home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions
nixos-servers/flake.nix

158 lines
5 KiB
Nix
Raw Blame History

{
description = "NixOS definitions for our physical servers";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
deploy-rs.url = "github:serokell/deploy-rs";
kubenix = {
url = "github:hall/kubenix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
dns = {
url = "github:kirelagin/dns.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
microvm = {
url = "github:astro/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
{ self, nixpkgs, deploy-rs, disko, agenix, kubenix, nixpkgs-unstable, dns, microvm, ... }:
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
lib = pkgs.lib;
pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
machines = import ./nixos/machines;
# TODO: Maybe use mergeAttrLists
mkNixosSystems = systemDef:
nixpkgs.lib.foldlAttrs
(acc: name: machine:
acc // {
"${name}" = nixpkgs.lib.nixosSystem (systemDef machine);
})
{ }
machines;
mkDeployNodes = nodeDef:
nixpkgs.lib.foldlAttrs
(acc: name: machine: acc // { "${name}" = nodeDef machine; })
{ }
machines;
in
{
devShells.${system}.default = pkgs.mkShell {
packages = with pkgs; [
libsecret
# TODO: using nixos-anywhere from nixos-unstable produces buffer overflow.
# Related to this issue: https://github.com/nix-community/nixos-anywhere/issues/242
# Should wait until this is merged in nixos-unstable.
# pkgs-unstable.nixos-anywhere
pkgs-unstable.deploy-rs
openssl
postgresql_15
opentofu
cdrtools
kubectl
ansible
];
};
formatter.${system} = pkgs.nixfmt;
nixosConfigurations = mkNixosSystems (machine: {
inherit system;
specialArgs = { inherit kubenix dns; };
modules = [
microvm.nixosModules.host
machine.nixosModule
disko.nixosModules.disko
agenix.nixosModules.default
./nixos
{ networking.hostName = machine.name; }
];
});
deploy = {
sshUser = "root";
user = "root";
nodes = mkDeployNodes (machine: {
hostname = machine.hostName;
profiles.system = {
path = deploy-rs.lib.${system}.activate.nixos
self.nixosConfigurations.${machine.name};
};
});
};
checks = builtins.mapAttrs
(system: deployLib: deployLib.deployChecks self.deploy)
deploy-rs.lib;
apps.${system} =
let
hostNames = builtins.concatStringsSep " " (builtins.map (host: "\"${host.config.networking.fqdn}\"") (builtins.attrValues self.nixosConfigurations));
in
{
reboot-all-vms =
let
reboot-all-vms = pkgs.writeScriptBin "reboot-all-vms" ''
hostNames=(${hostNames})
for hostName in ''${hostNames[@]}; do
units=$(${pkgs.openssh}/bin/ssh root@$hostName systemctl list-units --all)
microvmUnits=$(${pkgs.coreutils}/bin/echo "$units" | ${pkgs.gnugrep}/bin/grep 'microvm@.*\.service' | ${pkgs.gawkInteractive}/bin/awk '{print $1}')
if [ -n "$microvmUnits" ]; then
for microvmUnit in "$microvmUnits"; do
${pkgs.coreutils}/bin/echo "Restarting $microvmUnit on $hostName"
${pkgs.openssh}/bin/ssh root@$hostName systemctl restart "$microvmUnit"
done
fi
done
'';
in
{
type = "app";
program = "${reboot-all-vms}/bin/reboot-all-vms";
};
reboot-vm =
let
reboot-vm = pkgs.writeScriptBin "reboot-vm" ''
if [ -z "$1" ]; then
${pkgs.coreutils}/bin/echo "Please provide a VM name!"
exit 1
fi
hostNames=(${hostNames})
unitName="microvm@$1.service"
for hostName in ''${hostNames[@]}; do
units=$(${pkgs.openssh}/bin/ssh root@$hostName systemctl list-units --all)
if [[ "''${units[@]}" =~ "$unitName" ]]; then
${pkgs.coreutils}/bin/echo "Restarting $unitName on $hostName"
${pkgs.openssh}/bin/ssh root@$hostName systemctl restart "$unitName"
fi
done
'';
in
{
type = "app";
program = "${reboot-vm}/bin/reboot-vm";
};
};
};
}
Reference in a new issue View git blame Copy permalink