home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions
nixos-servers/nixos/machines/default.nix

201 lines
4.7 KiB
Nix
Raw Blame History

{
atlas = {
type = "physical";
nixosModule.lab = {
storage = {
osDisk = "/dev/sda";
dataPartition = "/dev/nvme0n1p1";
};
ssh = {
useCertificates = true;
hostCert = builtins.readFile ./certificates/atlas/host_ed25519.crt;
userCert = builtins.readFile ./certificates/atlas/user_ed25519.crt;
};
};
};
jefke = {
type = "physical";
nixosModule = {
lab = {
terraformDatabase.enable = true;
storage = {
osDisk = "/dev/sda";
dataPartition = "/dev/nvme0n1p1";
};
ssh = {
useCertificates = true;
hostCert = builtins.readFile ./certificates/jefke/host_ed25519.crt;
userCert = builtins.readFile ./certificates/jefke/user_ed25519.crt;
};
};
};
};
lewis = {
type = "physical";
nixosModule.lab = {
backups.enable = true;
data-sharing.enable = true;
networking.dmz.allowConnectivity = true;
storage = {
osDisk = "/dev/sda";
dataPartition = "/dev/nvme0n1p1";
};
ssh = {
useCertificates = true;
hostCert = builtins.readFile ./certificates/lewis/host_ed25519.crt;
userCert = builtins.readFile ./certificates/lewis/user_ed25519.crt;
};
};
};
# TODO: make leases persistent!
hermes = {
type = "virtual";
hypervisorName = "lewis";
nixosModule = { config, ... }: {
lab = {
networking.dmz.services.enable = true;
vm = {
# TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
id = 7;
staticNetworking = true;
staticIPv4 = config.lab.networking.dmz.ipv4.services;
staticIPv6 = config.lab.networking.dmz.ipv6.services;
};
};
microvm.shares = [{
source = "/data/vm_shares/${config.networking.hostName}/dnsmasq";
mountPoint = "/var/lib/dnsmasq";
tag = "dnsmasq";
proto = "virtiofs";
socket = "dnsmasq.sock";
}];
};
};
maestro2 = {
type = "virtual";
hypervisorName = "atlas";
nixosModule = { pkgs, lib, config, ... }: {
lab.vm = {
id = 1;
staticNetworking = true;
staticIPv4 = "192.168.30.42";
staticIPv6 = "2a0d:6e00:1a77:30::42";
};
microvm.shares = [{
source = "/data/vm_shares/${config.networking.hostName}/docker_swarm";
mountPoint = "/var/lib/docker/swarm";
tag = "docker_swarm";
proto = "virtiofs";
socket = "docker_swarm.sock";
}];
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.docker = {
enable = true;
liveRestore = false;
};
environment.systemPackages = with pkgs; [
(python311.withPackages (python-pkgs: [
python-pkgs.docker
python-pkgs.requests
python-pkgs.jsondiff
python-pkgs.pyyaml
]))
];
};
};
bancomart2 = {
type = "virtual";
hypervisorName = "jefke";
nixosModule = { pkgs, lib, config, ... }: {
lab.vm.id = 2;
microvm.shares = [{
source = "/data/vm_shares/${config.networking.hostName}/docker_swarm";
mountPoint = "/var/lib/docker/swarm";
tag = "docker_swarm";
proto = "virtiofs";
socket = "docker_swarm.sock";
}];
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.docker = {
enable = true;
liveRestore = false;
};
environment.systemPackages = with pkgs; [
(python311.withPackages (python-pkgs: [
python-pkgs.docker
python-pkgs.requests
python-pkgs.jsondiff
python-pkgs.pyyaml
]))
];
};
};
vpay2 = {
type = "virtual";
hypervisorName = "lewis";
nixosModule = { pkgs, lib, config, ... }: {
lab.vm.id = 3;
microvm.shares = [{
source = "/data/vm_shares/${config.networking.hostName}/docker_swarm";
mountPoint = "/var/lib/docker/swarm";
tag = "docker_swarm";
proto = "virtiofs";
socket = "docker_swarm.sock";
}];
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.docker = {
enable = true;
liveRestore = false;
};
environment.systemPackages = with pkgs; [
(python311.withPackages (python-pkgs: [
python-pkgs.docker
python-pkgs.requests
python-pkgs.jsondiff
python-pkgs.pyyaml
]))
];
};
};
}
Reference in a new issue View git blame Copy permalink