feat: basic setup for colmena

This commit is contained in:
silver 2023-01-15 17:45:21 +00:00
parent 53aff5987f
commit c5f1bedec4
4 changed files with 21 additions and 148 deletions

View file

@ -18,42 +18,6 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"utils": "utils"
},
"locked": {
"lastModified": 1672327199,
"narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1667395993,
@ -86,22 +50,6 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1671417167,
"narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1673527292,
"narHash": "sha256-903EpRSDCfUvic7Hsiqwy+h7zlMTLAUbCXkEGGriCfM=",
@ -119,24 +67,8 @@
"root": {
"inputs": {
"agenix": "agenix",
"deploy-rs": "deploy-rs",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
"nixpkgs": "nixpkgs_2"
}
}
},

View file

@ -9,86 +9,27 @@
# utility stuff
flake-utils.url = "github:numtide/flake-utils";
agenix.url = "github:ryantm/agenix";
deploy-rs.url = "github:serokell/deploy-rs";
};
outputs = { self, nixpkgs, deploy-rs, ... }: let
# can centralise the config for each machiene here
machine_config = [
# each system one line
{
# each machiene must have a name
name = "test01";
# core info about it
outputs = { self, nixpkgs, ... }: {
# https://github.com/zhaofengli/colmena
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
modules = [
./machines/test01.nix
];
# for the deployment
hostname = "test01.home.brendan.ie";
sshUser = "root";
}
{
# each machiene must have a name
name = "test02";
# core info about it
system = "x86_64-linux";
modules = [
./machines/test02.nix
];
# for the deployment
hostname = "test02.home.brendan.ie";
sshUser = "root";
}
];
# the best part, nix is functional, so lets have some functions
# map applies this function to every item in an array
create_nixosConfigurations = map (
# converts it into {name_of_machiene = {system = '..'; modules = '..'}}
config: {
# need to extract teh name of the machiene
${config.name} = (
# nixpkgs.lib.nixosSystem is a fucntion that is used to turn a attribute set into the config for a machiene
nixpkgs.lib.nixosSystem {
system = config.system;
modules = config.modules;
}
);
}
);
# this takes the config attributes and turns it into something useful for the nodes
create_nodes = map (
# this is fairly simple, just plug in teh values
config: {
${config.name} = {
hostname = config.hostname;
profiles.system = {
path = deploy-rs.lib."${config.system}".activate.nixos self.nixosConfigurations."${config.name}";
sshUser = config.sshUser;
overlays = [];
};
};
}
);
# this merges together an array of atributes into just one set
merge = nixpkgs.lib.lists.foldl (a: b: a // b) {};
# installed for each machine
defaults = import ./machines/base.nix;
in {
# values created using the data and functions above
nixosConfigurations = merge (create_nixosConfigurations machine_config);
deploy.nodes = merge (create_nodes machine_config);
test01 = import ./machines/test01.nix;
# This is highly advised, and will prevent many possible mistakes
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
test02 = import ./machines/test02.nix;
};
};
}

View file

@ -2,13 +2,17 @@
{
imports = [
# base settings for alls ervers
./base.nix
# applications for this particular server
../applications/firewall.nix
];
deployment = {
targetHost = "test01.home.brendan.ie";
targetPort = 22;
targetUser = "root";
};
# this server is teh firewall
skynet_firewall.enable = true;

View file

@ -2,11 +2,7 @@
{
imports = [
# base settings for alls ervers
./base.nix
# applications for this particular server
../applications/firewall.nix
];
skynet_firewall.forward = [