updates and migrations
This commit is contained in:
parent
4da2b4f0c4
commit
f379f5bccb
7 changed files with 1363 additions and 27 deletions
1266
flake.lock
Normal file
1266
flake.lock
Normal file
File diff suppressed because it is too large
Load diff
|
@ -123,13 +123,15 @@
|
||||||
proxmox-lxc = nixos-generators.nixosGenerate {
|
proxmox-lxc = nixos-generators.nixosGenerate {
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
format = "proxmox-lxc";
|
format = "proxmox-lxc";
|
||||||
modules = [ (import ./nixos/templates/proxmox-lxc.nix) ];
|
modules = (util.base_imports)
|
||||||
|
++ [ (import ./nixos/templates/proxmox-lxc.nix) ];
|
||||||
};
|
};
|
||||||
|
|
||||||
proxmox-vm = nixos-generators.nixosGenerate {
|
proxmox-vm = nixos-generators.nixosGenerate {
|
||||||
inherit system pkgs;
|
inherit system pkgs;
|
||||||
format = "proxmox";
|
format = "proxmox";
|
||||||
modules = [ (import ./nixos/templates/proxmox-vm.nix) ];
|
modules = (util.base_imports)
|
||||||
|
++ [ (import ./nixos/templates/proxmox-vm.nix) ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ pkgs, ... }: {
|
{ pkgs, lib, ... }: {
|
||||||
# Bootloader.
|
# Bootloader.
|
||||||
boot = {
|
boot = {
|
||||||
kernelPackages = pkgs.linuxPackages_latest;
|
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||||
loader = {
|
loader = {
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
|
|
|
@ -6,6 +6,11 @@ let
|
||||||
hostName = hostname;
|
hostName = hostname;
|
||||||
ipAddress = ip;
|
ipAddress = ip;
|
||||||
};
|
};
|
||||||
|
hostToKea = {hostname, mac, ip, ...}: {
|
||||||
|
inherit hostname;
|
||||||
|
hw-address = mac;
|
||||||
|
ip-address = ip;
|
||||||
|
};
|
||||||
localDomain = config.networking.domain;
|
localDomain = config.networking.domain;
|
||||||
hosts =
|
hosts =
|
||||||
filter (h: hasAttr "ip" h && hasAttr "mac" h && h.realm == localDomain)
|
filter (h: hasAttr "ip" h && hasAttr "mac" h && h.realm == localDomain)
|
||||||
|
@ -51,4 +56,73 @@ in {
|
||||||
'';
|
'';
|
||||||
machines = map hostToDhcp hosts;
|
machines = map hostToDhcp hosts;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.kea = {
|
||||||
|
dhcp4 = {
|
||||||
|
enable = false;
|
||||||
|
settings = {
|
||||||
|
authoritative = true;
|
||||||
|
valid-lifetime = 4000;
|
||||||
|
rebind-timer = 2000;
|
||||||
|
renew-timer = 1000;
|
||||||
|
|
||||||
|
interfaces-config.interfaces = [ "eth0" ];
|
||||||
|
|
||||||
|
lease-database = {
|
||||||
|
name = "/var/lib/kea/dhcp4.leases";
|
||||||
|
persist = true;
|
||||||
|
type = "memfile";
|
||||||
|
};
|
||||||
|
|
||||||
|
option-data = [
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "subnet-mask";
|
||||||
|
code = 1;
|
||||||
|
data = "255.255.254.0";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "broadcast-address";
|
||||||
|
code = 28;
|
||||||
|
data = "10.42.43.255";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "routers";
|
||||||
|
code = 3;
|
||||||
|
data = "10.42.42.1";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "domain-name-servers";
|
||||||
|
code = 6;
|
||||||
|
data = "10.42.42.15; 10.42.42.16";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "domain-name";
|
||||||
|
code = 15;
|
||||||
|
data = "${localDomain}";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
space = "dhcp4";
|
||||||
|
name = "domain-search";
|
||||||
|
code = 119;
|
||||||
|
data = "${localDomain}";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
subnet4 = [{
|
||||||
|
id = 1;
|
||||||
|
pools = [{ pool = "10.42.43.1 - 10.42.43.254"; }];
|
||||||
|
subnet = "10.42.42.0/23";
|
||||||
|
}];
|
||||||
|
|
||||||
|
host-reservation-identifiers = [ "hw-address" ];
|
||||||
|
reservation-mode = "global";
|
||||||
|
reservations = map hostToKea hosts;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,7 +22,7 @@ in
|
||||||
|
|
||||||
environment.noXlibs = lib.mkForce false;
|
environment.noXlibs = lib.mkForce false;
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ config.services.gitea.httpPort ];
|
networking.firewall.allowedTCPPorts = [ config.services.gitea.settings.server.HTTP_PORT ];
|
||||||
|
|
||||||
services.openssh.startWhenNeeded = false;
|
services.openssh.startWhenNeeded = false;
|
||||||
|
|
||||||
|
@ -47,9 +47,7 @@ in
|
||||||
|
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
domain = "git.0x76.dev";
|
|
||||||
package = pkgs.forgejo;
|
package = pkgs.forgejo;
|
||||||
rootUrl = "https://git.0x76.dev";
|
|
||||||
lfs.enable = true;
|
lfs.enable = true;
|
||||||
dump.type = "tar.gz";
|
dump.type = "tar.gz";
|
||||||
database.type = "postgres";
|
database.type = "postgres";
|
||||||
|
@ -80,8 +78,10 @@ in
|
||||||
"USE_SERVICE_WORKER" = true;
|
"USE_SERVICE_WORKER" = true;
|
||||||
};
|
};
|
||||||
server = {
|
server = {
|
||||||
"LANDING_PAGE" = "explore";
|
LANDING_PAGE = "explore";
|
||||||
"SSH_PORT" = 42;
|
SSH_PORT = 42;
|
||||||
|
DOMAIN = "git.0x76.dev";
|
||||||
|
ROOT_URL = "https://git.0x76.dev";
|
||||||
};
|
};
|
||||||
session = {
|
session = {
|
||||||
"PROVIDER" = "db";
|
"PROVIDER" = "db";
|
||||||
|
|
|
@ -12,16 +12,8 @@
|
||||||
# Bootloader.
|
# Bootloader.
|
||||||
boot = {
|
boot = {
|
||||||
kernelPackages = pkgs.linuxPackages_latest;
|
kernelPackages = pkgs.linuxPackages_latest;
|
||||||
loader = {
|
|
||||||
systemd-boot.enable = true;
|
|
||||||
efi.canTouchEfiVariables = true;
|
|
||||||
efi.efiSysMountPoint = "/boot/efi";
|
|
||||||
};
|
|
||||||
kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; };
|
|
||||||
initrd = {
|
initrd = {
|
||||||
kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
|
kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
|
||||||
systemd.enable = true;
|
|
||||||
verbose = false;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -2,9 +2,11 @@
|
||||||
let
|
let
|
||||||
inherit (builtins) filter attrValues concatMap mapAttrs;
|
inherit (builtins) filter attrValues concatMap mapAttrs;
|
||||||
inherit (nixpkgs.lib.attrsets) mapAttrsToList;
|
inherit (nixpkgs.lib.attrsets) mapAttrsToList;
|
||||||
# Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
|
base_imports = [
|
||||||
resolve_imports = let
|
home-manager.nixosModules.home-manager
|
||||||
# lookup table
|
mailserver.nixosModules.mailserver
|
||||||
|
];
|
||||||
|
type_import = let
|
||||||
import_cases = {
|
import_cases = {
|
||||||
"lxc" = [
|
"lxc" = [
|
||||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||||
|
@ -13,14 +15,14 @@ let
|
||||||
"vm" = [ ./common/generic-vm.nix ];
|
"vm" = [ ./common/generic-vm.nix ];
|
||||||
"local" = [ ];
|
"local" = [ ];
|
||||||
};
|
};
|
||||||
in { hostname, realm, profile ? hostname, type ? "lxc", ... }:
|
in type: import_cases.${type} ++ base_imports;
|
||||||
[
|
# Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
|
||||||
home-manager.nixosModules.home-manager
|
resolve_imports = { hostname, realm, profile ? hostname, type ? "lxc", ... }:
|
||||||
mailserver.nixosModules.mailserver
|
type_import type
|
||||||
./common
|
++ [ ./common "${./.}/hosts/${realm}/${profile}/configuration.nix" ];
|
||||||
"${./.}/hosts/${realm}/${profile}/configuration.nix"
|
|
||||||
] ++ import_cases.${type};
|
|
||||||
in {
|
in {
|
||||||
|
inherit base_imports type_import resolve_imports;
|
||||||
# Add to whatever realm a host belong to its list of tags
|
# Add to whatever realm a host belong to its list of tags
|
||||||
add_realm_to_tags = mapAttrs (realm:
|
add_realm_to_tags = mapAttrs (realm:
|
||||||
mapAttrs (hostname:
|
mapAttrs (hostname:
|
||||||
|
|
Loading…
Reference in a new issue