mkDeploy && mkLxcSystem
This commit is contained in:
parent
c0b31b3606
commit
a5a7205980
1 changed files with 36 additions and 92 deletions
128
flake.nix
128
flake.nix
|
@ -1,6 +1,8 @@
|
|||
{
|
||||
description = "Delft Deployment";
|
||||
|
||||
# Based on: https://github.com/serokell/pegasus-infra/blob/master/flake.nix
|
||||
|
||||
inputs = {
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/master";
|
||||
|
@ -8,8 +10,27 @@
|
|||
vault-secrets.url = "github:serokell/vault-secrets";
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }:
|
||||
let system = "x86_64-linux";
|
||||
outputs = { self, nixpkgs, deploy-rs, vault-secrets, serokell-nix, ... }@inputs:
|
||||
let
|
||||
system = "x86_64-linux";
|
||||
mkLxcSystem = host:
|
||||
nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules = [
|
||||
./hosts/${host}/configuration.nix
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
];
|
||||
specialArgs = { inputs = inputs; };
|
||||
};
|
||||
|
||||
mkDeploy = hostname: profile: {
|
||||
hostname = hostname;
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.${profile};
|
||||
};
|
||||
};
|
||||
in {
|
||||
nixosConfigurations.bastion = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
|
@ -21,98 +42,21 @@
|
|||
modules = [ ./hosts/k3s/configuration.nix ];
|
||||
};
|
||||
|
||||
nixosConfigurations.vault = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/vault/configuration.nix
|
||||
];
|
||||
};
|
||||
# LXC Containers
|
||||
nixosConfigurations.vault = mkLxcSystem "vault";
|
||||
nixosConfigurations.mosquitto = mkLxcSystem "mosquitto";
|
||||
nixosConfigurations.nginx = mkLxcSystem "nginx";
|
||||
nixosConfigurations.consul = mkLxcSystem "consul";
|
||||
|
||||
nixosConfigurations.mosquitto = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/mosquitto/configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
nixosConfigurations.nginx = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/nginx/configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
nixosConfigurations.consul = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/consul/configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
deploy.nodes.bastion = {
|
||||
hostname = "10.42.42.4";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.bastion;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.k3s-node1 = {
|
||||
hostname = "10.42.42.10";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.k3s;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.vault = {
|
||||
hostname = "10.42.42.6";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.vault;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.mosquitto = {
|
||||
hostname = "10.42.42.7";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.mosquitto;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.nginx = {
|
||||
hostname = "10.42.42.9";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.nginx;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.consul = {
|
||||
hostname = "10.42.42.14";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.consul;
|
||||
};
|
||||
};
|
||||
# Deploys
|
||||
deploy.nodes.bastion = mkDeploy "10.42.42.4" "bastion";
|
||||
deploy.nodes.k3s-node1 = mkDeploy "10.42.42.10" "k3s";
|
||||
deploy.nodes.vault = mkDeploy "10.42.42.6" "vault";
|
||||
deploy.nodes.mosquitto = mkDeploy "10.42.42.7" "mosquitto";
|
||||
deploy.nodes.nginx = mkDeploy "10.42.42.9" "nginx";
|
||||
deploy.nodes.consul = mkDeploy "10.42.42.14" "consul";
|
||||
|
||||
# Use by running `nix develop`
|
||||
devShell.${system} = let
|
||||
pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system}
|
||||
[ vault-secrets.overlay ];
|
||||
|
|
Loading…
Reference in a new issue