nixos, terraform: minor updates
This commit is contained in:
parent
db847545b3
commit
6bfb0bbd7d
5 changed files with 11 additions and 10 deletions
|
@ -196,11 +196,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1637509688,
|
||||
"narHash": "sha256-NcKdyLZflWeSrwgavNGIG7LcP6XBcYGne04HIzWP1D4=",
|
||||
"lastModified": 1637605846,
|
||||
"narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "53edfe1d1c51c38e2adc4d8eb37a7a2657e3fe01",
|
||||
"rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
"${profile}" = lib.nixosSystem {
|
||||
inherit system;
|
||||
modules =
|
||||
[ ./nixos/common ./nixos/hosts/${profile}/configuration.nix ]
|
||||
[ ./nixos/common "${./.}/nixos/hosts/${profile}/configuration.nix" ]
|
||||
++ (if lxc then [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./nixos/common/generic-lxc.nix
|
||||
|
@ -54,7 +54,7 @@
|
|||
pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ];
|
||||
|
||||
deployChecks = mapAttrs (_: lib: lib.deployChecks self.deploy) deploy-rs.lib;
|
||||
checks = {};
|
||||
checks = { };
|
||||
in {
|
||||
# Make the config and deploy sets
|
||||
nixosConfigurations = lib.foldr (el: acc: acc // mkConfig el) { } nixHosts;
|
||||
|
@ -84,8 +84,8 @@
|
|||
nixfmt
|
||||
nixUnstable
|
||||
vault
|
||||
(vault-push-approle-envs self { })
|
||||
(vault-push-approles self { })
|
||||
(vault-push-approle-envs self { })
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -20,8 +20,8 @@
|
|||
{
|
||||
hostname = "bastion";
|
||||
ip = "10.42.42.4";
|
||||
mac = "82:F0:7C:CB:BD:6D";
|
||||
ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d";
|
||||
mac = "82:F0:7C:CB:BD:6D";
|
||||
lxc = false;
|
||||
}
|
||||
{
|
||||
|
@ -85,6 +85,7 @@
|
|||
{
|
||||
hostname = "nuc";
|
||||
ip = "10.42.42.42";
|
||||
ip6 = "2001:41f0:9639:1::42";
|
||||
mac = "1C:69:7A:62:30:88";
|
||||
nix = false;
|
||||
}
|
||||
|
|
|
@ -52,7 +52,7 @@
|
|||
};
|
||||
|
||||
vault-secrets = {
|
||||
vaultPrefix = "nixos";
|
||||
vaultPrefix = "secrets/nixos";
|
||||
vaultAddress = "http://vault.olympus:8200/";
|
||||
approlePrefix = "olympus-${config.networking.hostName}";
|
||||
};
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
provider "vault" {
|
||||
address = "http://10.42.42.6:8200"
|
||||
address = "http://vault:8200"
|
||||
skip_tls_verify = true
|
||||
}
|
||||
|
||||
# Proxmox authentication for terraform
|
||||
data "vault_generic_secret" "proxmox_auth" {
|
||||
path = "secrets/proxmox/terraform_auth"
|
||||
path = "secrets/terraform/proxmox_credentials"
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue