yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

feat: add longhorn config

Browse Source
This commit is contained in:
Yadunand Prem
2024-08-22 18:03:40 -04:00
parent 3923255ddc
commit ef9db173d3
4 changed files with 32 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
nixos/secrets/k3s.age
View File

@@ -1,13 +1,17 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 heGc5Q H+5MEqJKeZqW4+B8dMcr2DhzG4RcmQOsCM31RcQGmAk -> ssh-ed25519 BmGTzw KHQML0NZFWCGQ8KUycotaXb1Q80nabl6lI5eBMW61CY
q/zN7Gg7+Z3otal7i2nUvLbUD7Axm2E6OxzabAb6220 n3LwVM8pdrBS0Ni4a+V2IDc0ab3vvTGwKlWJqzb+UAc
-> ssh-ed25519 GOpnMA SP3cVUguh6OfZoDajtona8YDEiz+FwI1dL9GBDFeJQM -> ssh-ed25519 h40/IQ mFfezyPE2Z7d2rlIHCnbO0ZxCt3UEswBgqTmMnhKaAg
HPvo7LaF/NVCj2CVfbkrfKtPxiuLc4R+hCevl+7ZXuU AKOJHyl+gcdYS+ejP9NVorlftlBVidYGLPeorjV9idE
-> ssh-ed25519 rhEK5w aPsjweWZQJoQHMiMLWr+/FPulXMf7bOrvPJtfCcbrQ0 -> ssh-ed25519 heGc5Q 7oj8IGtuiiIk09M5h31JxpNXMxRj8juo1LY/S0ebI1s
J+KeNPyvTEMGyJhJDArrIXZidVCE4R3ENtqId0Zfkb0 lCzna0+UP+xsIVXeZ2IrJnI5Yi7lX0/2UW9IDpcV2BU
-> ssh-ed25519 Gc/MTQ ScCqNxXM4UU1c952pAJihAwxKXd3xM6VMY7ZdrBBYic -> ssh-ed25519 GOpnMA Zslzb/cwH7WKhN6hyzkNxc0OF8RY3oqKyVBM3EXDOgk
3ULRJhb3kXaEIaPOjntmrpQ84FRlhmDpuYC4Qeu1+UY Ksm5FhiYsSMHJnnoLufEYDvbhtzXmpUWtba8y4jq+Mk
-> ssh-ed25519 0ckKSg NEkLQhW3gtugJ1b9T18pX8qEYPSyIV7zLiY8kld4Rg4 -> ssh-ed25519 rhEK5w Tdqc6h3dK3KlRDuZl8n9zaSGHqEQYmlACi+BpDghAWw
nASvLjshfd05eqjhvzDNOPG1X1KM1qNlLwO4tX/qx7g Zwj1FXz1cu11zdQ3+kpxp+Jqix+ITKtY//hGVN4ExrY
--- pn+E9xI1xOTakwLwoMGrwxXy8LKkvKBu4i8nTdnYMiU -> ssh-ed25519 Gc/MTQ /bFhvTYCzfEtxh3aesWjgCfMX5PU1BZfnhK7DwGwyXw
<EFBFBD>2(V6;?<0E>܋<EFBFBD>ʗ<EFBFBD>ʗ[<5B>(<28>ΰ<EFBFBD><03><07>Q<EFBFBD>GiOP<4F><50><EFBFBD>v]ݕq$)<29>7<><37> mJDsAnWyfS2koiYRaotrt5cqni1D7qD/+KiEPytflww
-> ssh-ed25519 0ckKSg njJnd8uxtYFYqrcaCHyKJtqx/MxE2g7hee7opWq81Dk
Tkaf7gsDTp+ReXio0koMIZaUAl5HLZttnAmuBAJhEv0
--- omdtkMg9qmbzDTpvKINuqQ9/QMUWdAiYtL07yjzPVN8
#E<>i<EFBFBD><11>Փ7<1E>WR\P<>,T<><54><EFBFBD><EFBFBD>`1<>8<EFBFBD>U <0C>=<3D>A;<3B><<3C><1B><0F><>

2
nixos/secrets/keys.nix
View File

@@ -4,4 +4,6 @@ yadunut-mbp = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlXV+TevruoYChk2XbqG5+yqEklR
premhome-falcon-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAYkZ5zY1JXdgptr73l6wOw7V6CguR+W656LahD6vPAm yadunut@premhome-falcon-1"; premhome-falcon-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAYkZ5zY1JXdgptr73l6wOw7V6CguR+W656LahD6vPAm yadunut@premhome-falcon-1";
premhome-falcon-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGeUv8uVQG2V2IbDYyE539czes1T2KpdI0yH3dQvhKat yadunut@premhome-falcon-2"; premhome-falcon-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGeUv8uVQG2V2IbDYyE539czes1T2KpdI0yH3dQvhKat yadunut@premhome-falcon-2";
premhome-falcon-3 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3cKE6+Z5rk2c9VRYVXTnV7Q2bO926S2SiSrkDa4JJR yadunut@premhome-falcon-3"; premhome-falcon-3 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3cKE6+Z5rk2c9VRYVXTnV7Q2bO926S2SiSrkDa4JJR yadunut@premhome-falcon-3";
premhome-eagle-1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb866ggFLW+MptS7yBzENIplQJGFEXeGn/dJ5pTSPO5 yadunut@premhome-eagle-1";
premhome-eagle-2 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEF9SwC9wrfbYx+lyMD3H3544QXcWnhzW6cwbyQ6E/jD yadunut@premhome-eagle-2";
} # DO NOT ADD ANY NEW LINES AFTER THIS. IT WILL BREAK THE ".#setup-vm" flake } # DO NOT ADD ANY NEW LINES AFTER THIS. IT WILL BREAK THE ".#setup-vm" flake

BIN
nixos/secrets/tailscale.age
View File

Binary file not shown.

15
nixos/server/configuration.nix
View File

@@ -19,10 +19,21 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.cleanOnBoot = true;
services.openssh.enable = true; services.openssh.enable = true;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
# For longhorn
services.openiscsi = {
enable = true;
name = "iqn.2016-04.com.open-iscsi:${meta.hostname}";
};
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git git
neovim neovim
@@ -31,10 +42,12 @@
services.k3s = { services.k3s = {
enable = true; enable = true;
# role = if builtins.elem meta.hostname servers then "server" else "agent";
role = "server"; role = "server";
tokenFile = config.age.secrets.k3s.path; tokenFile = config.age.secrets.k3s.path;
clusterInit = meta.hostname == "premhome-falcon-1"; clusterInit = meta.hostname == "premhome-falcon-1";
serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6443"; serverAddr = if meta.hostname == "premhome-falcon-1" then "" else "https://premhome-falcon-1:6444";
extraFlags = "--disable=servicelb --disable=traefik";
}; };
networking.firewall.trustedInterfaces = [ "tailscale0" ]; networking.firewall.trustedInterfaces = [ "tailscale0" ];