nixos: invert common dependency
This commit is contained in:
parent
9cde99ce16
commit
91c59b132e
20
flake.nix
20
flake.nix
|
@ -17,10 +17,12 @@
|
||||||
mkSystem = { host, lxc ? true }:
|
mkSystem = { host, lxc ? true }:
|
||||||
nixpkgs.lib.nixosSystem {
|
nixpkgs.lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common.nix ] ++ (if lxc then
|
modules = [ ./nixos/hosts/${host}/configuration.nix ./nixos/common ]
|
||||||
[ "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix" ]
|
++ (if lxc then [
|
||||||
else
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||||
[ ]);
|
./nixos/common/generic-lxc.nix
|
||||||
|
] else
|
||||||
|
[ ./nixos/common/generic-vm.nix ]);
|
||||||
specialArgs.inputs = inputs;
|
specialArgs.inputs = inputs;
|
||||||
};
|
};
|
||||||
mkDeploy = hostname: profile: {
|
mkDeploy = hostname: profile: {
|
||||||
|
@ -33,8 +35,14 @@
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
# VMs
|
# VMs
|
||||||
nixosConfigurations.bastion = mkSystem { host = "bastion"; lxc = false; };
|
nixosConfigurations.bastion = mkSystem {
|
||||||
nixosConfigurations.k3s = mkSystem { host = "k3s"; lxc = false; };
|
host = "bastion";
|
||||||
|
lxc = false;
|
||||||
|
};
|
||||||
|
nixosConfigurations.k3s = mkSystem {
|
||||||
|
host = "k3s";
|
||||||
|
lxc = false;
|
||||||
|
};
|
||||||
|
|
||||||
# LXCs
|
# LXCs
|
||||||
nixosConfigurations.vault = mkSystem { host = "vault"; };
|
nixosConfigurations.vault = mkSystem { host = "vault"; };
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
{ config, inputs, ... }:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
inputs.vault-secrets.nixosModules.vault-secrets
|
|
||||||
];
|
|
||||||
|
|
||||||
vault-secrets = {
|
|
||||||
vaultPrefix = "nixos/${config.networking.hostName}";
|
|
||||||
vaultAddress = "http://10.42.42.6:8200/";
|
|
||||||
approlePrefix = "olympus-${config.networking.hostName}";
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,7 +1,8 @@
|
||||||
{ pkgs, ... }:
|
{ config, inputs, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
inputs.vault-secrets.nixosModules.vault-secrets
|
||||||
# User account definitions
|
# User account definitions
|
||||||
./users
|
./users
|
||||||
./services
|
./services
|
||||||
|
@ -38,4 +39,13 @@
|
||||||
SystemMaxUse=100M
|
SystemMaxUse=100M
|
||||||
MaxFileSec=7day
|
MaxFileSec=7day
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# Enable SSH daemon support.
|
||||||
|
services.openssh.enable = true;
|
||||||
|
|
||||||
|
vault-secrets = {
|
||||||
|
vaultPrefix = "nixos/${config.networking.hostName}";
|
||||||
|
vaultAddress = "http://10.42.42.6:8200/";
|
||||||
|
approlePrefix = "olympus-${config.networking.hostName}";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,4 @@
|
||||||
|
|
||||||
# Supress systemd services that don't work (correctly) on LXC
|
# Supress systemd services that don't work (correctly) on LXC
|
||||||
systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ];
|
systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ];
|
||||||
|
|
||||||
# Enable SSH daemon support.
|
|
||||||
services.openssh.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,10 +5,6 @@
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
networking.interfaces.ens18.useDHCP = lib.mkDefault true;
|
networking.interfaces.ens18.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
|
||||||
services.openssh.enable = true;
|
|
||||||
services.openssh.permitRootLogin = lib.mkDefault "yes";
|
|
||||||
|
|
||||||
# Enable qemu guest agent
|
# Enable qemu guest agent
|
||||||
services.qemuGuest.enable = true;
|
services.qemuGuest.enable = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,9 +17,6 @@ in {
|
||||||
imports = [
|
imports = [
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# Import common config
|
|
||||||
../../common/generic-vm.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the GRUB 2 boot loader.
|
# Use the GRUB 2 boot loader.
|
||||||
|
|
|
@ -6,9 +6,6 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# Import common config
|
|
||||||
../../common/generic-lxc.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "consul";
|
networking.hostName = "consul";
|
||||||
|
|
|
@ -2,9 +2,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# Import common config
|
|
||||||
../../common/generic-vm.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the GRUB 2 boot loader.
|
# Use the GRUB 2 boot loader.
|
||||||
|
|
|
@ -6,9 +6,6 @@
|
||||||
let mosquittoPort = 1883;
|
let mosquittoPort = 1883;
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
# Import common config
|
|
||||||
../../common/generic-lxc.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "mosquitto";
|
networking.hostName = "mosquitto";
|
||||||
|
|
|
@ -14,9 +14,6 @@ let
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
# Import common config
|
|
||||||
../../common/generic-lxc.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "nginx";
|
networking.hostName = "nginx";
|
||||||
|
|
|
@ -6,9 +6,6 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# Import common config
|
|
||||||
../../common/generic-lxc.nix
|
|
||||||
../../common
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "vault";
|
networking.hostName = "vault";
|
||||||
|
|
Loading…
Reference in a new issue