add lxc template generator
This commit is contained in:
parent
78370fb23b
commit
919ab390de
20
.github/workflows/nixos.yml
vendored
20
.github/workflows/nixos.yml
vendored
|
@ -51,11 +51,23 @@ jobs:
|
|||
- name: "Build NixOS ISO ❄️"
|
||||
run: |
|
||||
nix build '.#iso'
|
||||
- uses: actions/upload-artifact@v3
|
||||
build-lxc:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2.3.2
|
||||
|
||||
- name: "Install Nix ❄️"
|
||||
uses: cachix/install-nix-action@v15
|
||||
|
||||
- name: "Install Cachix ❄️"
|
||||
uses: cachix/cachix-action@v10
|
||||
with:
|
||||
name: nixos-iso
|
||||
retention-days: 3
|
||||
path: result/iso/*.iso
|
||||
name: 0x76-infra
|
||||
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
|
||||
|
||||
- name: "Build NixOS Proxmox LXC ❄️"
|
||||
run: |
|
||||
nix build '.#proxmox-lxc'
|
||||
build-olympus:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
|
55
flake.nix
55
flake.nix
|
@ -44,19 +44,9 @@
|
|||
};
|
||||
};
|
||||
|
||||
outputs =
|
||||
{ self
|
||||
, nixpkgs
|
||||
, vault-secrets
|
||||
, serokell-nix
|
||||
, minecraft-servers
|
||||
, colmena
|
||||
, home-manager
|
||||
, hyprpaper
|
||||
, hyprland
|
||||
, nixos-generators
|
||||
, ...
|
||||
} @ inputs:
|
||||
outputs = { self, nixpkgs, vault-secrets, serokell-nix, minecraft-servers
|
||||
, colmena, home-manager, hyprpaper, hyprland, nixos-generators, ...
|
||||
}@inputs:
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
inherit (builtins) mapAttrs;
|
||||
|
@ -84,37 +74,46 @@
|
|||
# Script to apply local colmena deployments
|
||||
apply-local = pkgs.writeScriptBin "apply-local" ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
"${colmena.packages.${system}.colmena}"/bin/colmena apply-local --sudo $@
|
||||
"${
|
||||
colmena.packages.${system}.colmena
|
||||
}"/bin/colmena apply-local --sudo $@
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
# Make the nixosConfigurations for compat reasons
|
||||
nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") {
|
||||
nixosConfigurations =
|
||||
(import (inputs.colmena + "/src/nix/hive/eval.nix") {
|
||||
rawFlake = self;
|
||||
colmenaOptions = import (inputs.colmena + "/src/nix/hive/options.nix");
|
||||
colmenaModules = import (inputs.colmena + "/src/nix/hive/modules.nix");
|
||||
colmenaOptions =
|
||||
import (inputs.colmena + "/src/nix/hive/options.nix");
|
||||
colmenaModules =
|
||||
import (inputs.colmena + "/src/nix/hive/modules.nix");
|
||||
}).nodes;
|
||||
|
||||
|
||||
# Make the colmena configuration
|
||||
colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el)
|
||||
{
|
||||
colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el) {
|
||||
meta = {
|
||||
inherit specialArgs;
|
||||
nixpkgs = pkgs;
|
||||
};
|
||||
}
|
||||
nixHosts;
|
||||
} nixHosts;
|
||||
|
||||
packages.${system} = {
|
||||
inherit apply-local;
|
||||
|
||||
default = colmena.packages.${system}.colmena;
|
||||
apply-local = apply-local;
|
||||
|
||||
iso = nixos-generators.nixosGenerate {
|
||||
inherit system pkgs;
|
||||
format = "iso";
|
||||
modules = [ (import ./nixos/iso.nix) ];
|
||||
};
|
||||
|
||||
proxmox-lxc = nixos-generators.nixosGenerate {
|
||||
inherit system pkgs;
|
||||
format = "proxmox-lxc";
|
||||
modules = [
|
||||
(import ./nixos/iso.nix)
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
(import ./nixos/lxc-template.nix)
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -134,8 +133,8 @@
|
|||
nixfmt
|
||||
nixUnstable
|
||||
vault
|
||||
(vault-push-approle-envs self {})
|
||||
(vault-push-approles self {})
|
||||
(vault-push-approle-envs self { })
|
||||
(vault-push-approles self { })
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ lib, ... }: {
|
||||
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
|
|
17
nixos/lxc-template.nix
Normal file
17
nixos/lxc-template.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{ config, pkgs, lib, ... }: {
|
||||
# Can't import common completely due to infinite recursion
|
||||
imports = [ ./common/users ./common/generic-lxc.nix ];
|
||||
|
||||
# Enable SSH
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
passwordAuthentication = false;
|
||||
permitRootLogin = "yes";
|
||||
};
|
||||
|
||||
time.timeZone = lib.mkDefault "Europe/Amsterdam";
|
||||
|
||||
networking.interfaces.eth0.useDHCP = true;
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
}
|
|
@ -1,7 +1,6 @@
|
|||
{ nixpkgs, home-manager, hyprland, mailserver, ... }:
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
inherit (builtins) filter mapAttrs attrValues concatLists;
|
||||
inherit (builtins) filter attrValues concatLists;
|
||||
|
||||
# Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
|
||||
resolve_imports =
|
||||
|
|
Loading…
Reference in a new issue