add initial configs for vps
This commit is contained in:
parent
19dccaf985
commit
e5c7ebd23c
9 changed files with 110 additions and 3 deletions
10
data.nix
Normal file
10
data.nix
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{
|
||||||
|
publicKeys = {
|
||||||
|
users = {
|
||||||
|
jan = [
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJKo68e8EuKlgYG/mxEsMsfWLHXkRulpscGZUD9lXbaEyTvaGalc82T4d7wXHgUi8/xpRbsfxxTV1bl1I7X+Vq7xmzfMP5a0NBIv5Lnh5C9WHEq1aw4fUFCxD5cwy9kt1jV3pSEN/+H5cg4T0OCVRikUZvfB9wng15fdw6JYoZWhWBwZHfISHhXqTXGDnMO7MvzFCl7Ek5WBvH6LoThJFVvKkab6Zg15FtuqNpCat0yEb5QMoFUbyp2Wm0eFU5eUVnlqC6IgG765Pbz+v4sJJo0q3+sZlIgzPeav3d7FEgZeqq+UZA3Hp+4T5ww+XEHDalxsB60VDeq85snVTO8XGt"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDXNG/QeViH/SboWxbONAub/eim3NRm5MDtJA7gyTz7r"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
32
flake.nix
32
flake.nix
|
@ -49,21 +49,33 @@
|
||||||
inherit (pkgs) lib;
|
inherit (pkgs) lib;
|
||||||
|
|
||||||
nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixFlakes; };
|
nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixFlakes; };
|
||||||
|
|
||||||
|
localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations;
|
||||||
|
vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
apps = lib.mapAttrs
|
apps = lib.mapAttrs
|
||||||
(name: program: { type = "app"; program = toString program; })
|
(name: program: { type = "app"; program = toString program; })
|
||||||
(flake-utils.lib.flattenTree {
|
(flake-utils.lib.flattenTree {
|
||||||
|
deploy = lib.recurseIntoAttrs (lib.mapAttrs
|
||||||
|
(hostname: machine: pkgs.writeShellScript "deploy-${hostname}" ''
|
||||||
|
${nixos-rebuild}/bin/nixos-rebuild switch \
|
||||||
|
--flake .#${hostname} \
|
||||||
|
--target-host ${machine.config.deployment.targetHost}
|
||||||
|
'')
|
||||||
|
vpsMachines);
|
||||||
|
|
||||||
switch = lib.recurseIntoAttrs (lib.mapAttrs
|
switch = lib.recurseIntoAttrs (lib.mapAttrs
|
||||||
(hostname: machine: pkgs.writeShellScript "switch-${hostname}" ''
|
(hostname: machine: pkgs.writeShellScript "switch-${hostname}" ''
|
||||||
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname}
|
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname}
|
||||||
'')
|
'')
|
||||||
self.nixosConfigurations);
|
localMachines);
|
||||||
|
|
||||||
test = lib.recurseIntoAttrs (lib.mapAttrs
|
test = lib.recurseIntoAttrs (lib.mapAttrs
|
||||||
(hostname: machine: pkgs.writeShellScript "test-${hostname}" ''
|
(hostname: machine: pkgs.writeShellScript "test-${hostname}" ''
|
||||||
${nixos-rebuild}/bin/nixos-rebuild test --flake .#${hostname}
|
${nixos-rebuild}/bin/nixos-rebuild test --flake .#${hostname}
|
||||||
'')
|
'')
|
||||||
self.nixosConfigurations);
|
localMachines);
|
||||||
});
|
});
|
||||||
|
|
||||||
devShells = {
|
devShells = {
|
||||||
|
@ -83,6 +95,7 @@
|
||||||
, specialArgs ? { }
|
, specialArgs ? { }
|
||||||
, extraModules ? [ ]
|
, extraModules ? [ ]
|
||||||
, extraHomeModule ? null
|
, extraHomeModule ? null
|
||||||
|
, targetHost ? null
|
||||||
, nixpkgs ? inputs.nixpkgs
|
, nixpkgs ? inputs.nixpkgs
|
||||||
}:
|
}:
|
||||||
nixpkgs.lib.nixosSystem {
|
nixpkgs.lib.nixosSystem {
|
||||||
|
@ -96,7 +109,20 @@
|
||||||
home-manager.nixosModule
|
home-manager.nixosModule
|
||||||
])
|
])
|
||||||
++ [ ./machines/${hostname} ]
|
++ [ ./machines/${hostname} ]
|
||||||
++ extraModules;
|
++ extraModules
|
||||||
|
++ [
|
||||||
|
# deployment settings
|
||||||
|
({ lib, ... }: {
|
||||||
|
options.deployment = with lib; {
|
||||||
|
targetHost = mkOption {
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
readOnly = true;
|
||||||
|
internal = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
config.deployment = { inherit targetHost; };
|
||||||
|
})
|
||||||
|
];
|
||||||
})
|
})
|
||||||
(import ./machines inputs);
|
(import ./machines inputs);
|
||||||
};
|
};
|
||||||
|
|
|
@ -52,4 +52,6 @@ in
|
||||||
|
|
||||||
# Enable the Docker
|
# Enable the Docker
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
|
|
||||||
|
local.nix.enableMyRegistry = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,4 +29,10 @@ in
|
||||||
local.alacritty.fontSize = 6.0;
|
local.alacritty.fontSize = 6.0;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
magenta = {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
|
||||||
|
targetHost = "45.131.41.215";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -79,4 +79,6 @@ in
|
||||||
|
|
||||||
# Enable the Docker
|
# Enable the Docker
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
|
|
||||||
|
local.nix.enableMyRegistry = true;
|
||||||
}
|
}
|
||||||
|
|
19
machines/magenta/default.nix
Normal file
19
machines/magenta/default.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
data = import ../../data.nix;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./networking.nix # generated at runtime by nixos-infect
|
||||||
|
../modules/common.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.cleanTmpDir = true;
|
||||||
|
zramSwap.enable = true;
|
||||||
|
networking.hostName = "magenta";
|
||||||
|
|
||||||
|
services.openssh.enable = true;
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = data.publicKeys.users.jan;
|
||||||
|
}
|
9
machines/magenta/hardware-configuration.nix
Normal file
9
machines/magenta/hardware-configuration.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{ modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||||
|
boot.loader.grub.device = "/dev/sda";
|
||||||
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
|
||||||
|
boot.initrd.kernelModules = [ "nvme" ];
|
||||||
|
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
|
||||||
|
}
|
33
machines/magenta/networking.nix
Normal file
33
machines/magenta/networking.nix
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
{ lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
# This file was populated at runtime with the networking
|
||||||
|
# details gathered from the active system.
|
||||||
|
networking = {
|
||||||
|
nameservers = [
|
||||||
|
"188.93.16.19"
|
||||||
|
"188.93.17.19"
|
||||||
|
"8.8.8.8"
|
||||||
|
];
|
||||||
|
defaultGateway = "45.131.41.1";
|
||||||
|
defaultGateway6 = "";
|
||||||
|
dhcpcd.enable = false;
|
||||||
|
usePredictableInterfaceNames = lib.mkForce false;
|
||||||
|
interfaces = {
|
||||||
|
eth0 = {
|
||||||
|
ipv4.addresses = [
|
||||||
|
{ address = "45.131.41.215"; prefixLength = 24; }
|
||||||
|
];
|
||||||
|
ipv6.addresses = [
|
||||||
|
{ address = "fe80::f816:3eff:fe58:d30a"; prefixLength = 64; }
|
||||||
|
];
|
||||||
|
ipv4.routes = [{ address = "45.131.41.1"; prefixLength = 32; }];
|
||||||
|
ipv6.routes = [{ address = ""; prefixLength = 128; }];
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
ATTR{address}=="fa:16:3e:58:d3:0a", NAME="eth0"
|
||||||
|
'';
|
||||||
|
}
|
Binary file not shown.
Loading…
Reference in a new issue