Compare commits
11 commits
8b79e92442
...
e590918785
Author | SHA1 | Date | |
---|---|---|---|
e590918785 | |||
81d9552f73 | |||
3307db5fb4 | |||
3cfd715814 | |||
cea7eec04f | |||
19e3f59f86 | |||
f8f8054d79 | |||
31ef819960 | |||
ef2f170462 | |||
7a72cacdaf | |||
fe0f5f99ab |
24 changed files with 229 additions and 488 deletions
40
.gitignore
vendored
40
.gitignore
vendored
|
@ -6,43 +6,3 @@
|
|||
/.emacs.desktop
|
||||
/.emacs.desktop.lock
|
||||
|
||||
# Created by https://www.toptal.com/developers/gitignore/api/terraform
|
||||
# Edit at https://www.toptal.com/developers/gitignore?templates=terraform
|
||||
|
||||
### Terraform ###
|
||||
# Local .terraform directories
|
||||
**/.terraform/*
|
||||
|
||||
# .tfstate files
|
||||
*.tfstate
|
||||
*.tfstate.*
|
||||
|
||||
# Crash log files
|
||||
crash.log
|
||||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
||||
# Ignore override files as they are usually used to override resources locally and so
|
||||
# are not checked in
|
||||
override.tf
|
||||
override.tf.json
|
||||
*_override.tf
|
||||
*_override.tf.json
|
||||
|
||||
# Include override files you do wish to add to version control using negated pattern
|
||||
# !example_override.tf
|
||||
|
||||
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
|
||||
*.tfplan
|
||||
|
||||
# Ignore CLI configuration files
|
||||
.terraformrc
|
||||
terraform.rc
|
||||
|
||||
# End of https://www.toptal.com/developers/gitignore/api/terraform
|
||||
|
|
66
flake.lock
generated
66
flake.lock
generated
|
@ -81,11 +81,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704318910,
|
||||
"narHash": "sha256-wOIJwAsnZhM0NlFRwYJRgO4Lldh8j9viyzwQXtrbNtM=",
|
||||
"lastModified": 1704741201,
|
||||
"narHash": "sha256-Y420NeqPWRSpxHpXsxhKILfTxT5exjtTgCgDwSpcEfU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "aef9a509db64a081186af2dc185654d78dc8e344",
|
||||
"rev": "f0a3425a7b173701922e7959d8bfb136ef53aa54",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -105,11 +105,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704530953,
|
||||
"narHash": "sha256-hfllh8Dd/XhbyxNensq2PAdnvJtPXJmxUQqWrKUdUCk=",
|
||||
"lastModified": 1704905472,
|
||||
"narHash": "sha256-cb3uqBDHcdHY+x1tXSm5FvScQx5e9+qdADGSEVkhnlM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "85ac1bf8543d2e179d7748f3788d58b06eacc758",
|
||||
"rev": "e5d3e66bb146b77a9c978533dfb6028b9248f2fa",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -340,11 +340,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704498488,
|
||||
"narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=",
|
||||
"lastModified": 1704809957,
|
||||
"narHash": "sha256-Z8sBeoeeY2O+BNqh5C+4Z1h1F1wQ2mij7yPZ2GY397M=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee",
|
||||
"rev": "e13aa9e287b3365473e5897e3667ea80a899cdfb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -410,11 +410,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701225372,
|
||||
"narHash": "sha256-QSiFeEmTzAIIiCtUaMesu7wi7bvfHuFzPMQpOKMt4Lo=",
|
||||
"lastModified": 1704611696,
|
||||
"narHash": "sha256-4ZCgV5oHdEc3q+XaIzy//gh20uC/aSuAtMU9bsfgLZk=",
|
||||
"owner": "oxalica",
|
||||
"repo": "nil",
|
||||
"rev": "0031eb4343fd4672742fd6ff839da9b4f5120646",
|
||||
"rev": "059d33a24bb76d2048740bcce936362bf54b5bc9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -467,11 +467,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1704458188,
|
||||
"narHash": "sha256-f6BYEuIqnbrs6J/9m1/1VdkJ6d63hO9kUC09kTPuOqE=",
|
||||
"lastModified": 1704786394,
|
||||
"narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "172385318068519900a7d71c1024242fa6af75f0",
|
||||
"rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -482,11 +482,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1704194953,
|
||||
"narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=",
|
||||
"lastModified": 1704722960,
|
||||
"narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6",
|
||||
"rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -516,11 +516,11 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1704295289,
|
||||
"narHash": "sha256-9WZDRfpMqCYL6g/HNWVvXF0hxdaAgwgIGeLYiOhmes8=",
|
||||
"lastModified": 1704732714,
|
||||
"narHash": "sha256-ABqK/HggMYA/jMUXgYyqVAcQ8QjeMyr1jcXfTpSHmps=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b0b2c5445c64191fd8d0b31f2b1a34e45a64547d",
|
||||
"rev": "6723fa4e4f1a30d42a633bef5eb01caeb281adc3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -548,11 +548,11 @@
|
|||
},
|
||||
"nixpkgs-stable_3": {
|
||||
"locked": {
|
||||
"lastModified": 1703950681,
|
||||
"narHash": "sha256-veU5bE4eLOmi7aOzhE7LfZXcSOONRMay0BKv01WHojo=",
|
||||
"lastModified": 1704290814,
|
||||
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0aad9113182747452dbfc68b93c86e168811fa6c",
|
||||
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -603,11 +603,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703939133,
|
||||
"narHash": "sha256-Gxe+mfOT6bL7wLC/tuT2F+V+Sb44jNr8YsJ3cyIl4Mo=",
|
||||
"lastModified": 1704913983,
|
||||
"narHash": "sha256-K/GuHFFriQhH3VPWMhm6bYelDuPyGGjGu1OF1EWUn5k=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "9d3d7e18c6bc4473d7520200d4ddab12f8402d38",
|
||||
"rev": "b0265634df1dc584585c159b775120e637afdb41",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -676,11 +676,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1704507282,
|
||||
"narHash": "sha256-PDfS8fj40mm2QWpbd/aiocgwcI/WHzqLKERRJkoEvXU=",
|
||||
"lastModified": 1704853054,
|
||||
"narHash": "sha256-xD87M7isL2XqlFr+2f+j86jy8s5lfIaAEWO4TpQQZUA=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "a127cccf7943beae944953963ba118d643299c3b",
|
||||
"rev": "6dea03e0c8a81cf28340564259d4762b6d6f01de",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -697,11 +697,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703991717,
|
||||
"narHash": "sha256-XfBg2dmDJXPQEB8EdNBnzybvnhswaiAkUeeDj7fa/hQ=",
|
||||
"lastModified": 1704908274,
|
||||
"narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "cfdbaf68d00bc2f9e071f17ae77be4b27ff72fa6",
|
||||
"rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
28
flake.nix
28
flake.nix
|
@ -149,6 +149,10 @@
|
|||
"aarch64-linux"
|
||||
];
|
||||
|
||||
imports = [
|
||||
inputs.pre-commit-hooks.flakeModule
|
||||
];
|
||||
|
||||
flake = {
|
||||
lib = import ./lib inputs;
|
||||
|
||||
|
@ -201,11 +205,10 @@
|
|||
|
||||
};
|
||||
|
||||
perSystem = { self', pkgs, system, lib, ... }:
|
||||
{
|
||||
checks = {
|
||||
pre-commit-check = pre-commit-hooks.lib.${system}.run {
|
||||
src = ./.;
|
||||
perSystem = { inputs', pkgs, config, ... }: {
|
||||
|
||||
pre-commit = {
|
||||
settings = {
|
||||
hooks = {
|
||||
nixpkgs-fmt.enable = true;
|
||||
deadnix.enable = true;
|
||||
|
@ -218,16 +221,13 @@
|
|||
shfmt.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
packages = {
|
||||
incus-ui = pkgs.callPackage ./pkgs/incus-ui { };
|
||||
};
|
||||
|
||||
devShells.default = with pkgs;
|
||||
mkShell {
|
||||
inherit (self'.checks.pre-commit-check) shellHook;
|
||||
devShells.default = with pkgs; mkShell {
|
||||
name = "dotfiles";
|
||||
packages = [
|
||||
pkgs.sops
|
||||
|
@ -245,24 +245,26 @@
|
|||
nix-prefetch-github
|
||||
nix-prefetch-docker
|
||||
nix-top
|
||||
opentofu
|
||||
terraform-ls
|
||||
taplo
|
||||
just
|
||||
pciutils
|
||||
|
||||
cryptsetup
|
||||
|
||||
disko.packages.${system}.disko
|
||||
inputs'.disko.packages.disko
|
||||
|
||||
colmena
|
||||
];
|
||||
|
||||
shellHook = ''
|
||||
${config.pre-commit.installationScript}
|
||||
'';
|
||||
};
|
||||
|
||||
devShells.install = with pkgs; mkShell {
|
||||
name = "install";
|
||||
packages = [
|
||||
disko.packages.${system}.disko
|
||||
inputs'.disko.packages.disko
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -43,6 +43,17 @@ inputs: {
|
|||
tags = [ "metal" ];
|
||||
};
|
||||
};
|
||||
k3s-test = {
|
||||
config = import ./k3s-test/configuration.nix inputs;
|
||||
deploy = {
|
||||
# host = "10.0.0.167";
|
||||
host = "10.0.0.208";
|
||||
sshUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
};
|
||||
};
|
||||
loki = {
|
||||
config = import ./loki/configuration.nix inputs;
|
||||
};
|
||||
|
|
24
machines/frigate/.terraform.lock.hcl
generated
24
machines/frigate/.terraform.lock.hcl
generated
|
@ -1,24 +0,0 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/telmate/proxmox" {
|
||||
version = "2.9.11"
|
||||
constraints = "2.9.11"
|
||||
hashes = [
|
||||
"h1:RKM2pvHNJrQKcMD7omaPiM099vWGgDnnZqn1kGknYXU=",
|
||||
"zh:0db1e3940cf208e56919e68c6d557dfc87d380316a474c8999916308bf991440",
|
||||
"zh:2a0ae7af5b2f96d53b24f34575bc72ccbb79cab870901f26f00a301613f7c69e",
|
||||
"zh:2f9eb4a4d2c5db04ec0940d7e250aaf1bac559acc787a5883688ba42159f8b8e",
|
||||
"zh:362a5b44995a51c8de78f0106aa7741f212bb15fbf2d7477794ea3ee63e2c17d",
|
||||
"zh:4d212404b741848cef1e469e390ad1df659bbfa8d47cd079d82d83c288925438",
|
||||
"zh:54a65a01946839db263f8da389791863f6909db9d5fcfdb472e23b14883a5b6c",
|
||||
"zh:5dfc95303efc53686b23762dfa4c50d887eb4cc0a3e9d527adc29b3a9f0439eb",
|
||||
"zh:68db84c007cbdd7267d1f7b767b0b2b91e9ee2e2b92ac1d8a1568f3bc61e67cd",
|
||||
"zh:85d45466445883ae64eed3d5fcb996de389ecf9268f0f7d2f22911fb3f56a344",
|
||||
"zh:8673f8c794ea8413dc9a3933902492b3e5be99e79bc611fcef415be7d7268210",
|
||||
"zh:d5041f72f550f3c81dafecb4e7dfca9f849737154a0e2c81434df6c72d75af25",
|
||||
"zh:e60e03b495dd76660784a8ab07d8db0ce1df7165e713efb350c1864d92f87a8c",
|
||||
"zh:ed1f75a2fe7d764356119a590f301ab8fd40cfeea78a514450868beb92115f28",
|
||||
"zh:efa4140b78775509665370c915e60c9043a1325d608f96da151f8f7fcc7cb45e",
|
||||
]
|
||||
}
|
|
@ -1,46 +0,0 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "Telmate/proxmox"
|
||||
version = "2.9.11"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "proxmox" {
|
||||
pm_api_url = var.proxmox_api_url
|
||||
pm_api_token_id = var.proxmox_token_id
|
||||
pm_api_token_secret = var.proxmox_token_secret
|
||||
pm_tls_insecure = true
|
||||
}
|
||||
|
||||
resource "proxmox_lxc" "minio" {
|
||||
target_node = "pve"
|
||||
hostname = "frigate"
|
||||
ostemplate = "loki:vztmpl/nixos-23.05-default_20230318_amd64.tar.xz"
|
||||
unprivileged = false
|
||||
onboot = true
|
||||
|
||||
memory = 2048
|
||||
swap = 2048
|
||||
|
||||
rootfs {
|
||||
storage = "local-lvm"
|
||||
size = "32G"
|
||||
}
|
||||
|
||||
mountpoint {
|
||||
key = "0"
|
||||
slot = 0
|
||||
storage = "local-lvm"
|
||||
mp = "/data"
|
||||
size = "256G"
|
||||
}
|
||||
|
||||
network {
|
||||
name = "eth0"
|
||||
bridge = "vmbr0"
|
||||
ip = "10.0.0.205/24"
|
||||
gw = "10.0.0.1"
|
||||
}
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
variable "proxmox_token_id" {
|
||||
description = "Proxmox API token ID"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_token_secret" {
|
||||
description = "Proxmox API token secret"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_api_url" {
|
||||
description = "Proxmox API URL"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
83
machines/k3s-test/configuration.nix
Normal file
83
machines/k3s-test/configuration.nix
Normal file
|
@ -0,0 +1,83 @@
|
|||
{ self, ... }:
|
||||
{ modulesPath, lib, ... }: {
|
||||
imports = [
|
||||
(modulesPath + "/virtualisation/lxc-container.nix")
|
||||
../../users/root
|
||||
../../users/erwin
|
||||
];
|
||||
|
||||
eboskma = {
|
||||
users.erwin = {
|
||||
enable = true;
|
||||
server = true;
|
||||
};
|
||||
nix-common = {
|
||||
enable = true;
|
||||
remote-builders = true;
|
||||
};
|
||||
tailscale.enable = true;
|
||||
};
|
||||
|
||||
services.k3s = {
|
||||
enable = true;
|
||||
extraFlags = "--tls-san=10.0.0.208";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
system.configurationRevision = self.inputs.nixpkgs.lib.mkIf (self ? rev) self.rev;
|
||||
|
||||
networking = {
|
||||
hostName = "k3s-test";
|
||||
useDHCP = false;
|
||||
useHostResolvConf = false;
|
||||
networkmanager.enable = false;
|
||||
useNetworkd = true;
|
||||
|
||||
firewall = {
|
||||
trustedInterfaces = [ "tailscale0" ];
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [ 6443 ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd = {
|
||||
network = {
|
||||
enable = true;
|
||||
|
||||
networks = {
|
||||
"40-eth0" = {
|
||||
matchConfig = {
|
||||
Name = "eth0";
|
||||
};
|
||||
|
||||
networkConfig = {
|
||||
Address = "10.0.0.208/24";
|
||||
Gateway = "10.0.0.1";
|
||||
DNS = "10.0.0.206";
|
||||
DHCP = "no";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
tmpfiles.rules = [
|
||||
"L /dev/kmsg - - - - /dev/console"
|
||||
];
|
||||
};
|
||||
|
||||
security = {
|
||||
sudo-rs = {
|
||||
enable = true;
|
||||
execWheelOnly = true;
|
||||
wheelNeedsPassword = false;
|
||||
};
|
||||
sudo.enable = false;
|
||||
};
|
||||
|
||||
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets = { };
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
|
@ -54,7 +54,7 @@
|
|||
dataDir = "/home/erwin/workspace/livebook";
|
||||
userMapping = "1000:100";
|
||||
};
|
||||
lxd.enable = true;
|
||||
lxd.enable = false;
|
||||
networking = {
|
||||
enable = true;
|
||||
};
|
||||
|
|
|
@ -47,9 +47,6 @@ let
|
|||
services = {
|
||||
k3s = {
|
||||
enable = true;
|
||||
package = pkgs.k3s.override {
|
||||
buildGoModule = pkgs.buildGo120Module;
|
||||
};
|
||||
clusterInit = isServer;
|
||||
serverAddr = if !isServer then "https://10.128.0.2:6443" else "";
|
||||
role = "server";
|
||||
|
|
24
machines/minio/.terraform.lock.hcl
generated
24
machines/minio/.terraform.lock.hcl
generated
|
@ -1,24 +0,0 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/telmate/proxmox" {
|
||||
version = "2.9.11"
|
||||
constraints = "2.9.11"
|
||||
hashes = [
|
||||
"h1:RKM2pvHNJrQKcMD7omaPiM099vWGgDnnZqn1kGknYXU=",
|
||||
"zh:0db1e3940cf208e56919e68c6d557dfc87d380316a474c8999916308bf991440",
|
||||
"zh:2a0ae7af5b2f96d53b24f34575bc72ccbb79cab870901f26f00a301613f7c69e",
|
||||
"zh:2f9eb4a4d2c5db04ec0940d7e250aaf1bac559acc787a5883688ba42159f8b8e",
|
||||
"zh:362a5b44995a51c8de78f0106aa7741f212bb15fbf2d7477794ea3ee63e2c17d",
|
||||
"zh:4d212404b741848cef1e469e390ad1df659bbfa8d47cd079d82d83c288925438",
|
||||
"zh:54a65a01946839db263f8da389791863f6909db9d5fcfdb472e23b14883a5b6c",
|
||||
"zh:5dfc95303efc53686b23762dfa4c50d887eb4cc0a3e9d527adc29b3a9f0439eb",
|
||||
"zh:68db84c007cbdd7267d1f7b767b0b2b91e9ee2e2b92ac1d8a1568f3bc61e67cd",
|
||||
"zh:85d45466445883ae64eed3d5fcb996de389ecf9268f0f7d2f22911fb3f56a344",
|
||||
"zh:8673f8c794ea8413dc9a3933902492b3e5be99e79bc611fcef415be7d7268210",
|
||||
"zh:d5041f72f550f3c81dafecb4e7dfca9f849737154a0e2c81434df6c72d75af25",
|
||||
"zh:e60e03b495dd76660784a8ab07d8db0ce1df7165e713efb350c1864d92f87a8c",
|
||||
"zh:ed1f75a2fe7d764356119a590f301ab8fd40cfeea78a514450868beb92115f28",
|
||||
"zh:efa4140b78775509665370c915e60c9043a1325d608f96da151f8f7fcc7cb45e",
|
||||
]
|
||||
}
|
|
@ -1,45 +0,0 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "Telmate/proxmox"
|
||||
version = "2.9.11"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "proxmox" {
|
||||
pm_api_url = var.proxmox_api_url
|
||||
pm_api_token_id = var.proxmox_token_id
|
||||
pm_api_token_secret = var.proxmox_token_secret
|
||||
pm_tls_insecure = true
|
||||
}
|
||||
|
||||
resource "proxmox_lxc" "minio" {
|
||||
target_node = "pve"
|
||||
hostname = "minio"
|
||||
ostemplate = "loki:vztmpl/nixos-23.05-default_20230104_amd64.tar.xz"
|
||||
unprivileged = false
|
||||
|
||||
memory = 2048
|
||||
swap = 2048
|
||||
|
||||
rootfs {
|
||||
storage = "local-lvm"
|
||||
size = "32G"
|
||||
}
|
||||
|
||||
mountpoint {
|
||||
key = "0"
|
||||
slot = 0
|
||||
storage = "local-lvm"
|
||||
mp = "/data"
|
||||
size = "256G"
|
||||
}
|
||||
|
||||
network {
|
||||
name = "eth0"
|
||||
bridge = "vmbr0"
|
||||
ip = "10.0.0.204/24"
|
||||
gw = "10.0.0.1"
|
||||
}
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
variable "proxmox_token_id" {
|
||||
description = "Proxmox API token ID"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_token_secret" {
|
||||
description = "Proxmox API token secret"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_api_url" {
|
||||
description = "Proxmox API URL"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ nixos-hardware, disko, ... }:
|
||||
{ nixos-hardware, disko, nix-ld-rs, ... }:
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
imports = [
|
||||
|
@ -65,21 +65,16 @@
|
|||
};
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
powerManagement.cpuFreqGovernor = "ondemand";
|
||||
|
||||
programs = {
|
||||
nix-ld = {
|
||||
enable = true;
|
||||
package = nix-ld-rs.packages.${pkgs.hostPlatform.system}.nix-ld-rs;
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
cockpit = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
settings = {
|
||||
WebService = {
|
||||
Origins = "https://cockpit.datarift.nl";
|
||||
ProtocolHeader = "X-Forwarded-Proto";
|
||||
ForwardedForHeader = "X-Forwarded-For";
|
||||
};
|
||||
};
|
||||
};
|
||||
lvm = {
|
||||
enable = true;
|
||||
};
|
||||
|
|
|
@ -117,6 +117,7 @@
|
|||
pkgs.nftables
|
||||
pkgs.lvm2
|
||||
pkgs.e2fsprogs
|
||||
pkgs.kmod
|
||||
];
|
||||
environment = {
|
||||
INCUS_UI = pkgs.incus-ui;
|
||||
|
|
24
machines/unifi/.terraform.lock.hcl
generated
24
machines/unifi/.terraform.lock.hcl
generated
|
@ -1,24 +0,0 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/telmate/proxmox" {
|
||||
version = "2.9.14"
|
||||
constraints = "2.9.14"
|
||||
hashes = [
|
||||
"h1:H/f+LbVyPOLslHLAYnGuMMRqWFZ65K6E3V+MCYgfAyk=",
|
||||
"zh:0d049d33f705e5b814d30028770c084151218439424e99684ce31d7e26a720b5",
|
||||
"zh:20b1c64ed56d81de95f3f37b82b45b4654c0de26670c0e87a474c5cce13cd015",
|
||||
"zh:2946058abd1d8e50e475b9ec39781eb02576b40dbd80f4653fade4493a4514c6",
|
||||
"zh:29e50a25c456f040ce072f23ac57b5b82ebd3b916ca5ae6688332b5ec62adc4a",
|
||||
"zh:3612932306ce5f08db94868f526cbb8c56d0d3c6ebe1c11a83f92bbf94354296",
|
||||
"zh:42d1699b0abebaac82ea5a19f4393541d8bb2741bde204a8ac1028cdc29d1b14",
|
||||
"zh:5ffd5dc567262eb8aafdf2f6eac63f7f21361da9c5d75a3c36b479638a0001b0",
|
||||
"zh:6692ef323e3b89de99934ad731f6a1850525bf8142916ae28ea4e4048d73a787",
|
||||
"zh:a5afc98e9a4038516bb58e788cb77dea67a60dce780dfcd206d7373c5a56b776",
|
||||
"zh:bf902cded709d84fa27fbf91b589c241f2238a6c4924e4e479eebd74320b93a5",
|
||||
"zh:cab0e1e72c9cebcf669fc6f35ec28cb8ab2dffb0237afc8860aa40d23bf8a49f",
|
||||
"zh:e523b99a48beec83d9bc04b2d336266044f9f53514cefb652fe6768611847196",
|
||||
"zh:f593915e8a24829d322d2eaeedcb153328cf9042f0d84f66040dde1be70ede04",
|
||||
"zh:fba1aff541133e2129dfda0160369635ab48503d5c44b8407ce5922ecc15d0bd",
|
||||
]
|
||||
}
|
|
@ -1,38 +0,0 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "Telmate/proxmox"
|
||||
version = "2.9.14"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "proxmox" {
|
||||
pm_api_url = var.proxmox_api_url
|
||||
pm_api_token_id = var.proxmox_token_id
|
||||
pm_api_token_secret = var.proxmox_token_secret
|
||||
pm_tls_insecure = true
|
||||
}
|
||||
|
||||
resource "proxmox_lxc" "unifi" {
|
||||
target_node = "pve"
|
||||
hostname = "unifi"
|
||||
ostemplate = "loki:vztmpl/nixos-23.11-default_20230606_amd64.tar.xz"
|
||||
unprivileged = false
|
||||
onboot = true
|
||||
|
||||
memory = 2048
|
||||
swap = 2048
|
||||
|
||||
rootfs {
|
||||
storage = "local-lvm"
|
||||
size = "32G"
|
||||
}
|
||||
|
||||
network {
|
||||
name = "eth0"
|
||||
bridge = "vmbr0"
|
||||
ip = "10.0.0.207/24"
|
||||
gw = "10.0.0.1"
|
||||
}
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
variable "proxmox_token_id" {
|
||||
description = "Proxmox API token ID"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_token_secret" {
|
||||
description = "Proxmox API token secret"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_api_url" {
|
||||
description = "Proxmox API URL"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
23
machines/valkyrie/.terraform.lock.hcl
generated
23
machines/valkyrie/.terraform.lock.hcl
generated
|
@ -1,23 +0,0 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/telmate/proxmox" {
|
||||
version = "2.9.14"
|
||||
hashes = [
|
||||
"h1:H/f+LbVyPOLslHLAYnGuMMRqWFZ65K6E3V+MCYgfAyk=",
|
||||
"zh:0d049d33f705e5b814d30028770c084151218439424e99684ce31d7e26a720b5",
|
||||
"zh:20b1c64ed56d81de95f3f37b82b45b4654c0de26670c0e87a474c5cce13cd015",
|
||||
"zh:2946058abd1d8e50e475b9ec39781eb02576b40dbd80f4653fade4493a4514c6",
|
||||
"zh:29e50a25c456f040ce072f23ac57b5b82ebd3b916ca5ae6688332b5ec62adc4a",
|
||||
"zh:3612932306ce5f08db94868f526cbb8c56d0d3c6ebe1c11a83f92bbf94354296",
|
||||
"zh:42d1699b0abebaac82ea5a19f4393541d8bb2741bde204a8ac1028cdc29d1b14",
|
||||
"zh:5ffd5dc567262eb8aafdf2f6eac63f7f21361da9c5d75a3c36b479638a0001b0",
|
||||
"zh:6692ef323e3b89de99934ad731f6a1850525bf8142916ae28ea4e4048d73a787",
|
||||
"zh:a5afc98e9a4038516bb58e788cb77dea67a60dce780dfcd206d7373c5a56b776",
|
||||
"zh:bf902cded709d84fa27fbf91b589c241f2238a6c4924e4e479eebd74320b93a5",
|
||||
"zh:cab0e1e72c9cebcf669fc6f35ec28cb8ab2dffb0237afc8860aa40d23bf8a49f",
|
||||
"zh:e523b99a48beec83d9bc04b2d336266044f9f53514cefb652fe6768611847196",
|
||||
"zh:f593915e8a24829d322d2eaeedcb153328cf9042f0d84f66040dde1be70ede04",
|
||||
"zh:fba1aff541133e2129dfda0160369635ab48503d5c44b8407ce5922ecc15d0bd",
|
||||
]
|
||||
}
|
|
@ -1,37 +0,0 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "Telmate/proxmox"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "proxmox" {
|
||||
pm_api_url = var.proxmox_api_url
|
||||
pm_api_token_id = var.proxmox_token_id
|
||||
pm_api_token_secret = var.proxmox_token_secret
|
||||
pm_tls_insecure = true
|
||||
}
|
||||
|
||||
resource "proxmox_lxc" "valkyrie" {
|
||||
target_node = "pve"
|
||||
hostname = "valkyrie"
|
||||
ostemplate = "loki:vztmpl/nixos-23.11-default_20230606_amd64.tar.xz"
|
||||
unprivileged = false
|
||||
onboot = true
|
||||
|
||||
memory = 2048
|
||||
swap = 2048
|
||||
|
||||
rootfs {
|
||||
storage = "local-lvm"
|
||||
size = "32G"
|
||||
}
|
||||
|
||||
network {
|
||||
name = "eth0"
|
||||
bridge = "vmbr0"
|
||||
ip = "10.0.0.206/24"
|
||||
gw = "10.0.0.1"
|
||||
}
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
variable "proxmox_token_id" {
|
||||
description = "Proxmox API token ID"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_token_secret" {
|
||||
description = "Proxmox API token secret"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "proxmox_api_url" {
|
||||
description = "Proxmox API URL"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
|
@ -13,6 +13,7 @@ in
|
|||
config = mkIf cfg.enable {
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
llmnr = "false"; # Deprecated and a security risk
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
, nodejs
|
||||
, prefetch-yarn-deps
|
||||
, yarn
|
||||
, gnused
|
||||
, rsync
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -40,6 +42,12 @@ stdenv.mkDerivation rec {
|
|||
configurePhase = ''
|
||||
runHook preConfigure
|
||||
|
||||
${gnused}/bin/sed -i "s/LXD/Incus/g" src/*/*.ts* src/*/*/*.ts* src/*/*/*/*.ts*
|
||||
${gnused}/bin/sed -i "s/devlxd/guestapi/g" src/*/*.ts* src/*/*/*.ts* src/*/*/*/*.ts*
|
||||
${gnused}/bin/sed -i "s/dev\/lxd/dev\/incus/g" src/*/*.ts* src/*/*/*.ts* src/*/*/*/*.ts*
|
||||
${gnused}/bin/sed -i "s/lxd_/incus_/g" src/*/*.ts* src/*/*/*.ts* src/*/*/*/*.ts*
|
||||
${gnused}/bin/sed -i "s/\"lxd\"/\"incus\"/g" src/*/*.ts* src/*/*/*.ts* src/*/*/*/*.ts*
|
||||
|
||||
export HOME=$(mktemp -d)
|
||||
yarn config --offline set yarn-offline-mirror "$offlineCache"
|
||||
fixup-yarn-lock yarn.lock
|
||||
|
@ -61,7 +69,8 @@ stdenv.mkDerivation rec {
|
|||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
cp -r build/ui $out
|
||||
mkdir -p $out
|
||||
${rsync}/bin/rsync -a build/ui/ $out/
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ pkgs, config, lib, inputs, ... }:
|
||||
with lib; let
|
||||
cfg = config.eboskma.users.erwin;
|
||||
homeCfg = config.home-manager.users.erwin;
|
||||
bt = config.eboskma.bluetooth;
|
||||
|
||||
ewwDaemon =
|
||||
|
@ -10,7 +11,7 @@ with lib; let
|
|||
pkgs.writeShellScript "eww-daemon" ''
|
||||
export PATH=${path}:''${PATH}
|
||||
|
||||
${config.home-manager.users.erwin.eboskma.programs.eww.package}/bin/eww $@
|
||||
${homeCfg.eboskma.programs.eww.package}/bin/eww $@
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
@ -94,7 +95,7 @@ in
|
|||
rofi = {
|
||||
enable = true;
|
||||
package = pkgs.rofi-wayland;
|
||||
terminal = config.home-manager.users.erwin.wayland.windowManager.sway.config.terminal;
|
||||
terminal = homeCfg.wayland.windowManager.sway.config.terminal;
|
||||
};
|
||||
vscode.enable = true;
|
||||
solvespace.enable = true;
|
||||
|
@ -102,10 +103,10 @@ in
|
|||
starship.enable = true;
|
||||
sway = {
|
||||
enable = true;
|
||||
lock-wallpaper = ../../wallpapers/river-2560.png;
|
||||
lock-wallpaper = "${homeCfg.home.homeDirectory}/.wallpapers/river-2560.png";
|
||||
output = {
|
||||
"DP-2" = {
|
||||
bg = "${../../wallpapers/jwst-saturn-nircam-2560.png} fill";
|
||||
bg = "${homeCfg.home.homeDirectory}/.wallpapers/river-2560.png fill";
|
||||
mode = "2560x1440@165Hz";
|
||||
adaptive_sync = "on";
|
||||
max_render_time = "2";
|
||||
|
@ -178,6 +179,8 @@ in
|
|||
iotop
|
||||
(jetbrains.clion.override { jdk = pkgs.jetbrains.jdk; })
|
||||
kicad
|
||||
kubectl
|
||||
kubernetes-helm
|
||||
larynx
|
||||
libnotify
|
||||
libreoffice-fresh
|
||||
|
@ -198,7 +201,6 @@ in
|
|||
ripgrep
|
||||
scid-vs-pc
|
||||
signal-desktop
|
||||
solo2-cli
|
||||
steam
|
||||
steamcmd
|
||||
steam-tui
|
||||
|
@ -219,6 +221,15 @@ in
|
|||
gtk.enable = true;
|
||||
x11.enable = true;
|
||||
};
|
||||
|
||||
|
||||
file = {
|
||||
wallpapers = {
|
||||
source = ../../wallpapers;
|
||||
target = ".wallpapers";
|
||||
recursive = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
xdg = {
|
||||
|
|
Loading…
Add table
Reference in a new issue