CCCHH/nix-infra
CCCHH/nix-infra
2
3
Fork 3
Code Issues Pull requests 2 Projects Wiki Activity

Compare commits

base: CCCHH:46e43e51aaca3865ed1eaaff86b3307d00b645cb
Branches Tags
CCCHH:main
CCCHH:ci-check
CCCHH:ci-check-lix
CCCHH:yate
CCCHH:simple-clean-up
CCCHH:nixOptions
CCCHH:spaceapi
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid
..
compare: CCCHH:a7541eefa8fc17ccd72bccd84a0831fea8d18bef
Branches Tags
CCCHH:ci-check
CCCHH:ci-check-lix
CCCHH:main
CCCHH:yate
CCCHH:simple-clean-up
CCCHH:nixOptions
CCCHH:spaceapi
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid

No commits in common. "46e43e51aaca3865ed1eaaff86b3307d00b645cb" and "a7541eefa8fc17ccd72bccd84a0831fea8d18bef" have entirely different histories.
46e43e51aa ... a7541eefa8

10 changed files with 109 additions and 108 deletions
Show stats Expand all files Collapse all files

20
README.md
View file

@ -1,20 +0,0 @@
# nix-infra
nix infrastructure configuration for CCCHH.
For deployment we're using [infra-rebuild](https://git.hamburg.ccc.de/CCCHH/infra-rebuild). \
To easily get a shell with `infra-rebuild` going, use the following command:
```
nix shell git+https://git.hamburg.ccc.de/CCCHH/infra-rebuild#infra-rebuild
```
After that you can simply run the following to deploy e.g. the git and matrix hosts:
```
infra-rebuild switch git matrix
```
By default infra-rebuild tries to use the FQDN from the nixosConfiguration of the host for deployment.
However to override individual parts of the deployment target, a [`deployment_configuration.json`](./deployment_configuration.json) can be used.
This is exactly what we're doing to set the default deployment user to `colmena-deploy` and have custom target hostnames for Chaosknoten hosts, since they don't have an FQDN defined in their nixosConfiguration.

1
config/hosts/audio-hauptraum-kueche/configuration.nix
View file

@ -2,7 +2,6 @@
{
networking = {
hostName = "audio-hauptraum-kueche";
domain = "z9.ccchh.net";
};
system.stateVersion = "23.05";

1
config/hosts/audio-hauptraum-tafel/configuration.nix
View file

@ -2,7 +2,6 @@
{
networking = {
hostName = "audio-hauptraum-tafel";
domain = "z9.ccchh.net";
};
system.stateVersion = "23.05";

1
config/hosts/esphome/configuration.nix
View file

@ -2,7 +2,6 @@
{
networking = {
hostName = "esphome";
domain = "z9.ccchh.net";
};
system.stateVersion = "23.05";

1
config/hosts/nix-box-june/default.nix
View file

@ -3,7 +3,6 @@
{
imports = [
./configuration.nix
./emulated-systems.nix
./networking.nix
./users.nix
];

5
config/hosts/nix-box-june/emulated-systems.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
}

5
config/hosts/ptouch-print-server/configuration.nix
View file

@ -1,10 +1,7 @@
{ ... }:
{
networking = {
hostName = "ptouch-print-server";
domain = "z9.ccchh.net";
};
networking.hostName = "ptouch-print-server";
system.stateVersion = "23.11";
}

5
config/hosts/public-reverse-proxy/configuration.nix
View file

@ -1,10 +1,7 @@
{ config, pkgs, ... }:
{
networking = {
hostName = "public-reverse-proxy";
domain = "z9.ccchh.net";
};
networking.hostName = "public-reverse-proxy";
system.stateVersion = "23.05";
}

28
deployment_configuration.json
View file

@ -1,28 +0,0 @@
{
"default": {
"targetUser": "colmena-deploy"
},
"hosts": {
"netbox": {
"targetHostname": "netbox-intern.hamburg.ccc.de"
},
"matrix": {
"targetHostname": "matrix-intern.hamburg.ccc.de"
},
"public-web-static": {
"targetHostname": "public-web-static-intern.hamburg.ccc.de"
},
"git": {
"targetHostname": "git.hamburg.ccc.de"
},
"forgejo-actions-runner": {
"targetHostname": "forgejo-actions-runner-intern.hamburg.ccc.de"
},
"eh22-wiki": {
"targetHostname": "eh22-wiki-intern.hamburg.ccc.de"
},
"nix-box-june": {
"targetHostname": "nix-box-june-intern.hamburg.ccc.de"
}
}
}

150
flake.nix
View file

@ -25,7 +25,6 @@
outputs = { nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }:
let
system = "x86_64-linux";
# Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support.
shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
@ -68,48 +67,82 @@
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
in
{
nixosConfigurations = {
audio-hauptraum-kueche = nixpkgs-unstable.lib.nixosSystem {
inherit system;
modules = [
colmena = {
meta = {
nixpkgs = nixpkgs.legacyPackages."x86_64-linux";
nodeNixpkgs = {
audio-hauptraum-kueche = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
audio-hauptraum-tafel = nixpkgs-unstable.legacyPackages."x86_64-linux".extend shairportSync431ExtendedNixpkgsUnstableOverlay;
};
nodeSpecialArgs = {
git = { inherit pkgs-unstable; };
};
};
audio-hauptraum-kueche = {
deployment = {
targetHost = "audio-hauptraum-kueche.z9.ccchh.net";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "thinkcccluster" ];
};
imports = [
./config/common
./config/proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
./config/hosts/audio-hauptraum-kueche
];
};
audio-hauptraum-tafel = nixpkgs-unstable.lib.nixosSystem {
inherit system;
modules = [
audio-hauptraum-tafel = {
deployment = {
targetHost = "audio-hauptraum-tafel.z9.ccchh.net";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "thinkcccluster" ];
};
imports = [
./config/common
./config/proxmox-vm
{ nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
./config/hosts/audio-hauptraum-tafel
];
};
esphome = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
esphome = {
deployment = {
targetHost = "esphome.z9.ccchh.net";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "thinkcccluster" ];
};
imports = [
./config/common
./config/proxmox-vm
./config/hosts/esphome
];
};
public-reverse-proxy = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
public-reverse-proxy = {
deployment = {
targetHost = "public-reverse-proxy.z9.ccchh.net";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "thinkcccluster" ];
};
imports = [
./config/common
./config/proxmox-vm
./config/hosts/public-reverse-proxy
];
};
netbox = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
netbox = {
deployment = {
targetHost = "netbox-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
sops-nix.nixosModules.sops
@ -117,9 +150,14 @@
];
};
matrix = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
matrix = {
deployment = {
targetHost = "matrix-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
sops-nix.nixosModules.sops
@ -127,9 +165,14 @@
];
};
public-web-static = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
public-web-static = {
deployment = {
targetHost = "public-web-static-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
sops-nix.nixosModules.sops
@ -137,22 +180,29 @@
];
};
git = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
git = {
deployment = {
targetHost = "git.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
sops-nix.nixosModules.sops
./config/hosts/git
];
specialArgs = {
inherit pkgs-unstable;
};
};
forgejo-actions-runner = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
forgejo-actions-runner = {
deployment = {
targetHost = "forgejo-actions-runner-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
sops-nix.nixosModules.sops
@ -160,27 +210,41 @@
];
};
ptouch-print-server = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
ptouch-print-server = {
deployment = {
targetHost = "ptouch-print-server.z9.ccchh.net";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "thinkcccluster" ];
};
imports = [
./config/common
./config/proxmox-vm
./config/hosts/ptouch-print-server
];
};
eh22-wiki = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
eh22-wiki = {
deployment = {
targetHost = "eh22-wiki-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
tags = [ "chaosknoten" ];
};
imports = [
./config/common
./config/proxmox-vm
./config/hosts/eh22-wiki
];
};
nix-box-june = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
nix-box-june = {
deployment = {
targetHost = "nix-box-june-intern.hamburg.ccc.de";
targetPort = 22;
targetUser = "colmena-deploy";
};
imports = [
./config/common
./config/proxmox-vm
./config/hosts/nix-box-june