colmena + multi location #64
1 changed files with 25 additions and 34 deletions
55
flake.nix
55
flake.nix
|
@ -28,38 +28,32 @@
|
||||||
inherit (builtins) filter mapAttrs;
|
inherit (builtins) filter mapAttrs;
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
hosts = import ./hosts.nix;
|
hosts = import ./hosts.nix;
|
||||||
|
|
||||||
# TODO: consolidate with mkColmenaHost
|
|
||||||
# Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM.
|
|
||||||
mkConfig = { hostname, profile ? hostname, lxc ? true, ... }: {
|
|
||||||
"${profile}" = lib.nixosSystem {
|
|
||||||
inherit system;
|
|
||||||
modules = [
|
|
||||||
./nixos/common
|
|
||||||
"${./.}/nixos/hosts/${profile}/configuration.nix"
|
|
||||||
] ++ (if lxc then [
|
|
||||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
|
||||||
./nixos/common/generic-lxc.nix
|
|
||||||
] else
|
|
||||||
[ ./nixos/common/generic-vm.nix ]);
|
|
||||||
specialArgs = { inherit hosts inputs; };
|
specialArgs = { inherit hosts inputs; };
|
||||||
};
|
# Filter all nixos host definitions that are actual nix machines
|
||||||
};
|
|
||||||
|
|
||||||
# Import all nixos host definitions that are actual nix machines
|
|
||||||
nixHosts = filter ({ nix ? true, ... }: nix) hosts;
|
nixHosts = filter ({ nix ? true, ... }: nix) hosts;
|
||||||
|
|
||||||
mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }: {
|
resolveImports = { hostname, profile ? hostname, lxc ? true, ... }: [
|
||||||
"${hostname}" = {
|
|
||||||
imports = [
|
|
||||||
vault-secrets.nixosModules.vault-secrets
|
vault-secrets.nixosModules.vault-secrets
|
||||||
./nixos/common
|
./nixos/common
|
||||||
"${./.}/nixos/hosts/${profile}/configuration.nix"
|
"${./.}/nixos/hosts/${profile}/configuration.nix"
|
||||||
] ++ (if lxc then [
|
] ++ (if lxc then [
|
||||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||||
./nixos/common/generic-lxc.nix
|
./nixos/common/generic-lxc.nix
|
||||||
] else [ ./nixos/common/generic-vm.nix ]);
|
]
|
||||||
|
else [ ./nixos/common/generic-vm.nix ]);
|
||||||
|
|
||||||
|
# Create a nixosConfiguration based on a foldername (nixname) and if the host is an LXC container or a VM.
|
||||||
|
mkConfig = { hostname, profile ? hostname, lxc ? true, ... }@host: {
|
||||||
|
"${profile}" = lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
inherit specialArgs;
|
||||||
|
modules = resolveImports host;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
mkColmenaHost = { ip, hostname, profile ? hostname, lxc ? true, ... }@host: {
|
||||||
|
"${hostname}" = {
|
||||||
|
imports = resolveImports host;
|
||||||
deployment = {
|
deployment = {
|
||||||
targetHost = ip;
|
targetHost = ip;
|
||||||
targetUser = null; # Defaults to $USER
|
targetUser = null; # Defaults to $USER
|
||||||
|
@ -67,8 +61,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
pkgs = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ];
|
legacyPackages = serokell-nix.lib.pkgsWith nixpkgs.legacyPackages.${system} [ vault-secrets.overlay ];
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# Make the config and deploy sets
|
# Make the config and deploy sets
|
||||||
|
@ -78,16 +71,14 @@
|
||||||
{
|
{
|
||||||
meta = {
|
meta = {
|
||||||
nixpkgs = import nixpkgs {
|
nixpkgs = import nixpkgs {
|
||||||
system = "x86_64-linux";
|
inherit system;
|
||||||
overlays = [
|
overlays = [
|
||||||
(import ./nixos/pkgs)
|
(import ./nixos/pkgs)
|
||||||
vault-secrets.overlay
|
vault-secrets.overlay
|
||||||
minecraft-servers.overlays.default
|
minecraft-servers.overlays.default
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
specialArgs = {
|
inherit specialArgs;
|
||||||
inherit hosts;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
nixHosts;
|
nixHosts;
|
||||||
|
@ -95,21 +86,21 @@
|
||||||
apps.${system} = rec {
|
apps.${system} = rec {
|
||||||
vault-push-approles = {
|
vault-push-approles = {
|
||||||
type = "app";
|
type = "app";
|
||||||
program = "${pkgs.vault-push-approles self}/bin/vault-push-approles";
|
program = "${legacyPackages.vault-push-approles self}/bin/vault-push-approles";
|
||||||
};
|
};
|
||||||
vault-push-approle-envs = {
|
vault-push-approle-envs = {
|
||||||
type = "app";
|
type = "app";
|
||||||
program =
|
program =
|
||||||
"${pkgs.vault-push-approle-envs self}/bin/vault-push-approle-envs";
|
"${legacyPackages.vault-push-approle-envs self}/bin/vault-push-approle-envs";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Use by running `nix develop`
|
# Use by running `nix develop`
|
||||||
devShells.${system}.default = pkgs.mkShell {
|
devShells.${system}.default = legacyPackages.mkShell {
|
||||||
VAULT_ADDR = "http://vault.olympus:8200/";
|
VAULT_ADDR = "http://vault.olympus:8200/";
|
||||||
# This only support bash so just execute zsh in bash as a workaround :/
|
# This only support bash so just execute zsh in bash as a workaround :/
|
||||||
shellHook = "zsh; exit $?";
|
shellHook = "zsh; exit $?";
|
||||||
buildInputs = with pkgs; [
|
buildInputs = with legacyPackages; [
|
||||||
colmena
|
colmena
|
||||||
fluxcd
|
fluxcd
|
||||||
k9s
|
k9s
|
||||||
|
|
Loading…
Reference in a new issue