2021-10-13 16:49:41 +02:00
|
|
|
{
|
|
|
|
description = "Delft Deployment";
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
inputs = {
|
|
|
|
deploy-rs.url = "github:serokell/deploy-rs";
|
|
|
|
nixpkgs.url = "github:NixOS/nixpkgs/master";
|
|
|
|
serokell-nix.url = "github:serokell/serokell.nix";
|
|
|
|
vault-secrets.url = "github:serokell/vault-secrets";
|
|
|
|
};
|
2021-10-13 16:49:41 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }:
|
|
|
|
let system = "x86_64-linux";
|
|
|
|
in {
|
|
|
|
nixosConfigurations.bastion = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [ ./hosts/bastion/configuration.nix ];
|
|
|
|
};
|
2021-10-13 16:49:41 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
nixosConfigurations.k3s = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [ ./hosts/k3s/configuration.nix ];
|
|
|
|
};
|
2021-10-17 21:02:20 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
nixosConfigurations.vault = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [
|
|
|
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
|
|
|
./hosts/vault/configuration.nix
|
|
|
|
];
|
|
|
|
};
|
2021-10-17 12:38:16 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [
|
|
|
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
|
|
|
./hosts/mosquitto/configuration.nix
|
|
|
|
];
|
|
|
|
};
|
2021-10-18 18:54:07 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
nixosConfigurations.nginx = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [
|
|
|
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
|
|
|
./hosts/nginx/configuration.nix
|
|
|
|
];
|
|
|
|
};
|
2021-10-18 23:26:26 +02:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
nixosConfigurations.consul = nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
modules = [
|
|
|
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
|
|
|
./hosts/consul/configuration.nix
|
|
|
|
];
|
|
|
|
};
|
2021-11-03 22:55:03 +01:00
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.bastion = {
|
|
|
|
hostname = "10.42.42.4";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.bastion;
|
|
|
|
};
|
2021-10-13 16:49:41 +02:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.k3s-node1 = {
|
|
|
|
hostname = "10.42.42.10";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.k3s;
|
|
|
|
};
|
2021-10-17 21:02:20 +02:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.vault = {
|
|
|
|
hostname = "10.42.42.6";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.vault;
|
|
|
|
};
|
2021-10-17 12:38:16 +02:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.mosquitto = {
|
|
|
|
hostname = "10.42.42.7";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.mosquitto;
|
|
|
|
};
|
2021-10-18 18:54:07 +02:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.nginx = {
|
|
|
|
hostname = "10.42.42.9";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.nginx;
|
|
|
|
};
|
2021-10-18 23:26:26 +02:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
deploy.nodes.consul = {
|
|
|
|
hostname = "10.42.42.14";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
|
|
|
self.nixosConfigurations.consul;
|
|
|
|
};
|
2021-11-03 22:55:03 +01:00
|
|
|
};
|
|
|
|
|
2021-11-16 16:28:55 +01:00
|
|
|
devShell.${system} = let
|
|
|
|
pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system}
|
|
|
|
[ vault-secrets.overlay ];
|
|
|
|
in pkgs.mkShell {
|
|
|
|
buildInputs = [
|
|
|
|
deploy-rs.packages.${system}.deploy-rs
|
|
|
|
pkgs.vault
|
|
|
|
(pkgs.vault-push-approle-envs self)
|
|
|
|
(pkgs.vault-push-approles self)
|
|
|
|
pkgs.nixUnstable
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
checks = builtins.mapAttrs
|
|
|
|
(system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
|
|
|
};
|
2021-10-13 16:49:41 +02:00
|
|
|
}
|