yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

chore: format

Browse Source
This commit is contained in:
Yadunand Prem
2024-10-15 15:28:30 -04:00
parent 8ddb71850b
commit a426618383
7 changed files with 83 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/common/users.nix
View File

@@ -1,10 +1,10 @@
{
users.users.yadunut = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ];
extraGroups = ["wheel"]; # Enable sudo for the user.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
};
security.sudo.wheelNeedsPassword = false;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG" ];
users.users.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"];
}

48
nixos/flake.nix
View File

@@ -18,11 +18,27 @@
};
};
outputs = { self, flake-utils,nixpkgs, nixos-generators, disko, agenix, ... }: {
outputs = {
self,
nixpkgs,
disko,
agenix,
...
}: {
formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.alejandra;
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
nixosConfigurations = let
nodes = import ./server/nodes.nix;
in builtins.mapAttrs (name: data: nixpkgs.lib.nixosSystem {
specialArgs = { meta = { hostname = name; ip = data.ip; private-ip = data.private-ip; }; };
in
builtins.mapAttrs (name: data:
nixpkgs.lib.nixosSystem {
specialArgs = {
meta = {
hostname = name;
ip = data.ip;
private-ip = data.private-ip;
};
};
modules = [
disko.nixosModules.disko
agenix.nixosModules.default
@@ -30,19 +46,35 @@
./server/proxmox/configuration.nix
./server/proxmox/hardware-configuration.nix
];
}) nodes;
})
nodes
// {
premhome-gc1 = nixpkgs.lib.nixosSystem {
modules = [
disko.nixosModules.disko
agenix.nixosModules.default
./server/premhome-gc1/disko-config.nix
./server/premhome-gc1/configuration.nix
./server/premhome-gc1/hardware-configuration.nix
];
};
};
colmena = let
configs = self.nixosConfigurations;
in {
in
{
meta = {
description = "My personal machines";
nixpkgs = import nixpkgs { system = "x86_64-linux"; };
nixpkgs = import nixpkgs {system = "x86_64-linux";};
nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) configs;
nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) configs;
};
} // builtins.mapAttrs (name: value: {
}
// builtins.mapAttrs (name: value: {
imports = value._module.args.modules;
deployment.targetHost = value._module.specialArgs.meta.private-ip; }) configs;
deployment.targetHost = value._module.specialArgs.meta.private-ip;
})
configs;
};
}

6
nixos/proxmox/iso.nix
View File

@@ -1,5 +1,9 @@
{ config, lib, pkgs, ...}:
{
config,
lib,
pkgs,
...
}: {
imports = [../common/users.nix];
nix = {

5
nixos/secrets/secrets.nix
View File

@@ -1,8 +1,7 @@
let
keys = import ./keys.nix;
in
{
in {
"tailscale.age".publicKeys = builtins.attrValues keys;
"k3s.age".publicKeys = builtins.attrValues keys;
"flux.age".publicKeys = [ keys.yadunut keys.yadunut-mbp ];
"flux.age".publicKeys = [keys.yadunut keys.yadunut-mbp];
}

20
nixos/server/proxmox/configuration.nix
View File

@@ -1,6 +1,10 @@
{ config, meta, pkgs, ... }:
{
imports = [../common/users.nix];
config,
meta,
pkgs,
...
}: {
imports = [../../common/users.nix];
nix = {
settings.experimental-features = ["nix-command" "flakes"];
};
@@ -14,7 +18,7 @@
enable = true;
authKeyFile = config.age.secrets.tailscale.path;
useRoutingFeatures = "both";
extraUpFlags = [ "--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes" ];
extraUpFlags = ["--advertise-routes=10.0.1.0/24" "--login-server=http://ts.yadunut.com:444" "--accept-routes"];
interfaceName = "tailscale0";
};
@@ -34,7 +38,6 @@
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
environment.systemPackages = with pkgs; [
git
neovim
@@ -46,11 +49,14 @@
role = "server";
tokenFile = config.age.secrets.k3s.path;
clusterInit = meta.hostname == "premhome-falcon-1";
serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443";
extraFlags = ["--disable=servicelb" "--disable=traefik" ];
serverAddr =
if meta.hostname == "premhome-falcon-1"
then ""
else "https://premhome-falcon-1:6443";
extraFlags = ["--disable=servicelb" "--disable=traefik"];
};
networking.firewall.trustedInterfaces = [ "tailscale0" ];
networking.firewall.trustedInterfaces = ["tailscale0"];
networking.firewall.enable = false;
system.stateVersion = "24.11";

1
nixos/server/proxmox/disko-config.nix
View File

@@ -25,7 +25,6 @@
};
};
};
};
};
};

19
nixos/server/proxmox/hardware-configuration.nix
View File

@@ -1,16 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's