yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

feat: update flakes

Browse Source
This commit is contained in:
Yadunand Prem
2024-10-27 17:01:20 -04:00
parent 4f2cfaa778
commit c5e35d2407
9 changed files with 56 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/common/zerotier.nix
View File

@@ -1,9 +1,8 @@
{config}: { {config, ...}: {
age.secrets.zerotier.file = ../../secrets/zerotier.age; age.secrets.zerotier.file = ../secrets/zerotier-network.age;
services.zerotierone = { services.zerotierone = {
enable = true; enable = true;
joinNetworks = [builtins.readFile config.age.secrets.zerotier.path]; # Is an antipattern, but idc if this is readable on the servers
}; };
networking = { networking = {

1
nixos/flake.nix
View File

@@ -56,6 +56,7 @@
meta = { meta = {
hostname = name; hostname = name;
private-ip = data.private-ip; private-ip = data.private-ip;
zt-ip = data.zt-ip;
server-addr = (import ./server/nodes.nix).premhome-gc1.zt-ip; server-addr = (import ./server/nodes.nix).premhome-gc1.zt-ip;
role = data.role; role = data.role;
}; };

13
nixos/secrets/flux.age
View File

@@ -1,7 +1,8 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 Gc/MTQ St5gf2wgaOgyHInjHPNE+01ofk3oU5vjah6rSHGmBQ0 -> ssh-ed25519 Gc/MTQ ApEWvG6NVSvtZO4GKHvYwpFetdGx7+OW1IPzOLywO2k
5RxsVxNoQTrOag4DxhJy/OjLiguj92CN6l6M/nLPUAg AYx5xuqOjzU+4LNbh+b6QajEX+ChRKEsQlbkszx6vAQ
-> ssh-ed25519 0ckKSg PZJ71fa4cWk95qzIRhjFgyqKqqzO1k1FVdfWFtgLCQs -> ssh-ed25519 0ckKSg oG9JRX7uN3m7QQUfNhcWE+zs5QgfC9kdyv4xM3eN0lY
/qvzeJah87U2YNUhu870RidaneBRlPQ2nAbLz5fEbFY agX+JQ5fR25Gi03s06959mGXGrzfwqW9Xp60LIIwji4
--- lETT27DRaNWgkLz15l+3y3ixMrK8yNgAoCyrvExK5ZE --- mMGixzJd/Cv/9UMNRootUE8PF5tY1ygwjrw5rHMPVIU
<EFBFBD>[<5B>mQϲ<51><CFB2>IK[-<2D>x7\<5C>.<2E><><EFBFBD><EFBFBD><EFBFBD>$q<>mM<6D>z<EFBFBD><7A><EFBFBD><7F>rzN<7A><4E>.|<19>ê<EFBFBD>E<EFBFBD>'<27><>M<7F>[<5B><1F><><EFBFBD>|'<27>}s <EFBFBD><EFBFBD>SeNM<EFBFBD><08>
<EFBFBD><04><><EFBFBD>N'<27><>"<07>;[<5B>=G<>|<7C><><1E><0F><1A><><05>Y<EFBFBD>%<14>Oa<05>c~la<6C>e<EFBFBD><65>Ȥ<EFBFBD>4<EFBFBD>x<EFBFBD><78><EFBFBD>Uϗd

21
nixos/secrets/k3s.age
View File

@@ -1,10 +1,13 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 OV7A4A 2mzVj+7svSS/ZM2y86Fg2nLTSzdNdO3sm4RLmgqCy14 -> ssh-ed25519 TEybzA WElD26CepschVmgze6GNQeZlgdOaySiNw06wktNTbFk
jnjkZmYcc2GQNNQ0QLz2p9x84hHZ9yl7IyMbSet0tEQ SIb18FmD/yGtC/Ky4R3NRIOm3VZQZm+3bYJ79kB4mbc
-> ssh-ed25519 Gc/MTQ csWJM/Y+TTK82vsC8c2FZW4uZ54fX5sOuz6yze2q1zk -> ssh-ed25519 wohlGw c02F2dRflBTCBw6sCZOICdkG/HG88cYMMQKue23tYn0
YhSxYKMkNzFZqI45gYzc33PPcgx78mRx72dJi82RqRs j4KW08uNVGIhUhXZpyPMUK05pOqTnI7SOYJYzxVWxPg
-> ssh-ed25519 0ckKSg F1Xk3UFol8gEwCFSJh8+tITJTII8IeCz4FE2S2CkKDo -> ssh-ed25519 OV7A4A IsGHN5oTMPfH8akGyK7uYnhc2UieOA2XsSsbISuG/lA
ncJRpe0TSLuMjKt+kjU5l1PJXFNDqnW+j9GT8t6/Krw qt5P0EpwuZ+jrYauw8zKJqiWTPgXO5R0HMuf1V+asnY
--- S5tfjeE9DbpxFaOcV5BELXBqaLQ4mDa+eWbw2CAyHwc -> ssh-ed25519 Gc/MTQ 1cL0ci2bDO2fiWrde8aF8qUfbiBgHuyMM0i7jph6AyU
f<><66>[<5B><><EFBFBD>8<EFBFBD>e;o<>{:<13><>,<2C>><1B><>7<EFBFBD> LVXTNf2bOL1dHfk7DO7j2FsQ46RUF3uPq0NjQCCIJRk
D<EFBFBD>D<EFBFBD><EFBFBD><EFBFBD>r6m<EFBFBD>\<5C><>eDe<44>-: -> ssh-ed25519 0ckKSg Z69TeUDHKXE1c75pn6WZRW+tMIkBaPCeyyR82F6qXi4
5tpLGKjPhpeGbK935ZnfN1G0z+OOioSB807HNHJfBvo
--- AroBvuyy4pwXSOySuKi9sVVVMUOzx7e2+Stx2NSWDK4
<EFBFBD>g<EFBFBD>\<1C><><EFBFBD><EFBFBD>A<EFBFBD><41>N~<7E><><EFBFBD>'XY<58>.?<3F><><EFBFBD><EFBFBD>p<EFBFBD>Y<><59>=|xO<>yKI<4B>C<EFBFBD><43>ì<EFBFBD>

2
nixos/secrets/keys.nix
View File

@@ -2,4 +2,6 @@
yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG"; yadunut = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXOpmWsAnl2RtOuJJMRUx+iJTwf2RWJ1iS3FqXJFzFG";
yadunut-mbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlXV+TevruoYChk2XbqG5+yqEklRJvOx7YdTGFfXY/f yadunut@yadunut-mbp"; yadunut-mbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlXV+TevruoYChk2XbqG5+yqEklRJvOx7YdTGFfXY/f yadunut@yadunut-mbp";
premhome-gc1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3I/bCyi6rBzgJkfCFa8T9F+y1eOuZDB7l2Ly67slX3 yadunut@premhome-gc1"; premhome-gc1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA3I/bCyi6rBzgJkfCFa8T9F+y1eOuZDB7l2Ly67slX3 yadunut@premhome-gc1";
premhome-falcon-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB6r2gtUjYtKFBN9CWQi/1/MEnahgxRECoCG9hg4d/lV yadunut@premhome-falcon-1";
premhome-eagle-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDA+fmLaC+zuwYmDZHhykE7II8ShXeHgHEEL7MzJELcI yadunut@premhome-eagle-1";
} }

BIN
nixos/secrets/tailscale.age
View File

Binary file not shown.

22
nixos/secrets/zerotier-network.age
View File

@@ -1,11 +1,13 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 OV7A4A SaDleivMaeTYhlPfgWNLwyVvqi7jX7zEE8U0K1Bt4Ds -> ssh-ed25519 TEybzA qz1zHPOGLrL9s11kpeypgRh2J6j2VnvAR8+o0YIr0VM
jSHVPbXpgtzBlZkGO0g0ls447BtswuQ/IqW3M/FmbgQ +HKwF2CITJTcB7Q68Bbx0kMIAbmHvwGvrGV9fWXFfrY
-> ssh-ed25519 Gc/MTQ IKbNi7Z6qDOIr47lSfom3K8hIrbf8OGQ3WxZsqtjDmU -> ssh-ed25519 wohlGw +2ptx4kTE1UTeIRUGuqsPA+5aHtBs87e9lBcOLWwmyI
zAx5wPQzMq7ziibkjw52mGFXzACmkWdguxjM0sFRQv8 q3oXhIm9adphSaYu7Y8nbvIEC26GUwK5GIwHKbhBdA4
-> ssh-ed25519 0ckKSg 2rCRoQEz6sUio3mj3MbsPNkZi09yMgXPYiJTksPROj8 -> ssh-ed25519 OV7A4A IW+DKEy7u8dlNzqh5op69ZeLn0SLC/l8+eyeln2OFSg
RwB0k/fMuDBc946fzhEZc2cxljWvJHzMHsbGtG3DXuo B7xv1DNVf1Z2qZ8Z3U/JPUZ6T+y+zyOtXnHCzBEeOPM
--- WgPFThzdFxwCEO5GrsjvBkBeoUYUo+sDOp/g39lG9lU -> ssh-ed25519 Gc/MTQ AypTDuWOedCsvcF4dVkFWLWnazTfNGT7k6VQIfltwBI
<1C><>I<EFBFBD>B<EFBFBD><42> guo<75> 6XXLmk+wZ3peUxdHcGyZ/mog6Mzkb8732TWO7EfyOOA
dSD_<EFBFBD><EFBFBD>z<EFBFBD>?<3F>[<5B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> -> ssh-ed25519 0ckKSg bWks4r22jN6wEo/zTc3RTSezU23QxT2c8b1wyKeS5Bg
<EFBFBD><EFBFBD><EFBFBD>.<2E><>j<EFBFBD>G<06><><EFBFBD>4 39x+2W12v0oYQjOImt+b+vDZnGM+N+PHQW8fZLP8yWg
--- CUnSAFmoVHiLi5A2uZyvwMC+OjOODZjUKkkYrcNQubU
<EFBFBD>֒|<7C><>V<02>[)#{<7B><>-<2D>] 6/S<>=<3D>Lyݱb<DDB1>o<EFBFBD><6F>@u<>|<7C><>ND<4E>`<60>#<23>J

9
nixos/server/premhome-gc1/configuration.nix
View File

@@ -44,6 +44,15 @@
}; };
}; };
# For longhorn
services.openiscsi = {
enable = true;
name = "iqn.2016-04.com.open-iscsi:${config.networking.hostName}";
};
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
services.k3s = { services.k3s = {
enable = true; enable = true;
role = "server"; role = "server";

19
nixos/server/proxmox/configuration.nix
View File

@@ -1,4 +1,5 @@
{ {
config,
meta, meta,
pkgs, pkgs,
... ...
@@ -8,6 +9,8 @@
settings.experimental-features = ["nix-command" "flakes"]; settings.experimental-features = ["nix-command" "flakes"];
}; };
nixpkgs.config.allowUnfree = true;
networking.hostName = meta.hostname; networking.hostName = meta.hostname;
age.secrets.k3s.file = ../../secrets/k3s.age; age.secrets.k3s.file = ../../secrets/k3s.age;
@@ -43,14 +46,14 @@
}; };
}; };
# services.k3s = { services.k3s = {
# enable = true; enable = true;
# role = "server"; role = meta.role;
# tokenFile = config.age.secrets.k3s.path; tokenFile = config.age.secrets.k3s.path;
# clusterInit = false; clusterInit = false;
# serverAddr = "https://${meta.server-addr}:6443"; serverAddr = "https://${meta.server-addr}:6443";
# extraFlags = ["--disable=servicelb" "--disable=traefik" "--node-ip ${meta.zt-ip}" "--flannel-iface zts23oi5io"]; extraFlags = ["--disable=servicelb" "--disable=traefik" "--node-ip ${meta.zt-ip}" "--flannel-iface zts23oi5io"];
# }; };
system.stateVersion = "24.11"; system.stateVersion = "24.11";
} }