs (lib.mapAttrs test = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "test-${hostname}" '' (hostname: machine: pkgs.writeShellScript "test-${hostname}" ''
${nixos-rebuild}/bin/nixos-rebuild test --flake .#${hostname} ${nixos-rebuild}/bin/nixos-rebuild test --flake .#${hostname}
'') '')
self.nixosConfigurations); localMachines);
}); });
devShells = { devShells = {
@ -83,6 +95,7 @@
, specialArgs ? { } , specialArgs ? { }
, extraModules ? [ ] , extraModules ? [ ]
, extraHomeModule ? null , extraHomeModule ? null
, targetHost ? null
, nixpkgs ? inputs.nixpkgs , nixpkgs ? inputs.nixpkgs
}: }:
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
@ -96,7 +109,20 @@
home-manager.nixosModule home-manager.nixosModule
]) ])
++ [ ./machines/${hostname} ] ++ [ ./machines/${hostname} ]
++ extraModules; ++ extraModules
++ [
# deployment settings
({ lib, ... }: {
options.deployment = with lib; {
targetHost = mkOption {
type = types.nullOr types.str;
readOnly = true;
internal = true;
};
};
config.deployment = { inherit targetHost; };
})
];
}) })
(import ./machines inputs); (import ./machines inputs);
}; };

View file

@ -52,4 +52,6 @@ in
# Enable the Docker # Enable the Docker
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
local.nix.enableMyRegistry = true;
} }

View file

@ -29,4 +29,10 @@ in
local.alacritty.fontSize = 6.0; local.alacritty.fontSize = 6.0;
}; };
}; };
magenta = {
system = "x86_64-linux";
targetHost = "45.131.41.215";
};
} }

View file

@ -79,4 +79,6 @@ in
# Enable the Docker # Enable the Docker
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
local.nix.enableMyRegistry = true;
} }

View file

@ -0,0 +1,19 @@
{ ... }:
let
data = import ../../data.nix;
in
{
imports = [
./hardware-configuration.nix
./networking.nix # generated at runtime by nixos-infect
../modules/common.nix
];
boot.cleanTmpDir = true;
zramSwap.enable = true;
networking.hostName = "magenta";
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = data.publicKeys.users.jan;
}

View file

@ -0,0 +1,9 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
}

View file

@ -0,0 +1,33 @@
{ lib, ... }:
{
# This file was populated at runtime with the networking
# details gathered from the active system.
networking = {
nameservers = [
"188.93.16.19"
"188.93.17.19"
"8.8.8.8"
];
defaultGateway = "45.131.41.1";
defaultGateway6 = "";
dhcpcd.enable = false;
usePredictableInterfaceNames = lib.mkForce false;
interfaces = {
eth0 = {
ipv4.addresses = [
{ address = "45.131.41.215"; prefixLength = 24; }
];
ipv6.addresses = [
{ address = "fe80::f816:3eff:fe58:d30a"; prefixLength = 64; }
];
ipv4.routes = [{ address = "45.131.41.1"; prefixLength = 32; }];
ipv6.routes = [{ address = ""; prefixLength = 128; }];
};
};
};
services.udev.extraRules = ''
ATTR{address}=="fa:16:3e:58:d3:0a", NAME="eth0"
'';
}

Binary file not shown.