From 41f04732c2f9bbb6b30f8564a0dabb2d1e2565c1 Mon Sep 17 00:00:00 2001 From: June Date: Mon, 27 May 2024 01:43:53 +0200 Subject: [PATCH] Switch from colmena to standard nixosConfigurations Those can then be deployed using for example nixos-rebuild or bij. Also ensure all hosts have an fqdn, where possible, in order for bij to be able to work with them more easily. Tho not really, since for actual deployment one still needs to set the target manually to set usage of the colmena-deploy user. https://git.clerie.de/clerie/bij --- .../audio-hauptraum-kueche/configuration.nix | 1 + .../audio-hauptraum-tafel/configuration.nix | 1 + config/hosts/esphome/configuration.nix | 1 + .../ptouch-print-server/configuration.nix | 5 +- .../public-reverse-proxy/configuration.nix | 5 +- flake.nix | 150 +++++------------- 6 files changed, 54 insertions(+), 109 deletions(-) diff --git a/config/hosts/audio-hauptraum-kueche/configuration.nix b/config/hosts/audio-hauptraum-kueche/configuration.nix index afab440..93a6b53 100644 --- a/config/hosts/audio-hauptraum-kueche/configuration.nix +++ b/config/hosts/audio-hauptraum-kueche/configuration.nix @@ -2,6 +2,7 @@ { networking = { hostName = "audio-hauptraum-kueche"; + domain = "z9.ccchh.net"; }; system.stateVersion = "23.05"; diff --git a/config/hosts/audio-hauptraum-tafel/configuration.nix b/config/hosts/audio-hauptraum-tafel/configuration.nix index d7b128c..2f14d0c 100644 --- a/config/hosts/audio-hauptraum-tafel/configuration.nix +++ b/config/hosts/audio-hauptraum-tafel/configuration.nix @@ -2,6 +2,7 @@ { networking = { hostName = "audio-hauptraum-tafel"; + domain = "z9.ccchh.net"; }; system.stateVersion = "23.05"; diff --git a/config/hosts/esphome/configuration.nix b/config/hosts/esphome/configuration.nix index fc13d89..0ef1dce 100644 --- a/config/hosts/esphome/configuration.nix +++ b/config/hosts/esphome/configuration.nix @@ -2,6 +2,7 @@ { networking = { hostName = "esphome"; + domain = "z9.ccchh.net"; }; system.stateVersion = "23.05"; diff --git a/config/hosts/ptouch-print-server/configuration.nix b/config/hosts/ptouch-print-server/configuration.nix index 1bb1448..33f9681 100644 --- a/config/hosts/ptouch-print-server/configuration.nix +++ b/config/hosts/ptouch-print-server/configuration.nix @@ -1,7 +1,10 @@ { ... }: { - networking.hostName = "ptouch-print-server"; + networking = { + hostName = "ptouch-print-server"; + domain = "z9.ccchh.net"; + }; system.stateVersion = "23.11"; } diff --git a/config/hosts/public-reverse-proxy/configuration.nix b/config/hosts/public-reverse-proxy/configuration.nix index 31aa8e8..a80f516 100644 --- a/config/hosts/public-reverse-proxy/configuration.nix +++ b/config/hosts/public-reverse-proxy/configuration.nix @@ -1,7 +1,10 @@ { config, pkgs, ... }: { - networking.hostName = "public-reverse-proxy"; + networking = { + hostName = "public-reverse-proxy"; + domain = "z9.ccchh.net"; + }; system.stateVersion = "23.05"; } diff --git a/flake.nix b/flake.nix index 8f76279..dd47820 100644 --- a/flake.nix +++ b/flake.nix @@ -25,6 +25,7 @@ outputs = { nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }: let + system = "x86_64-linux"; # Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support. shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: { shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: { @@ -67,82 +68,48 @@ pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux"; in { - colmena = { - meta = { - nixpkgs = nixpkgs.legacyPackages."x86_64-linux"; - nodeNixpkgs = { - audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay; - audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay; - }; - nodeSpecialArgs = { - git = { inherit pkgs-unstable; }; - }; - }; - - audio-hauptraum-kueche = { - deployment = { - targetHost = "audio-hauptraum-kueche.z9.ccchh.net"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "thinkcccluster" ]; - }; - imports = [ + nixosConfigurations = { + audio-hauptraum-kueche = nixpkgs-unstable.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm + { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } ./config/hosts/audio-hauptraum-kueche ]; }; - audio-hauptraum-tafel = { - deployment = { - targetHost = "audio-hauptraum-tafel.z9.ccchh.net"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "thinkcccluster" ]; - }; - imports = [ + audio-hauptraum-tafel = nixpkgs-unstable.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm + { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; } ./config/hosts/audio-hauptraum-tafel ]; }; - esphome = { - deployment = { - targetHost = "esphome.z9.ccchh.net"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "thinkcccluster" ]; - }; - imports = [ + esphome = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm ./config/hosts/esphome ]; }; - public-reverse-proxy = { - deployment = { - targetHost = "public-reverse-proxy.z9.ccchh.net"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "thinkcccluster" ]; - }; - imports = [ + public-reverse-proxy = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm ./config/hosts/public-reverse-proxy ]; }; - netbox = { - deployment = { - targetHost = "netbox-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + netbox = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm sops-nix.nixosModules.sops @@ -150,14 +117,9 @@ ]; }; - matrix = { - deployment = { - targetHost = "matrix-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + matrix = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm sops-nix.nixosModules.sops @@ -165,14 +127,9 @@ ]; }; - public-web-static = { - deployment = { - targetHost = "public-web-static-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + public-web-static = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm sops-nix.nixosModules.sops @@ -180,29 +137,22 @@ ]; }; - git = { - deployment = { - targetHost = "git.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + git = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm sops-nix.nixosModules.sops ./config/hosts/git ]; + specialArgs = { + inherit pkgs-unstable; + }; }; - forgejo-actions-runner = { - deployment = { - targetHost = "forgejo-actions-runner-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + forgejo-actions-runner = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm sops-nix.nixosModules.sops @@ -210,41 +160,27 @@ ]; }; - ptouch-print-server = { - deployment = { - targetHost = "ptouch-print-server.z9.ccchh.net"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "thinkcccluster" ]; - }; - imports = [ + ptouch-print-server = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm ./config/hosts/ptouch-print-server ]; }; - eh22-wiki = { - deployment = { - targetHost = "eh22-wiki-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - tags = [ "chaosknoten" ]; - }; - imports = [ + eh22-wiki = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm ./config/hosts/eh22-wiki ]; }; - nix-box-june = { - deployment = { - targetHost = "nix-box-june-intern.hamburg.ccc.de"; - targetPort = 22; - targetUser = "colmena-deploy"; - }; - imports = [ + nix-box-june = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./config/common ./config/proxmox-vm ./config/hosts/nix-box-june