WIP: remove kubernetes deployments

2024-09-07 12:39:30 +02:00 · 2024-09-07 12:39:30 +02:00 · a335dd4120
commit a335dd4120
parent c55b0752e7
11 changed files with 1576 additions and 0 deletions
--- a/flake-parts/machines/atlas.nix
+++ b/flake-parts/machines/atlas.nix
@ -0,0 +1,16 @@
+{
+  machines.atlas = {
+    arch = "x86_64-linux";
+    kubernetesNodeLabels.storageType = "slow";
+
+    nixosModule.lab = {
+      storage.profile = "kubernetes";
+      tailscale.enable = true;
+
+      k3s = {
+        enable = true;
+        serverAddr = "https://jefke.dmz:6443";
+      };
+    };
+  };
+}
--- a/flake-parts/machines/default.nix
+++ b/flake-parts/machines/default.nix
@ -0,0 +1,59 @@
+{ nixpkgs, flake-utils, ... }: flake-utils.lib.eachDefaultSystem (system:
+let
+  pkgs = nixpkgs.legacyPackages.${system};
+  lib = pkgs.lib;
+
+  machineOpts = { config, ... }: {
+    options = {
+      arch = lib.mkOption {
+        default = null;
+        type = with lib.types; nullOr str;
+        description = ''
+          CPU architecture of this machine.
+        '';
+      };
+
+      isRaspberryPi = lib.mkOption {
+        default = false;
+        type = lib.types.bool;
+      };
+
+      nixosModule = lib.mkOption {
+        default = { ... }: { };
+        type = lib.types.anything;
+        description = ''
+          Customized configuration for this machine in the form of a NixOS module.
+        '';
+      };
+
+      kubernetesNodeLabels = lib.mkOption {
+        default = null;
+        type = with lib.types; nullOr attrs;
+        description = ''
+          Any labels to add to the Kubernetes node.
+        '';
+      };
+    };
+  };
+
+  allOpts = {
+    options = {
+      machines = lib.mkOption {
+        type = with lib.types; attrsOf (submodule machineOpts);
+      };
+    };
+  };
+in
+{
+  machines = (lib.modules.evalModules {
+    modules = [
+      allOpts
+      ./warwick.nix
+      ./atlas.nix
+      ./jefke.nix
+      ./lewis.nix
+      # ./talos.nix
+      # ./pikvm.nix
+    ];
+  }).config.machines;
+})
--- a/flake-parts/machines/jefke.nix
+++ b/flake-parts/machines/jefke.nix
@ -0,0 +1,16 @@
+{
+  machines.jefke = {
+    arch = "x86_64-linux";
+    kubernetesNodeLabels.storageType = "fast";
+
+    nixosModule.lab = {
+      storage.profile = "kubernetes";
+      tailscale.enable = true;
+
+      k3s = {
+        enable = true;
+        clusterInit = true;
+      };
+    };
+  };
+}
--- a/flake-parts/machines/lewis.nix
+++ b/flake-parts/machines/lewis.nix
@ -0,0 +1,23 @@
+{
+  machines.lewis = {
+    arch = "x86_64-linux";
+    kubernetesNodeLabels = {
+      storageType = "fast";
+      hasMedia = "true";
+    };
+
+    nixosModule = {
+      lab = {
+        storage.profile = "kubernetes";
+        backups.enable = true;
+        data-sharing.enable = true;
+        tailscale.enable = true;
+
+        k3s = {
+          enable = true;
+          serverAddr = "https://jefke.dmz:6443";
+        };
+      };
+    };
+  };
+}
--- a/flake-parts/machines/pikvm.nix
+++ b/flake-parts/machines/pikvm.nix
@ -0,0 +1,23 @@
+{
+  machines.pikvm = {
+    arch = "aarch64-linux";
+    isRaspberryPi = true;
+
+    nixosModule = { config, inputs, lib, ... }: {
+      # imports = [ "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" ];
+      lab = {
+        storage.profile = "pi";
+      };
+
+      environment.systemPackages = with inputs.nixpkgs.legacyPackages.aarch64-linux; [
+        (mplayer.override {
+          v4lSupport = true;
+        })
+        ffmpeg
+        v4l-utils
+      ];
+
+      boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
+    };
+  };
+}
--- a/flake-parts/machines/talos.nix
+++ b/flake-parts/machines/talos.nix
@ -0,0 +1,11 @@
+{
+  machines.talos = {
+    arch = "x86_64-linux";
+
+    nixosModule = { lib, ... }: {
+      lab.storage.profile = "normal";
+
+      # boot.loader.systemd-boot.enable = lib.mkForce false;
+    };
+  };
+}
--- a/flake-parts/machines/warwick.nix
+++ b/flake-parts/machines/warwick.nix
@ -0,0 +1,18 @@
+{
+  machines.warwick = {
+    arch = "aarch64-linux";
+    isRaspberryPi = true;
+
+    nixosModule = { lib, ... }: {
+      lab = {
+        storage.profile = "pi";
+        monitoring.server.enable = true;
+
+        tailscale = {
+          advertiseExitNode = true;
+          enable = true;
+        };
+      };
+    };
+  };
+}
--- a/flake-parts/utils/default.nix
+++ b/flake-parts/utils/default.nix
@ -0,0 +1,20 @@
+{ nixpkgs, flake-utils, ... }:
+
+let
+  systemAttrs = flake-utils.lib.eachDefaultSystem (system:
+    let
+      pkgs = nixpkgs.legacypackages.${system};
+      lib = pkgs.lib;
+    in
+    {
+      net = import ./net.nix lib;
+    });
+
+  nonSystemAttrs = rec {
+    globals = import ./globals.nix;
+    imagePath = name: "nix:0${globals.imageDir}/${name}.tar";
+  };
+
+  allAttrs = systemAttrs // nonSystemAttrs;
+in
+allAttrs
--- a/flake-parts/utils/globals.nix
+++ b/flake-parts/utils/globals.nix
@ -0,0 +1,65 @@
+{
+  routerPublicIPv4 = "192.145.57.90";
+  routerPublicIPv6 = "2a0d:6e00:1a77::1";
+  bind9Ipv6 = "2a0d:6e00:1a77:30::134";
+
+  # Load balancer IPv4
+  traefikIPv4 = "192.168.30.128";
+  kmsIPv4 = "192.168.30.129";
+  inbucketIPv4 = "192.168.30.130";
+  piholeIPv4 = "192.168.30.131";
+  gitIPv4 = "192.168.30.132";
+  transmissionIPv4 = "192.168.30.133";
+  bind9IPv4 = "192.168.30.134";
+  dnsmasqIPv4 = "192.168.30.135";
+  minecraftIPv4 = "192.168.30.136";
+  jellyseerrIPv4 = "192.168.30.137";
+  syncthingIPv4 = "192.168.30.138";
+  longhornIPv4 = "192.168.30.139";
+  radarrIPv4 = "192.168.30.140";
+  prowlarrIPv4 = "192.168.30.141";
+  sonarrIPv4 = "192.168.30.142";
+  bazarrIPv4 = "192.168.30.143";
+  paperlessIPv4 = "192.168.30.144";
+  radicaleIPv4 = "192.168.30.145";
+  freshrssIPv4 = "192.168.30.146";
+  immichIPv4 = "192.168.30.147";
+  nextcloudIPv4 = "192.168.30.148";
+
+  imageDir = "/var/docker_images";
+
+  images = {
+    jellyfin = "jellyfin/jellyfin:10.9.9";
+    deluge = "linuxserver/deluge:2.1.1";
+    jellyseerr = "fallenbagel/jellyseerr:1.9.2";
+    radarr = "lscr.io/linuxserver/radarr:5.9.1";
+    prowlarr = "lscr.io/linuxserver/prowlarr:1.21.2";
+    sonarr = "lscr.io/linuxserver/sonarr:4.0.8";
+    bazarr = "lscr.io/linuxserver/bazarr:1.4.3";
+    atuin = "ghcr.io/atuinsh/atuin:18.3.0";
+    postgres14 = "postgres:14";
+    kms = "teddysun/kms:latest";
+    paperless = "ghcr.io/paperless-ngx/paperless-ngx:2.11.6";
+    redis7 = "docker.io/library/redis:7";
+    nextcloud = "nextcloud:29.0.5";
+    postgres15 = "postgres:15";
+    inbucket = "inbucket/inbucket:edge";
+    syncthing = "lscr.io/linuxserver/syncthing:1.27.10";
+    radicale = "tomsquest/docker-radicale:3.2.3.0";
+    ntfy = "binwiederhier/ntfy:v2.11.0";
+    forgejo = "codeberg.org/forgejo/forgejo:8.0.1";
+    pihole = "pihole/pihole:2024.07.0";
+    immich = "ghcr.io/immich-app/immich-server:v1.114.0";
+    immich-machine-learning = "ghcr.io/immich-app/immich-machine-learning:v1.114.0";
+    immich-redis = "docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e";
+    immich-postgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0";
+    kitchenowl = "tombursch/kitchenowl:v0.5.2";
+    cyberchef = "mpepping/cyberchef:latest";
+    freshrss = "freshrss/freshrss:1.24.3";
+    bind9 = "ubuntu/bind9:9.18-22.04_beta";
+    dnsmasq = "dockurr/dnsmasq:2.90";
+    attic = "git.kun.is/home/atticd:fd910d91c2143295e959d2c903e9ea25cf94ba27";
+    hedgedoc = "quay.io/hedgedoc/hedgedoc:1.9.9";
+    minecraft = "itzg/minecraft-server:latest";
+  };
+}
--- a/flake-parts/utils/net.nix
+++ b/flake-parts/utils/net.nix
--- a/flake.nix
+++ b/flake.nix
@ -70,6 +70,8 @@
      ./flake-parts/nixos.nix
      ./flake-parts/kubenix.nix
      ./flake-parts/shell.nix
+      ./flake-parts/utils
+      ./flake-parts/machines
    ] // (flake-utils.lib.eachDefaultSystem (system: {
      formatter = nixpkgs.legacyPackages.${system}.nixfmt;
    }));