yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

chore: format

Browse Source
This commit is contained in:
Yadunand Prem
2024-10-15 15:28:30 -04:00
parent 8ddb71850b
commit a426618383
7 changed files with 83 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/common/users.nix
View File

@@ -1,10 +1,10 @@
{ {
users.users.yadunut = { users.users.yadunut = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user. extraGroups = ["wheel"]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ]; openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
}; };
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ]; users.users.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
} }

48
nixos/flake.nix
View File

@@ -18,11 +18,27 @@
}; };
}; };
outputs = { self, flake-utils,nixpkgs, nixos-generators, disko, agenix, ... }: { outputs = {
self,
nixpkgs,
disko,
agenix,
...
}: {
formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.alejandra;
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
nixosConfigurations = let nixosConfigurations = let
nodes = import ./server/nodes.nix; nodes = import ./server/nodes.nix;
in builtins.mapAttrs (name: data: nixpkgs.lib.nixosSystem { in
specialArgs = { meta = { hostname = name; ip = data.ip; private-ip = data.private-ip; }; }; builtins.mapAttrs (name: data:
nixpkgs.lib.nixosSystem {
specialArgs = {
meta = {
hostname = name;
ip = data.ip;
private-ip = data.private-ip;
};
};
modules = [ modules = [
disko.nixosModules.disko disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default
@@ -30,19 +46,35 @@
./server/proxmox/configuration.nix ./server/proxmox/configuration.nix
./server/proxmox/hardware-configuration.nix ./server/proxmox/hardware-configuration.nix
]; ];
}) nodes; })
nodes
// {
premhome-gc1 = nixpkgs.lib.nixosSystem {
modules = [
disko.nixosModules.disko
agenix.nixosModules.default
./server/premhome-gc1/disko-config.nix
./server/premhome-gc1/configuration.nix
./server/premhome-gc1/hardware-configuration.nix
];
};
};
colmena = let colmena = let
configs = self.nixosConfigurations; configs = self.nixosConfigurations;
in { in
{
meta = { meta = {
description = "My personal machines"; description = "My personal machines";
nixpkgs = import nixpkgs { system = "x86_64-linux"; }; nixpkgs = import nixpkgs {system = "x86_64-linux";};
nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs; nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs;
nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs; nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs;
}; };
} // builtins.mapAttrs (name: value: { }
// builtins.mapAttrs (name: value: {
imports = value._module.args.modules; imports = value._module.args.modules;
deployment.targetHost = value._module.specialArgs.meta.private-ip; }) configs; deployment.targetHost = value._module.specialArgs.meta.private-ip;
})
configs;
}; };
} }

6
nixos/proxmox/iso.nix
View File

@@ -1,5 +1,9 @@
{ config, lib, pkgs, ...}:
{ {
config,
lib,
pkgs,
...
}: {
imports = [../common/users.nix]; imports = [../common/users.nix];
nix = { nix = {

5
nixos/secrets/secrets.nix
View File

@@ -1,8 +1,7 @@
let let
keys = import ./keys.nix; keys = import ./keys.nix;
in in {
{
"tailscale.age".publicKeys = builtins.attrValues keys; "tailscale.age".publicKeys = builtins.attrValues keys;
"k3s.age".publicKeys = builtins.attrValues keys; "k3s.age".publicKeys = builtins.attrValues keys;
"flux.age".publicKeys = [ keys.yadunut keys.yadunut-mbp ]; "flux.age".publicKeys = [keys.yadunut keys.yadunut-mbp];
} }

20
nixos/server/proxmox/configuration.nix
View File

@@ -1,6 +1,10 @@
{ config, meta, pkgs, ... }:
{ {
imports = [../common/users.nix]; config,
meta,
pkgs,
...
}: {
imports = [../../common/users.nix];
nix = { nix = {
settings.experimental-features = ["nix-command" "flakes"]; settings.experimental-features = ["nix-command" "flakes"];
}; };
@@ -14,7 +18,7 @@
enable = true; enable = true;
authKeyFile = config.age.secrets.tailscale.path; authKeyFile = config.age.secrets.tailscale.path;
useRoutingFeatures = "both"; useRoutingFeatures = "both";
extraUpFlags = [ "--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes" ]; extraUpFlags = ["--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes"];
interfaceName = "tailscale0"; interfaceName = "tailscale0";
}; };
@@ -34,7 +38,6 @@
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/" "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git git
neovim neovim
@@ -46,11 +49,14 @@
role = "server"; role = "server";
tokenFile = config.age.secrets.k3s.path; tokenFile = config.age.secrets.k3s.path;
clusterInit = meta.hostname == "premhome-falcon-1"; clusterInit = meta.hostname == "premhome-falcon-1";
serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443"; serverAddr =
extraFlags = ["--disable=servicelb" "--disable=traefik" ]; if meta.hostname == "premhome-falcon-1"
then ""
else "https://premhome-falcon-1:6443";
extraFlags = ["--disable=servicelb" "--disable=traefik"];
}; };
networking.firewall.trustedInterfaces = [ "tailscale0" ]; networking.firewall.trustedInterfaces = ["tailscale0"];
networking.firewall.enable = false; networking.firewall.enable = false;
system.stateVersion = "24.11"; system.stateVersion = "24.11";

1
nixos/server/proxmox/disko-config.nix
View File

@@ -25,7 +25,6 @@
}; };
}; };
}; };
}; };
}; };
}; };

19
nixos/server/proxmox/hardware-configuration.nix
View File

@@ -1,16 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/profiles/qemu-guest.nix") ]; lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's