diff --git a/nixos/secrets/k3s.age b/nixos/secrets/k3s.age index 514ba71..807b065 100644 --- a/nixos/secrets/k3s.age +++ b/nixos/secrets/k3s.age @@ -1,13 +1,17 @@ age-encryption.org/v1 --> ssh-ed25519 heGc5Q H+5MEqJKeZqW4+B8dMcr2DhzG4RcmQOsCM31RcQGmAk -q/zN7Gg7+Z3otal7i2nUvLbUD7Axm2E6OxzabAb6220 --> ssh-ed25519 GOpnMA SP3cVUguh6OfZoDajtona8YDEiz+FwI1dL9GBDFeJQM -HPvo7LaF/NVCj2CVfbkrfKtPxiuLc4R+hCevl+7ZXuU --> ssh-ed25519 rhEK5w aPsjweWZQJoQHMiMLWr+/FPulXMf7bOrvPJtfCcbrQ0 -J+KeNPyvTEMGyJhJDArrIXZidVCE4R3ENtqId0Zfkb0 --> ssh-ed25519 Gc/MTQ ScCqNxXM4UU1c952pAJihAwxKXd3xM6VMY7ZdrBBYic -3ULRJhb3kXaEIaPOjntmrpQ84FRlhmDpuYC4Qeu1+UY --> ssh-ed25519 0ckKSg NEkLQhW3gtugJ1b9T18pX8qEYPSyIV7zLiY8kld4Rg4 -nASvLjshfd05eqjhvzDNOPG1X1KM1qNlLwO4tX/qx7g ---- pn+E9xI1xOTakwLwoMGrwxXy8LKkvKBu4i8nTdnYMiU -2(V6;?܋ʗʗ[(ΰQGiOPv]ݕq$)7 \ No newline at end of file +-> ssh-ed25519 BmGTzw KHQML0NZFWCGQ8KUycotaXb1Q80nabl6lI5eBMW61CY +n3LwVM8pdrBS0Ni4a+V2IDc0ab3vvTGwKlWJqzb+UAc +-> ssh-ed25519 h40/IQ mFfezyPE2Z7d2rlIHCnbO0ZxCt3UEswBgqTmMnhKaAg +AKOJHyl+gcdYS+ejP9NVorlftlBVidYGLPeorjV9idE +-> ssh-ed25519 heGc5Q 7oj8IGtuiiIk09M5h31JxpNXMxRj8juo1LY/S0ebI1s +lCzna0+UP+xsIVXeZ2IrJnI5Yi7lX0/2UW9IDpcV2BU +-> ssh-ed25519 GOpnMA Zslzb/cwH7WKhN6hyzkNxc0OF8RY3oqKyVBM3EXDOgk +Ksm5FhiYsSMHJnnoLufEYDvbhtzXmpUWtba8y4jq+Mk +-> ssh-ed25519 rhEK5w Tdqc6h3dK3KlRDuZl8n9zaSGHqEQYmlACi+BpDghAWw +Zwj1FXz1cu11zdQ3+kpxp+Jqix+ITKtY//hGVN4ExrY +-> ssh-ed25519 Gc/MTQ /bFhvTYCzfEtxh3aesWjgCfMX5PU1BZfnhK7DwGwyXw +mJDsAnWyfS2koiYRaotrt5cqni1D7qD/+KiEPytflww +-> ssh-ed25519 0ckKSg njJnd8uxtYFYqrcaCHyKJtqx/MxE2g7hee7opWq81Dk +Tkaf7gsDTp+ReXio0koMIZaUAl5HLZttnAmuBAJhEv0 +--- omdtkMg9qmbzDTpvKINuqQ9/QMUWdAiYtL07yjzPVN8 +#EiՓ7WR\P,T`18U =A;< \ No newline at end of file diff --git a/nixos/secrets/keys.nix b/nixos/secrets/keys.nix index f8f6ad4..eb164bb 100644 --- a/nixos/secrets/keys.nix +++ b/nixos/secrets/keys.nix @@ -4,4 +4,6 @@ yadunut-mbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlXV+TevruoYChk2XbqG5+yqEklR premhome-falcon-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAYkZ5zY1JXdgptr73l6wOw7V6CguR+W656LahD6vPAm yadunut@premhome-falcon-1"; premhome-falcon-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGeUv8uVQG2V2IbDYyE539czes1T2KpdI0yH3dQvhKat yadunut@premhome-falcon-2"; premhome-falcon-3 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3cKE6+Z5rk2c9VRYVXTnV7Q2bO926S2SiSrkDa4JJR yadunut@premhome-falcon-3"; +premhome-eagle-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb866ggFLW+MptS7yBzENIplQJGFEXeGn/dJ5pTSPO5 yadunut@premhome-eagle-1"; +premhome-eagle-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEF9SwC9wrfbYx+lyMD3H3544QXcWnhzW6cwbyQ6E/jD yadunut@premhome-eagle-2"; } # DO NOT ADD ANY NEW LINES AFTER THIS. IT WILL BREAK THE ".#setup-vm" flake diff --git a/nixos/secrets/tailscale.age b/nixos/secrets/tailscale.age index 7dd2a29..fa2e896 100644 Binary files a/nixos/secrets/tailscale.age and b/nixos/secrets/tailscale.age differ diff --git a/nixos/server/configuration.nix b/nixos/server/configuration.nix index 9fd932f..8d1bc80 100644 --- a/nixos/server/configuration.nix +++ b/nixos/server/configuration.nix @@ -19,10 +19,21 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + boot.tmp.cleanOnBoot = true; services.openssh.enable = true; services.qemuGuest.enable = true; + # For longhorn + services.openiscsi = { + enable = true; + name = "iqn.2016-04.com.open-iscsi:${meta.hostname}"; + }; + systemd.tmpfiles.rules = [ + "L+ /usr/local/bin - - - - /run/current-system/sw/bin/" + ]; + + environment.systemPackages = with pkgs; [ git neovim @@ -31,10 +42,12 @@ services.k3s = { enable = true; + # role = if builtins.elem meta.hostname servers then "server" else "agent"; role = "server"; tokenFile = config.age.secrets.k3s.path; clusterInit = meta.hostname == "premhome-falcon-1"; - serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443"; + serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6444"; + extraFlags = "--disable=servicelb --disable=traefik"; }; networking.firewall.trustedInterfaces = [ "tailscale0" ];