yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

feat: organise better

Browse Source
This commit is contained in:
Yadunand Prem
2024-10-15 01:10:12 -04:00
parent e2433358b9
commit 8ddb71850b
7 changed files with 291 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Readme.md
View File

@@ -26,11 +26,6 @@ nix run --refresh --verbose "git+https://gitea.ts.yadunut.com/yadunut/homelab.gi
```
Copy the IP address
3. Use nixos-anywhere to bootstrap virtual machines
```bash
nix run ".#bootstrap"`
```
# Process to creating a New Machine
1. Create an ISO and transfer it over to Proxmox if it doesn't already exist
@@ -63,3 +58,11 @@ flux bootstrap gitea --owner=yadunut --repository=homelab --hostname=gitea.ts.ya
Why the fuck are there 2 kustomizations
https://fluxcd.io/flux/faq/#are-there-two-kustomization-types
## Uninstalling k3s on nix
sudo su - root
KUBELET_PATH=$(mount | grep kubelet | cut -d' ' -f3);
${KUBELET_PATH:+umount $KUBELET_PATH}
rm -rf /etc/rancher/{k3s,node};
rm -rf /var/lib/{rancher/k3s,kubelet,longhorn,etcd,cni}

89
flake.nix
View File

@@ -18,7 +18,7 @@
};
};
outputs = { self, flake-utils,nixpkgs, nixos-generators, disko, agenix, ... }: {
outputs = { flake-utils,nixpkgs, nixos-generators, agenix, ... }: {
packages.x86_64-linux = {
create-vm = let
pkgs = import nixpkgs { system = "x86_64-linux"; };
@@ -28,12 +28,12 @@
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
buildInputs = with pkgs; [ gum jq ];
in pkgs.symlinkJoin {
in pkgs.symlinkJoin {
name = script-name;
paths = [ script ] ++ buildInputs;
nativeBuildInputs = with pkgs; [makeWrapper];
postBuild = "wrapProgram $out/bin/${script-name} --prefix PATH : $out/bin";
};
};
generate-iso = nixos-generators.nixosGenerate {
format = "iso";
system = "x86_64-linux";
@@ -49,61 +49,38 @@
script-name = "setup-vm";
src = builtins.readFile ./nixos/proxmox/setup-vm.sh;
script = (pkgs.writeScriptBin script-name src).overrideAttrs(old: {
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
buildInputs = with pkgs; [
gum
agenix.packages.aarch64-darwin.default
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
buildInputs = with pkgs; [
gum
agenix.packages.aarch64-darwin.default
];
in pkgs.symlinkJoin {
name = script-name;
paths = [ script ] ++ buildInputs;
nativeBuildInputs = with pkgs; [makeWrapper];
postBuild = "wrapProgram $out/bin/${script-name} --prefix PATH : $out/bin";
};
};
nixosConfigurations = let
nodes = import ./nixos/server/nodes.nix;
in builtins.mapAttrs (name: data: nixpkgs.lib.nixosSystem {
specialArgs = { meta = { hostname = name; ip = data.ip; }; };
modules = [
disko.nixosModules.disko
agenix.nixosModules.default
./nixos/server/disko-config.nix
./nixos/server/configuration.nix
./nixos/server/hardware-configuration.nix
];
}) nodes;
colmena = let
configs = self.nixosConfigurations;
in {
meta = {
description = "My personal machines";
nixpkgs = import nixpkgs { system = "x86_64-linux"; };
nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs;
nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs;
name = script-name;
paths = [ script ] ++ buildInputs;
nativeBuildInputs = with pkgs; [makeWrapper];
postBuild = "wrapProgram $out/bin/${script-name} --prefix PATH : $out/bin";
};
} // builtins.mapAttrs (name: value: { imports = value._module.args.modules; }) configs;
} // flake-utils.lib.eachDefaultSystem (system:
let pkgs = import nixpkgs {
inherit system;
}; in
{
devShells = {
default = pkgs.mkShell {
buildInputs = [
pkgs.nix
pkgs.colmena
pkgs.shellcheck
agenix.packages.${system}.default
pkgs.ansible
pkgs.kubernetes-helm
pkgs.helmfile
pkgs.fluxcd
pkgs.kustomize
];
};
};
});
} // flake-utils.lib.eachDefaultSystem (system:
let pkgs = import nixpkgs {
inherit system;
}; in
{
devShells = {
default = pkgs.mkShell {
buildInputs = [
pkgs.nix
pkgs.colmena
pkgs.shellcheck
agenix.packages.${system}.default
pkgs.ansible
pkgs.kubernetes-helm
pkgs.helmfile
pkgs.fluxcd
pkgs.kustomize
];
};
};
});
}

201
nixos/flake.lock generated Normal file
View File

@@ -0,0 +1,201 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1723293904,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
"owner": "ryantm",
"repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1728922573,
"narHash": "sha256-FegyBabjV4868aJUbvFtqH0zKDEtUpeCAfnB1vWXeBg=",
"owner": "nix-community",
"repo": "disko",
"rev": "3b778f10eb275573da9f5c8a7a49e774200b87e5",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1728781282,
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "16340f605f4e8e5cf07fd74dcbe692eee2d4f51b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1728867876,
"narHash": "sha256-NCyOA8WZNoojmXH+kBDrQj3LwvakYNzSc0h+LTXkmPE=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "fdf142111597f6c6283cf5ffe092b6293a3911d0",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1728538411,
"narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"disko": "disko",
"flake-utils": "flake-utils",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

48
nixos/flake.nix Normal file
View File

@@ -0,0 +1,48 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-utils = {
url = "github:numtide/flake-utils";
};
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, flake-utils,nixpkgs, nixos-generators, disko, agenix, ... }: {
nixosConfigurations = let
nodes = import ./server/nodes.nix;
in builtins.mapAttrs (name: data: nixpkgs.lib.nixosSystem {
specialArgs = { meta = { hostname = name; ip = data.ip; private-ip = data.private-ip; }; };
modules = [
disko.nixosModules.disko
agenix.nixosModules.default
./server/proxmox/disko-config.nix
./server/proxmox/configuration.nix
./server/proxmox/hardware-configuration.nix
];
}) nodes;
colmena = let
configs = self.nixosConfigurations;
in {
meta = {
description = "My personal machines";
nixpkgs = import nixpkgs { system = "x86_64-linux"; };
nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs;
nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs;
};
} // builtins.mapAttrs (name: value: {
imports = value._module.args.modules;
deployment.targetHost = value._module.specialArgs.meta.private-ip; }) configs;
};
}

3
nixos/server/configuration.nix → nixos/server/proxmox/configuration.nix
View File

@@ -43,12 +43,11 @@
services.k3s = {
enable = true;
# role = if builtins.elem meta.hostname servers then "server" else "agent";
role = "server";
tokenFile = config.age.secrets.k3s.path;
clusterInit = meta.hostname == "premhome-falcon-1";
serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443";
extraFlags = ["--disable=servicelb" "--disable=traefik" "--node-ip" meta.ip ];
extraFlags = ["--disable=servicelb" "--disable=traefik" ];
};
networking.firewall.trustedInterfaces = [ "tailscale0" ];

0
nixos/server/disko-config.nix → nixos/server/proxmox/disko-config.nix
View File

0
nixos/server/hardware-configuration.nix → nixos/server/proxmox/hardware-configuration.nix
View File