Skynet/nixos
6
1
Fork 0
Code Issues 43 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat: basic setup for colmena

Browse source
This commit is contained in:
silver 2023-01-15 17:45:21 +00:00
parent 53aff5987f
commit c5f1bedec4
4 changed files with 21 additions and 148 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
flake.lock
View file

@ -18,42 +18,6 @@
"type": "github" "type": "github"
} }
}, },
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"utils": "utils"
},
"locked": {
"lastModified": 1672327199,
"narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1667395993, "lastModified": 1667395993,
@ -86,22 +50,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1671417167,
"narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1673527292, "lastModified": 1673527292,
"narHash": "sha256-903EpRSDCfUvic7Hsiqwy+h7zlMTLAUbCXkEGGriCfM=", "narHash": "sha256-903EpRSDCfUvic7Hsiqwy+h7zlMTLAUbCXkEGGriCfM=",
@ -119,24 +67,8 @@
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"deploy-rs": "deploy-rs",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_2"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
} }
} }
}, },

87
flake.nix
View file

@ -9,86 +9,27 @@
# utility stuff # utility stuff
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
deploy-rs.url = "github:serokell/deploy-rs";
}; };
outputs = { self, nixpkgs, deploy-rs, ... }: let outputs = { self, nixpkgs, ... }: {
# https://github.com/zhaofengli/colmena
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [];
};
};
# can centralise the config for each machiene here # installed for each machine
machine_config = [ defaults = import ./machines/base.nix;
# each system one line
{
# each machiene must have a name
name = "test01";
# core info about it test01 = import ./machines/test01.nix;
system = "x86_64-linux";
modules = [
./machines/test01.nix
];
# for the deployment test02 = import ./machines/test02.nix;
hostname = "test01.home.brendan.ie";
sshUser = "root";
}
{
# each machiene must have a name
name = "test02";
# core info about it };
system = "x86_64-linux";
modules = [
./machines/test02.nix
];
# for the deployment
hostname = "test02.home.brendan.ie";
sshUser = "root";
}
];
# the best part, nix is functional, so lets have some functions
# map applies this function to every item in an array
create_nixosConfigurations = map (
# converts it into {name_of_machiene = {system = '..'; modules = '..'}}
config: {
# need to extract teh name of the machiene
${config.name} = (
# nixpkgs.lib.nixosSystem is a fucntion that is used to turn a attribute set into the config for a machiene
nixpkgs.lib.nixosSystem {
system = config.system;
modules = config.modules;
}
);
}
);
# this takes the config attributes and turns it into something useful for the nodes
create_nodes = map (
# this is fairly simple, just plug in teh values
config: {
${config.name} = {
hostname = config.hostname;
profiles.system = {
path = deploy-rs.lib."${config.system}".activate.nixos self.nixosConfigurations."${config.name}";
sshUser = config.sshUser;
};
};
}
);
# this merges together an array of atributes into just one set
merge = nixpkgs.lib.lists.foldl (a: b: a // b) {};
in {
# values created using the data and functions above
nixosConfigurations = merge (create_nixosConfigurations machine_config);
deploy.nodes = merge (create_nodes machine_config);
# This is highly advised, and will prevent many possible mistakes
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
}; };
} }

8
machines/test01.nix
View file

@ -2,13 +2,17 @@
{ {
imports = [ imports = [
# base settings for alls ervers
./base.nix
# applications for this particular server # applications for this particular server
../applications/firewall.nix ../applications/firewall.nix
]; ];
deployment = {
targetHost = "test01.home.brendan.ie";
targetPort = 22;
targetUser = "root";
};
# this server is teh firewall # this server is teh firewall
skynet_firewall.enable = true; skynet_firewall.enable = true;

4
machines/test02.nix
View file

@ -2,11 +2,7 @@
{ {
imports = [ imports = [
# base settings for alls ervers
./base.nix
# applications for this particular server
../applications/firewall.nix
]; ];
skynet_firewall.forward = [ skynet_firewall.forward = [