simple impl of exposes thingy
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
parent
2c16870d66
commit
fa5bda60be
|
@ -5,5 +5,5 @@ pipeline:
|
|||
- NIX_CONFIG=experimental-features = nix-command flakes
|
||||
commands:
|
||||
- nix run 'nixpkgs#statix' check
|
||||
- nix run 'github:astro/deadnix' -- -f
|
||||
- nix run 'nixpkgs#deadnix' -- -f
|
||||
- nix run 'nixpkgs#yamllint' .
|
||||
|
|
|
@ -46,14 +46,9 @@
|
|||
inherit (nixpkgs) lib;
|
||||
|
||||
util = import ./nixos/util.nix inputs;
|
||||
inherit (util) hosts flat_hosts nixHosts;
|
||||
|
||||
system = "x86_64-linux";
|
||||
# import and add realm to list of tags
|
||||
hosts = util.add_realm_to_tags (import ./nixos/hosts);
|
||||
# flatten hosts to single list
|
||||
flat_hosts = util.flatten_hosts hosts;
|
||||
# Filter out all non-nixos hosts
|
||||
nixHosts = util.filter_nix_hosts flat_hosts;
|
||||
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
|
@ -137,6 +132,7 @@
|
|||
apply-local
|
||||
colmena.packages.${system}.colmena
|
||||
cachix
|
||||
deadnix
|
||||
fluxcd
|
||||
k9s
|
||||
kubectl
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
{ ... }: {
|
||||
imports = [ ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ];
|
||||
imports = [ ./meta.nix ./dns.nix ./flood.nix ./gnome ./unpackerr.nix ./vault.nix ];
|
||||
}
|
||||
|
|
42
nixos/common/modules/meta.nix
Normal file
42
nixos/common/modules/meta.nix
Normal file
|
@ -0,0 +1,42 @@
|
|||
{ lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
exposesOpts = {
|
||||
options = {
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
example = "<name>.example.com";
|
||||
description = ''
|
||||
The domain under which this service should be available
|
||||
'';
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
example = 4242;
|
||||
description = ''
|
||||
The port under which the service runs on the host
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
in {
|
||||
options = {
|
||||
meta.exposes = mkOption {
|
||||
type = with types; attrsOf (submodule exposesOpts);
|
||||
description = ''
|
||||
Exposed services
|
||||
'';
|
||||
};
|
||||
|
||||
meta.ipv4 = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Own IPv4 Address
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
|
||||
};
|
||||
}
|
|
@ -100,6 +100,12 @@
|
|||
"hedgedoc" = {
|
||||
ip = "10.42.42.23";
|
||||
mac = "86:BC:0C:18:BC:9B";
|
||||
exposes = {
|
||||
md = {
|
||||
domain = "md.0x76.dev";
|
||||
port = 3000;
|
||||
};
|
||||
};
|
||||
};
|
||||
"zmeura" = {
|
||||
ip = "10.42.42.24";
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
let
|
||||
db_name = "hedgedoc";
|
||||
db_user = "hedgedoc";
|
||||
inherit (config.meta.exposes.md) port;
|
||||
vs = config.vault-secrets.secrets;
|
||||
in {
|
||||
imports = [ ];
|
||||
|
@ -40,7 +41,7 @@ in {
|
|||
environmentFile = "${vs.hedgedoc}/environment";
|
||||
settings = {
|
||||
host = "0.0.0.0";
|
||||
port = 3000;
|
||||
inherit port;
|
||||
sessionSecret = "$SESSION_SECRET";
|
||||
domain = "md.0x76.dev";
|
||||
protocolUseSSL = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, ... }:
|
||||
{ pkgs, hosts, ... }:
|
||||
let
|
||||
proxy = url: {
|
||||
enableACME = true;
|
||||
|
@ -44,9 +44,11 @@ in {
|
|||
|
||||
package = pkgs.nginxMainline;
|
||||
|
||||
# Templated
|
||||
virtualHosts.${hosts.olympus.hedgedoc.exposes.md.domain} = proxy "http://hedgedoc.olympus:${toString hosts.olympus.hedgedoc.exposes.md.port}/";
|
||||
|
||||
# 0x76.dev
|
||||
virtualHosts."ha.0x76.dev" = proxy "http://home-assistant.olympus:8123/";
|
||||
virtualHosts."md.0x76.dev" = proxy "http://hedgedoc.olympus:3000/";
|
||||
virtualHosts."git.0x76.dev" = proxy "http://gitea.olympus:3000";
|
||||
virtualHosts."o.0x76.dev" = proxy "http://minio.olympus:9000";
|
||||
virtualHosts."grafana.0x76.dev" =
|
||||
|
|
|
@ -4,7 +4,6 @@
|
|||
|
||||
{ inputs, ... }: {
|
||||
imports = [
|
||||
../../../common/desktop
|
||||
./hardware-configuration.nix
|
||||
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z
|
||||
./hardware.nix
|
||||
|
@ -26,6 +25,8 @@
|
|||
# Enable Ozone rendering for Chromium and Electron apps.
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
|
||||
# environment.sessionVariables.INFRA_INFO = self; # hosts.${config.networking.domain}.${config.networking.hostName};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{
|
||||
# "null" = { type = "local"; };
|
||||
"aoife" = { type = "local"; };
|
||||
"aoife" = {
|
||||
type = "local";
|
||||
mac = "04:7b:cb:b6:2d:88";
|
||||
};
|
||||
"eevee" = { type = "local"; };
|
||||
}
|
||||
|
|
|
@ -3,8 +3,7 @@
|
|||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ pkgs, inputs, ... }: {
|
||||
imports =
|
||||
[ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix ];
|
||||
imports = [ ./hardware-configuration.nix ./hardware.nix ];
|
||||
|
||||
# Bootloader.
|
||||
boot = {
|
||||
|
|
|
@ -13,7 +13,7 @@ let
|
|||
./common/generic-lxc.nix
|
||||
];
|
||||
"vm" = [ ./common/generic-vm.nix ];
|
||||
"local" = [ ];
|
||||
"local" = [ ./common/desktop ];
|
||||
};
|
||||
in type: import_cases.${type} ++ base_imports;
|
||||
# Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
|
||||
|
@ -21,8 +21,6 @@ let
|
|||
type_import type
|
||||
++ [ ./common "${./.}/hosts/${realm}/${profile}/configuration.nix" ];
|
||||
|
||||
in {
|
||||
inherit base_imports type_import resolve_imports;
|
||||
# Add to whatever realm a host belong to its list of tags
|
||||
add_realm_to_tags = mapAttrs (realm:
|
||||
mapAttrs (_hostname:
|
||||
|
@ -40,8 +38,10 @@ in {
|
|||
# Filter out all hosts which aren't nixos
|
||||
filter_nix_hosts = filter ({ nix ? true, ... }: nix);
|
||||
|
||||
# outputs
|
||||
|
||||
# Helper function to build a colmena host definition
|
||||
mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host:
|
||||
mkColmenaHost = { ip ? null, exposes ? null, hostname, tags, realm, type ? "lxc", ... }@host:
|
||||
let
|
||||
# this makes local apply work a bit nicer
|
||||
name = if type == "local" then hostname else "${hostname}.${realm}";
|
||||
|
@ -52,6 +52,10 @@ in {
|
|||
hostName = hostname;
|
||||
domain = realm;
|
||||
};
|
||||
meta = {
|
||||
inherit exposes;
|
||||
ipv4 = ip;
|
||||
};
|
||||
deployment = {
|
||||
inherit tags;
|
||||
targetHost = ip;
|
||||
|
@ -60,4 +64,9 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
hosts = add_realm_to_tags (import ./hosts);
|
||||
flat_hosts = flatten_hosts hosts;
|
||||
nixHosts = filter_nix_hosts flat_hosts;
|
||||
in {
|
||||
inherit base_imports mkColmenaHost hosts flat_hosts nixHosts;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue