nixos-servers/nixos/machines/default.nix

{
  atlas = {
    type = "physical";

    nixosModule.lab = {
      storage = {
        osDisk = "/dev/sda";
        dataPartition = "/dev/nvme0n1p1";
      };

      ssh = {
        useCertificates = true;
        hostCert = builtins.readFile ./certificates/atlas/host_ed25519.crt;
        userCert = builtins.readFile ./certificates/atlas/user_ed25519.crt;
      };
    };
  };

  jefke = {
    type = "physical";

    nixosModule = {
      lab = {
        storage = {
          osDisk = "/dev/sda";
          dataPartition = "/dev/nvme0n1p1";
        };

        ssh = {
          useCertificates = true;
          hostCert = builtins.readFile ./certificates/jefke/host_ed25519.crt;
          userCert = builtins.readFile ./certificates/jefke/user_ed25519.crt;
        };
      };
    };
  };

  lewis = {
    type = "physical";

    nixosModule.lab = {
      backups.enable = true;
      data-sharing.enable = true;
      networking.dmz.allowConnectivity = true;

      storage = {
        osDisk = "/dev/sda";
        dataPartition = "/dev/nvme0n1p1";
      };

      ssh = {
        useCertificates = true;
        hostCert = builtins.readFile ./certificates/lewis/host_ed25519.crt;
        userCert = builtins.readFile ./certificates/lewis/user_ed25519.crt;
      };
    };
  };

  # TODO: make leases persistent!
  hermes = {
    type = "virtual";
    hypervisorName = "lewis";

    nixosModule = { config, ... }: {
      lab = {
        networking.dmz.services.enable = true;

        vm = {
          # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
          id = 7;
          staticNetworking = true;
          staticIPv4 = config.lab.networking.dmz.ipv4.services;
          staticIPv6 = config.lab.networking.dmz.ipv6.services;

          shares = [{
            name = "dnsmasq";
            mountPoint = "/var/lib/dnsmasq";
          }];
        };
      };
    };
  };

  maestro = {
    type = "virtual";
    hypervisorName = "atlas";

    nixosModule = { config, ... }: {
      microvm.balloonMem = 7680;

      lab = {
        dockerSwarm.enable = true;

        vm = {
          id = 1;
        };
      };
    };
  };

  bancomart = {
    type = "virtual";
    hypervisorName = "jefke";

    nixosModule = {
      microvm.balloonMem = 7680;

      lab = {
        dockerSwarm.enable = true;
        vm.id = 2;
      };
    };
  };

  vpay = {
    type = "virtual";
    hypervisorName = "lewis";

    nixosModule = {
      microvm.balloonMem = 5632;

      lab = {
        dockerSwarm.enable = true;
        vm.id = 3;
      };
    };
  };
}
create helpers for creating nixos system and deploy nodes move machine definitions to separate directory 2023-11-15 13:06:59 +01:00			`{`
remove dataHost option improve certificate directory structure 2024-01-31 22:11:28 +01:00			`atlas = {`
			`type = "physical";`

			`nixosModule.lab = {`
			`storage = {`
			`osDisk = "/dev/sda";`
			`dataPartition = "/dev/nvme0n1p1";`
			`};`

			`ssh = {`
			`useCertificates = true;`
			`hostCert = builtins.readFile ./certificates/atlas/host_ed25519.crt;`
			`userCert = builtins.readFile ./certificates/atlas/user_ed25519.crt;`
			`};`
			`};`
			`};`

create helpers for creating nixos system and deploy nodes move machine definitions to separate directory 2023-11-15 13:06:59 +01:00			`jefke = {`
integrate VM definitions 2024-01-28 11:48:13 +01:00			`type = "physical";`
update to nixos 23.11 enable static IP for terraformed VMs restructure legacy code move hermes code to this repo don't use data disk for hermes leases 2023-12-17 16:22:22 +01:00
set hostName and domain in nixos config directly 2024-01-28 12:55:58 +01:00			`nixosModule = {`
			`lab = {`
			`storage = {`
			`osDisk = "/dev/sda";`
			`dataPartition = "/dev/nvme0n1p1";`
			`};`

			`ssh = {`
			`useCertificates = true;`
remove dataHost option improve certificate directory structure 2024-01-31 22:11:28 +01:00			`hostCert = builtins.readFile ./certificates/jefke/host_ed25519.crt;`
			`userCert = builtins.readFile ./certificates/jefke/user_ed25519.crt;`
set hostName and domain in nixos config directly 2024-01-28 12:55:58 +01:00			`};`
WIP: nixos-anywhere for virtual machines 2023-11-25 21:00:21 +01:00			`};`
			`};`
			`};`

manage lewis with nix move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform 2023-12-25 19:22:22 +01:00			`lewis = {`
integrate VM definitions 2024-01-28 11:48:13 +01:00			`type = "physical";`
manage lewis with nix move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform 2023-12-25 19:22:22 +01:00
improve networking templating and configuration 2024-01-30 22:32:09 +01:00			`nixosModule.lab = {`
remove dataHost option improve certificate directory structure 2024-01-31 22:11:28 +01:00			`backups.enable = true;`
			`data-sharing.enable = true;`
			`networking.dmz.allowConnectivity = true;`
manage lewis with nix move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform 2023-12-25 19:22:22 +01:00
improve networking templating and configuration 2024-01-30 22:32:09 +01:00			`storage = {`
			`osDisk = "/dev/sda";`
			`dataPartition = "/dev/nvme0n1p1";`
			`};`
copy microvm config 2024-01-17 21:28:15 +01:00
improve networking templating and configuration 2024-01-30 22:32:09 +01:00			`ssh = {`
			`useCertificates = true;`
remove dataHost option improve certificate directory structure 2024-01-31 22:11:28 +01:00			`hostCert = builtins.readFile ./certificates/lewis/host_ed25519.crt;`
			`userCert = builtins.readFile ./certificates/lewis/user_ed25519.crt;`
manage lewis with nix move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform 2023-12-25 19:22:22 +01:00			`};`
integrate VM definitions 2024-01-28 11:48:13 +01:00			`};`
			`};`
manage lewis with nix move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform 2023-12-25 19:22:22 +01:00
create shadow docker swarm 2024-02-06 22:03:25 +01:00			`# TODO: make leases persistent!`
add vm working with dhcp+dns 2024-01-29 22:21:15 +01:00			`hermes = {`
			`type = "virtual";`
			`hypervisorName = "lewis";`
improve networking templating and configuration 2024-01-30 22:32:09 +01:00
			`nixosModule = { config, ... }: {`
add vm working with dhcp+dns 2024-01-29 22:21:15 +01:00			`lab = {`
change networking config structuring 2024-01-31 21:58:23 +01:00			`networking.dmz.services.enable = true;`
improve networking templating and configuration 2024-01-30 22:32:09 +01:00
			`vm = {`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00			`# TODO: would be cool to create a check that a mac address is only ever assigned to one VM.`
add ip and mac arithmatic functions calculate vm mac addresses 2024-02-01 22:57:18 +01:00			`id = 7;`
improve networking templating and configuration 2024-01-30 22:32:09 +01:00			`staticNetworking = true;`
change networking config structuring 2024-01-31 21:58:23 +01:00			`staticIPv4 = config.lab.networking.dmz.ipv4.services;`
			`staticIPv6 = config.lab.networking.dmz.ipv6.services;`
modularize docker swarm config 2024-02-07 23:15:48 +01:00
			`shares = [{`
			`name = "dnsmasq";`
			`mountPoint = "/var/lib/dnsmasq";`
			`}];`
improve networking templating and configuration 2024-01-30 22:32:09 +01:00			`};`
add vm working with dhcp+dns 2024-01-29 22:21:15 +01:00			`};`
			`};`
			`};`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00
manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`maestro = {`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00			`type = "virtual";`
create shadow docker swarm 2024-02-06 22:03:25 +01:00			`hypervisorName = "atlas";`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00
manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`nixosModule = { config, ... }: {`
			`microvm.balloonMem = 7680;`

modularize docker swarm config 2024-02-07 23:15:48 +01:00			`lab = {`
			`dockerSwarm.enable = true;`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00
modularize docker swarm config 2024-02-07 23:15:48 +01:00			`vm = {`
			`id = 1;`
			`};`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00			`};`
			`};`
			`};`

manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`bancomart = {`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00			`type = "virtual";`
create shadow docker swarm 2024-02-06 22:03:25 +01:00			`hypervisorName = "jefke";`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00
manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`nixosModule = {`
			`microvm.balloonMem = 7680;`

modularize docker swarm config 2024-02-07 23:15:48 +01:00			`lab = {`
			`dockerSwarm.enable = true;`
			`vm.id = 2;`
create shadow docker swarm 2024-02-06 22:03:25 +01:00			`};`
			`};`
			`};`

manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`vpay = {`
create shadow docker swarm 2024-02-06 22:03:25 +01:00			`type = "virtual";`
			`hypervisorName = "lewis";`

manage vcpus and memory of VMs fix kitchenowl connectivity 2024-02-08 23:44:36 +01:00			`nixosModule = {`
			`microvm.balloonMem = 5632;`

modularize docker swarm config 2024-02-07 23:15:48 +01:00			`lab = {`
			`dockerSwarm.enable = true;`
			`vm.id = 3;`
add two nixos-managed VMs for docker swarm change docker swarm ansible to target these vms 2024-02-04 17:16:41 +01:00			`};`
			`};`
			`};`
create helpers for creating nixos system and deploy nodes move machine definitions to separate directory 2023-11-15 13:06:59 +01:00			`}`