From 371b851ca53393fcbaf74247a5269f0bd414c48e Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sun, 28 Jan 2024 12:30:13 +0100 Subject: [PATCH] create shared entrypoint nixos config for physical and vm --- flake.nix | 4 ++-- nix/shared.nix => nixos/default.nix | 6 ++++-- {nix => nixos}/lab.nix | 0 {nix => nixos}/machines/atlas_host_ed25519-cert.pub | 0 {nix => nixos}/machines/atlas_user_ed25519-cert.pub | 0 {nix => nixos}/machines/default.nix | 2 +- {nix => nixos}/machines/jefke_host_ed25519-cert.pub | 0 {nix => nixos}/machines/jefke_user_ed25519-cert.pub | 0 {nix => nixos}/machines/lewis_host_ed25519-cert.pub | 0 {nix => nixos}/machines/lewis_user_ed25519-cert.pub | 0 {nix => nixos}/modules/backups.nix | 0 {nix => nixos}/modules/data-sharing.nix | 0 {nix => nixos}/modules/default.nix | 0 {nix => nixos}/modules/k3s/bootstrap.nix | 0 {nix => nixos}/modules/k3s/default.nix | 0 {nix => nixos}/modules/networking/default.nix | 0 {nix => nixos}/modules/networking/dmz/default.nix | 0 {nix => nixos}/modules/networking/dmz/dnsmasq.nix | 0 .../modules/networking/dmz/zones/geokunis2.nl.nix | 0 .../modules/networking/dmz/zones/kun.is.nix | 0 {nix => nixos}/modules/ssh-certificates.nix | 0 {nix => nixos}/modules/storage.nix | 0 .../modules/terraform-database/default.nix | 0 .../terraform-database/postgresql_server.crt | 0 {nix => nixos}/physical.nix | 3 +-- {nix => nixos}/secrets/README.md | 0 {nix => nixos}/secrets/atlas_host_ed25519.age | Bin {nix => nixos}/secrets/atlas_user_ed25519.age | Bin {nix => nixos}/secrets/borg_passphrase.age | 0 {nix => nixos}/secrets/database_passwords.env.age | 0 {nix => nixos}/secrets/ec2_borg_server.pem.age | Bin {nix => nixos}/secrets/jefke_host_ed25519.age | Bin {nix => nixos}/secrets/jefke_user_ed25519.age | Bin {nix => nixos}/secrets/lewis_host_ed25519.age | Bin {nix => nixos}/secrets/lewis_user_ed25519.age | Bin {nix => nixos}/secrets/postgresql_server.key.age | Bin {nix => nixos}/secrets/secrets.nix | 0 {nix => nixos}/virtual.nix | 2 -- 38 files changed, 8 insertions(+), 9 deletions(-) rename nix/shared.nix => nixos/default.nix (91%) rename {nix => nixos}/lab.nix (100%) rename {nix => nixos}/machines/atlas_host_ed25519-cert.pub (100%) rename {nix => nixos}/machines/atlas_user_ed25519-cert.pub (100%) rename {nix => nixos}/machines/default.nix (96%) rename {nix => nixos}/machines/jefke_host_ed25519-cert.pub (100%) rename {nix => nixos}/machines/jefke_user_ed25519-cert.pub (100%) rename {nix => nixos}/machines/lewis_host_ed25519-cert.pub (100%) rename {nix => nixos}/machines/lewis_user_ed25519-cert.pub (100%) rename {nix => nixos}/modules/backups.nix (100%) rename {nix => nixos}/modules/data-sharing.nix (100%) rename {nix => nixos}/modules/default.nix (100%) rename {nix => nixos}/modules/k3s/bootstrap.nix (100%) rename {nix => nixos}/modules/k3s/default.nix (100%) rename {nix => nixos}/modules/networking/default.nix (100%) rename {nix => nixos}/modules/networking/dmz/default.nix (100%) rename {nix => nixos}/modules/networking/dmz/dnsmasq.nix (100%) rename {nix => nixos}/modules/networking/dmz/zones/geokunis2.nl.nix (100%) rename {nix => nixos}/modules/networking/dmz/zones/kun.is.nix (100%) rename {nix => nixos}/modules/ssh-certificates.nix (100%) rename {nix => nixos}/modules/storage.nix (100%) rename {nix => nixos}/modules/terraform-database/default.nix (100%) rename {nix => nixos}/modules/terraform-database/postgresql_server.crt (100%) rename {nix => nixos}/physical.nix (97%) rename {nix => nixos}/secrets/README.md (100%) rename {nix => nixos}/secrets/atlas_host_ed25519.age (100%) rename {nix => nixos}/secrets/atlas_user_ed25519.age (100%) rename {nix => nixos}/secrets/borg_passphrase.age (100%) rename {nix => nixos}/secrets/database_passwords.env.age (100%) rename {nix => nixos}/secrets/ec2_borg_server.pem.age (100%) rename {nix => nixos}/secrets/jefke_host_ed25519.age (100%) rename {nix => nixos}/secrets/jefke_user_ed25519.age (100%) rename {nix => nixos}/secrets/lewis_host_ed25519.age (100%) rename {nix => nixos}/secrets/lewis_user_ed25519.age (100%) rename {nix => nixos}/secrets/postgresql_server.key.age (100%) rename {nix => nixos}/secrets/secrets.nix (100%) rename {nix => nixos}/virtual.nix (95%) diff --git a/flake.nix b/flake.nix index be3e5bd..61bb6b3 100644 --- a/flake.nix +++ b/flake.nix @@ -38,7 +38,7 @@ pkgs = nixpkgs.legacyPackages.${system}; lib = pkgs.lib; pkgs-unstable = nixpkgs-unstable.legacyPackages.${system}; - machines = import ./nix/machines; + machines = import ./nixos/machines; physicalMachines = lib.filterAttrs (n: v: v.type == "physical") machines; # TODO: Maybe use mergeAttrLists mkNixosSystems = systemDef: @@ -78,7 +78,7 @@ nixosConfigurations = mkNixosSystems (machine: { inherit system; specialArgs = { inherit machines machine kubenix dns microvm disko agenix; }; - modules = [ ./nix/physical.nix ]; + modules = [ ./nixos ]; }); deploy = { diff --git a/nix/shared.nix b/nixos/default.nix similarity index 91% rename from nix/shared.nix rename to nixos/default.nix index 890f3c9..4b145e3 100644 --- a/nix/shared.nix +++ b/nixos/default.nix @@ -1,11 +1,13 @@ -{ pkgs, machine, disko, agenix, ... }: { +{ pkgs, lib, machine, disko, agenix, ... }: { imports = [ ./modules ./lab.nix machine.nixosModule disko.nixosModules.disko agenix.nixosModules.default - ]; + ] + ++ lib.lists.optional (machine.type == "physical") ./physical.nix + ++ lib.lists.optional (machine.type == "virtual") ./virtual.nix; config = { time.timeZone = "Europe/Amsterdam"; diff --git a/nix/lab.nix b/nixos/lab.nix similarity index 100% rename from nix/lab.nix rename to nixos/lab.nix diff --git a/nix/machines/atlas_host_ed25519-cert.pub b/nixos/machines/atlas_host_ed25519-cert.pub similarity index 100% rename from nix/machines/atlas_host_ed25519-cert.pub rename to nixos/machines/atlas_host_ed25519-cert.pub diff --git a/nix/machines/atlas_user_ed25519-cert.pub b/nixos/machines/atlas_user_ed25519-cert.pub similarity index 100% rename from nix/machines/atlas_user_ed25519-cert.pub rename to nixos/machines/atlas_user_ed25519-cert.pub diff --git a/nix/machines/default.nix b/nixos/machines/default.nix similarity index 96% rename from nix/machines/default.nix rename to nixos/machines/default.nix index c64dd60..50cd21a 100644 --- a/nix/machines/default.nix +++ b/nixos/machines/default.nix @@ -83,7 +83,7 @@ nixosModule = { pkgs, config, ... }: { programs.bash.interactiveShellInit = '' - echo "Hello world from inside a virtual machine!" | ${pkgs.lolcat}/bin/lolcat + echo "Hello world from inside a virtual machine!!" | ${pkgs.lolcat}/bin/lolcat ''; lab.vmMacAddress = "BA:DB:EE:F0:00:00"; diff --git a/nix/machines/jefke_host_ed25519-cert.pub b/nixos/machines/jefke_host_ed25519-cert.pub similarity index 100% rename from nix/machines/jefke_host_ed25519-cert.pub rename to nixos/machines/jefke_host_ed25519-cert.pub diff --git a/nix/machines/jefke_user_ed25519-cert.pub b/nixos/machines/jefke_user_ed25519-cert.pub similarity index 100% rename from nix/machines/jefke_user_ed25519-cert.pub rename to nixos/machines/jefke_user_ed25519-cert.pub diff --git a/nix/machines/lewis_host_ed25519-cert.pub b/nixos/machines/lewis_host_ed25519-cert.pub similarity index 100% rename from nix/machines/lewis_host_ed25519-cert.pub rename to nixos/machines/lewis_host_ed25519-cert.pub diff --git a/nix/machines/lewis_user_ed25519-cert.pub b/nixos/machines/lewis_user_ed25519-cert.pub similarity index 100% rename from nix/machines/lewis_user_ed25519-cert.pub rename to nixos/machines/lewis_user_ed25519-cert.pub diff --git a/nix/modules/backups.nix b/nixos/modules/backups.nix similarity index 100% rename from nix/modules/backups.nix rename to nixos/modules/backups.nix diff --git a/nix/modules/data-sharing.nix b/nixos/modules/data-sharing.nix similarity index 100% rename from nix/modules/data-sharing.nix rename to nixos/modules/data-sharing.nix diff --git a/nix/modules/default.nix b/nixos/modules/default.nix similarity index 100% rename from nix/modules/default.nix rename to nixos/modules/default.nix diff --git a/nix/modules/k3s/bootstrap.nix b/nixos/modules/k3s/bootstrap.nix similarity index 100% rename from nix/modules/k3s/bootstrap.nix rename to nixos/modules/k3s/bootstrap.nix diff --git a/nix/modules/k3s/default.nix b/nixos/modules/k3s/default.nix similarity index 100% rename from nix/modules/k3s/default.nix rename to nixos/modules/k3s/default.nix diff --git a/nix/modules/networking/default.nix b/nixos/modules/networking/default.nix similarity index 100% rename from nix/modules/networking/default.nix rename to nixos/modules/networking/default.nix diff --git a/nix/modules/networking/dmz/default.nix b/nixos/modules/networking/dmz/default.nix similarity index 100% rename from nix/modules/networking/dmz/default.nix rename to nixos/modules/networking/dmz/default.nix diff --git a/nix/modules/networking/dmz/dnsmasq.nix b/nixos/modules/networking/dmz/dnsmasq.nix similarity index 100% rename from nix/modules/networking/dmz/dnsmasq.nix rename to nixos/modules/networking/dmz/dnsmasq.nix diff --git a/nix/modules/networking/dmz/zones/geokunis2.nl.nix b/nixos/modules/networking/dmz/zones/geokunis2.nl.nix similarity index 100% rename from nix/modules/networking/dmz/zones/geokunis2.nl.nix rename to nixos/modules/networking/dmz/zones/geokunis2.nl.nix diff --git a/nix/modules/networking/dmz/zones/kun.is.nix b/nixos/modules/networking/dmz/zones/kun.is.nix similarity index 100% rename from nix/modules/networking/dmz/zones/kun.is.nix rename to nixos/modules/networking/dmz/zones/kun.is.nix diff --git a/nix/modules/ssh-certificates.nix b/nixos/modules/ssh-certificates.nix similarity index 100% rename from nix/modules/ssh-certificates.nix rename to nixos/modules/ssh-certificates.nix diff --git a/nix/modules/storage.nix b/nixos/modules/storage.nix similarity index 100% rename from nix/modules/storage.nix rename to nixos/modules/storage.nix diff --git a/nix/modules/terraform-database/default.nix b/nixos/modules/terraform-database/default.nix similarity index 100% rename from nix/modules/terraform-database/default.nix rename to nixos/modules/terraform-database/default.nix diff --git a/nix/modules/terraform-database/postgresql_server.crt b/nixos/modules/terraform-database/postgresql_server.crt similarity index 100% rename from nix/modules/terraform-database/postgresql_server.crt rename to nixos/modules/terraform-database/postgresql_server.crt diff --git a/nix/physical.nix b/nixos/physical.nix similarity index 97% rename from nix/physical.nix rename to nixos/physical.nix index aac1776..8ee2bbc 100644 --- a/nix/physical.nix +++ b/nixos/physical.nix @@ -2,7 +2,6 @@ imports = [ (modulesPath + "/installer/scan/not-detected.nix") microvm.nixosModules.host - ./shared.nix ]; config = { @@ -69,7 +68,7 @@ specialArgs = { inherit agenix disko pkgs lib microvm; machine = vm; hypervisorConfig = config; }; config = { imports = [ - ./virtual.nix + ./. ]; }; }; diff --git a/nix/secrets/README.md b/nixos/secrets/README.md similarity index 100% rename from nix/secrets/README.md rename to nixos/secrets/README.md diff --git a/nix/secrets/atlas_host_ed25519.age b/nixos/secrets/atlas_host_ed25519.age similarity index 100% rename from nix/secrets/atlas_host_ed25519.age rename to nixos/secrets/atlas_host_ed25519.age diff --git a/nix/secrets/atlas_user_ed25519.age b/nixos/secrets/atlas_user_ed25519.age similarity index 100% rename from nix/secrets/atlas_user_ed25519.age rename to nixos/secrets/atlas_user_ed25519.age diff --git a/nix/secrets/borg_passphrase.age b/nixos/secrets/borg_passphrase.age similarity index 100% rename from nix/secrets/borg_passphrase.age rename to nixos/secrets/borg_passphrase.age diff --git a/nix/secrets/database_passwords.env.age b/nixos/secrets/database_passwords.env.age similarity index 100% rename from nix/secrets/database_passwords.env.age rename to nixos/secrets/database_passwords.env.age diff --git a/nix/secrets/ec2_borg_server.pem.age b/nixos/secrets/ec2_borg_server.pem.age similarity index 100% rename from nix/secrets/ec2_borg_server.pem.age rename to nixos/secrets/ec2_borg_server.pem.age diff --git a/nix/secrets/jefke_host_ed25519.age b/nixos/secrets/jefke_host_ed25519.age similarity index 100% rename from nix/secrets/jefke_host_ed25519.age rename to nixos/secrets/jefke_host_ed25519.age diff --git a/nix/secrets/jefke_user_ed25519.age b/nixos/secrets/jefke_user_ed25519.age similarity index 100% rename from nix/secrets/jefke_user_ed25519.age rename to nixos/secrets/jefke_user_ed25519.age diff --git a/nix/secrets/lewis_host_ed25519.age b/nixos/secrets/lewis_host_ed25519.age similarity index 100% rename from nix/secrets/lewis_host_ed25519.age rename to nixos/secrets/lewis_host_ed25519.age diff --git a/nix/secrets/lewis_user_ed25519.age b/nixos/secrets/lewis_user_ed25519.age similarity index 100% rename from nix/secrets/lewis_user_ed25519.age rename to nixos/secrets/lewis_user_ed25519.age diff --git a/nix/secrets/postgresql_server.key.age b/nixos/secrets/postgresql_server.key.age similarity index 100% rename from nix/secrets/postgresql_server.key.age rename to nixos/secrets/postgresql_server.key.age diff --git a/nix/secrets/secrets.nix b/nixos/secrets/secrets.nix similarity index 100% rename from nix/secrets/secrets.nix rename to nixos/secrets/secrets.nix diff --git a/nix/virtual.nix b/nixos/virtual.nix similarity index 95% rename from nix/virtual.nix rename to nixos/virtual.nix index b1203dc..e08ded9 100644 --- a/nix/virtual.nix +++ b/nixos/virtual.nix @@ -1,6 +1,4 @@ { lib, config, machine, hypervisorConfig, ... }: { - imports = [ ./shared.nix ]; - options.lab.vmMacAddress = lib.mkOption { type = lib.types.str; description = ''