various updates
This commit is contained in:
parent
3d875fd981
commit
b83125f851
117
flake.lock
117
flake.lock
|
@ -271,6 +271,22 @@
|
|||
}
|
||||
},
|
||||
"flake-compat_3": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1668681692,
|
||||
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_4": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1627913399,
|
||||
|
@ -433,11 +449,11 @@
|
|||
"utils": "utils_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672780900,
|
||||
"narHash": "sha256-DxuSn6BdkZapIbg76xzYx1KhVPEZeBexMkt1q/sMVPA=",
|
||||
"lastModified": 1673343300,
|
||||
"narHash": "sha256-5Xdj6kpXYMie0MlnGwqK5FaMdsedxvyuakWtyKB3zaQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "54245e1820caabd8a0b53ce4d47e4d0fefe04cd4",
|
||||
"rev": "176e455371a8371586e8a3ff0d56ee9f3ca2324e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -454,11 +470,11 @@
|
|||
"xdph": "xdph"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672757503,
|
||||
"narHash": "sha256-2MKfXQ9f2GUYEt+Yht/Qp5JpkamRu5pqRGX0HVwe13Q=",
|
||||
"lastModified": 1673295979,
|
||||
"narHash": "sha256-8x+awd811HWf3ipRq680WZhaU6UUjCjyJj8PgCEMgoo=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "Hyprland",
|
||||
"rev": "0e3547e0f6b4016aa308292a86c43cd47dd206fd",
|
||||
"rev": "20a1a47e665da336a87caa3036682bd142aa02b8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -468,29 +484,18 @@
|
|||
}
|
||||
},
|
||||
"hyprland-protocols": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1670703428,
|
||||
"narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprland-protocols",
|
||||
"rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da",
|
||||
"type": "github"
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"original": {
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprland-protocols",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hyprland-protocols_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1670703428,
|
||||
"narHash": "sha256-4KUW5SKR0Y9uaYGcYwy53YJ3B/sgiprCL4fRGO+mpOA=",
|
||||
"lastModified": 1671839510,
|
||||
"narHash": "sha256-+PY1qqJfmZzzROgcIY4I7AkCwpnC+qBIYk2eFoA9RWc=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprland-protocols",
|
||||
"rev": "d0d6db8cb5bef6d93ca3ad8fb2124964173396da",
|
||||
"rev": "b8f55e02a328c47ed373133c52483bbfa20a1b75",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -506,11 +511,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672869224,
|
||||
"narHash": "sha256-LqyBdWSQDDuNUdgJGlLOVcXFKaHeWOBfWtTEfqqQxQc=",
|
||||
"lastModified": 1672925969,
|
||||
"narHash": "sha256-d94BZH6gJ6s3GmudyKc4XleARpLnYkxhxa6YMb7yKAw=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "hyprpaper",
|
||||
"rev": "1c19aa2b4f2b9e70dd9a3d2105f396cf094b0e82",
|
||||
"rev": "50852e531987d20c432122fbec7f1f089bc2dc09",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -553,6 +558,7 @@
|
|||
"mailserver": {
|
||||
"inputs": {
|
||||
"blobs": "blobs",
|
||||
"flake-compat": "flake-compat_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
|
@ -560,11 +566,11 @@
|
|||
"utils": "utils_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1671659164,
|
||||
"narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=",
|
||||
"lastModified": 1671738303,
|
||||
"narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=",
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"repo": "nixos-mailserver",
|
||||
"rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd",
|
||||
"rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
|
@ -735,11 +741,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1672644464,
|
||||
"narHash": "sha256-RYlvRMcQNT7FDoDkViijQBHg9g+blsB+U6AvL/gAsPI=",
|
||||
"lastModified": 1673336835,
|
||||
"narHash": "sha256-HMJ/Nt3+0MtgKfPfJSrC3/6yVAPQvZgv/7V9b49dG/c=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "ca29e25c39b8e117d4d76a81f1e229824a9b3a26",
|
||||
"rev": "df029cfefc7494b399966cbb6b4fd692fa294fa3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -751,11 +757,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1671722432,
|
||||
"narHash": "sha256-ojcZUekIQeOZkHHzR81st7qxX99dB1Eaaq6PU5MNeKc=",
|
||||
"lastModified": 1672791794,
|
||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "652e92b8064949a11bc193b90b74cb727f2a1405",
|
||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -800,11 +806,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1672897942,
|
||||
"narHash": "sha256-5RijBVaikhHgBMaoZ3kG6W1QjPKcnHmJGJgY0TfzUIE=",
|
||||
"lastModified": 1673296385,
|
||||
"narHash": "sha256-zlDgiHh0k1GtB8g6wrBzWBDZIBoCNYXfI5+qWE5Rrjk=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6c575c59f986548cc3ecaf870f4d4d4791a175f4",
|
||||
"rev": "92c151047e978f2e6abc809c20fb701b5b2d78b0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -854,11 +860,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672434283,
|
||||
"narHash": "sha256-AltegOzuCjlernfEGWQYmle1yGiDBaky+u35DhJvxqI=",
|
||||
"lastModified": 1673354542,
|
||||
"narHash": "sha256-T6U/1QQ1Pp1Y94SI5DuZCDTSWigQDSV7KV4fRw1/0Fc=",
|
||||
"owner": "pta2002",
|
||||
"repo": "nixvim",
|
||||
"rev": "125ed74a423429e5af6796334b68400c78ac26b7",
|
||||
"rev": "02f28c7b48b7ae6a7304b3d3bc649c25fb26817a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -869,11 +875,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1672908458,
|
||||
"narHash": "sha256-M/sq9vN+O1fFlAEwCS+plJuLmbDy8K3ULh1SSysbDf4=",
|
||||
"lastModified": 1673362655,
|
||||
"narHash": "sha256-pPp/Xzae8sVkzNrZK7nWKQyunelF6aw2AfmzR2lRDzI=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "b25df321856354c521b793ad3b7c30e77e15c93a",
|
||||
"rev": "bf8b8390f15f9bcfbb46b540e17ed5e6eb4ed4ec",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1125,7 +1131,7 @@
|
|||
},
|
||||
"vault-secrets": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-compat": "flake-compat_4",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"nix": "nix",
|
||||
"nixpkgs": [
|
||||
|
@ -1186,11 +1192,11 @@
|
|||
"flake": false,
|
||||
"locked": {
|
||||
"host": "gitlab.freedesktop.org",
|
||||
"lastModified": 1671723353,
|
||||
"narHash": "sha256-G1jiI0SA7eiZusO+iJytErMRNbKbwqJJJGL+sNoBNoQ=",
|
||||
"lastModified": 1671183014,
|
||||
"narHash": "sha256-oMWT5Zbe/3HFINAk38jNVxiZ4PCYvPJj2Jo4iiyBtm0=",
|
||||
"owner": "wlroots",
|
||||
"repo": "wlroots",
|
||||
"rev": "b28a9afd4b0b86e9a66a40f6b44b69f59947b7d6",
|
||||
"rev": "dc7cc98cf21a8dc19ab8895505500e3700646af0",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1202,18 +1208,21 @@
|
|||
},
|
||||
"xdph": {
|
||||
"inputs": {
|
||||
"hyprland-protocols": "hyprland-protocols_2",
|
||||
"hyprland-protocols": [
|
||||
"hyprland",
|
||||
"hyprland-protocols"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"hyprland",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1671837878,
|
||||
"narHash": "sha256-OmFDyktTc/l+3wHboHeFpAQgPt3r7jjqZf8MrwuUGMo=",
|
||||
"lastModified": 1673116118,
|
||||
"narHash": "sha256-eR0yDSkR2XYMesfdRWJs25kAdXET2mbNNHu5t+KUcKA=",
|
||||
"owner": "hyprwm",
|
||||
"repo": "xdg-desktop-portal-hyprland",
|
||||
"rev": "e47f4cec698080768821b271510985ab94a37e91",
|
||||
"rev": "d479c846531fd0e1d2357c9588b8310a2b859ef2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -77,7 +77,9 @@
|
|||
nixHosts = util.filter_nix_hosts flat_hosts;
|
||||
|
||||
# Define args each module gets access to (access to hosts is useful for DNS/DHCP)
|
||||
specialArgs = { inherit hosts flat_hosts inputs; };
|
||||
specialArgs = {
|
||||
inherit hosts flat_hosts inputs;
|
||||
};
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIfooZjMWXvXZu1ReOEACDZ0TMb2WJRBSOLlWE8y6fUh victor@aoife"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBMTCUjDbDjAiEKbKmLPavuYM0wJIBdjgytLsg1uWuGc victor@nord"
|
||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le"
|
||||
];
|
||||
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
# environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 5055 ];
|
||||
|
||||
|
|
9
nixos/hosts/olympus/kubernetes/README.md
Normal file
9
nixos/hosts/olympus/kubernetes/README.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
# Kubernetes NixOS LXC Container
|
||||
|
||||
## Required proxmox config
|
||||
```ini
|
||||
lxc.apparmor.profile: unconfined
|
||||
lxc.cgroup.devices.allow: a
|
||||
lxc.cap.drop:
|
||||
lxc.mount.auto: proc:rw sys:rw
|
||||
```
|
|
@ -2,10 +2,37 @@
|
|||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
{ config, pkgs, hosts, ... }:
|
||||
let
|
||||
kubeMasterIP = config.deployment.targetHost; # TODO: set more reliably
|
||||
kubeMasterHostname =
|
||||
"${config.networking.hostName}.${config.networking.domain}";
|
||||
kubeMasterAPIServerPort = 6443;
|
||||
in {
|
||||
# resolve master hostname always
|
||||
networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
|
||||
|
||||
{
|
||||
imports = [ ];
|
||||
# packages for administration tasks
|
||||
environment.systemPackages = with pkgs; [ kompose kubectl kubernetes k9s ];
|
||||
|
||||
# Kubernetes itself
|
||||
services.kubernetes = {
|
||||
roles = [ "master" "node" ];
|
||||
masterAddress = kubeMasterHostname;
|
||||
apiserverAddress =
|
||||
"https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
|
||||
easyCerts = true;
|
||||
apiserver = {
|
||||
securePort = kubeMasterAPIServerPort;
|
||||
advertiseAddress = kubeMasterIP;
|
||||
};
|
||||
|
||||
# use coredns
|
||||
addons.dns.enable = true;
|
||||
|
||||
# needed if you use swap
|
||||
kubelet.extraOpts = "--fail-swap-on=false";
|
||||
};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
|
@ -15,8 +42,5 @@
|
|||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ ];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
"null" = { type = "local"; };
|
||||
# "null" = { type = "local"; };
|
||||
"aoife" = { type = "local"; };
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue