phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Start migration to NixOS for storage1

Browse source
This commit is contained in:
Paul-Henri Froidmont 2021-11-29 02:04:29 +01:00
parent 09d2ac3f05
commit 86124dcd4a
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
19 changed files with 589 additions and 173 deletions
Download patch file Download diff file Expand all files Collapse all files

74
flake.nix
View file

@ -1,14 +1,30 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
inputs.deploy-rs.url = "github:serokell/deploy-rs";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.05";
};
outputs = { self, nixpkgs, deploy-rs }:
outputs = { self, nixpkgs, nixpkgs-unstable, deploy-rs, sops-nix, simple-nixos-mailserver }:
let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux;
in
{
devShell.x86_64-linux = pkgs.mkShell {
buildInputs = with pkgs; [
sopsPGPKeyDirs = [
"./keys/hosts"
"./keys/users"
];
nativeBuildInputs = [
(pkgs.callPackage sops-nix { }).sops-import-keys-hook
];
buildInputs = with pkgs-unstable; [
nixpkgs-fmt
terraform
terraform-ls
@ -21,11 +37,14 @@
db1 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
sops-nix.nixosModules.sops
./profiles/db.nix
(
{
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "db1";
networking.domain = "banditlair.com";
nix.registry.nixpkgs.flake = nixpkgs;
system.stateVersion = "21.05";
}
@ -35,11 +54,14 @@
backend1 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
sops-nix.nixosModules.sops
./profiles/backend.nix
(
{
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "backend1";
networking.domain = "banditlair.com";
nix.registry.nixpkgs.flake = nixpkgs;
system.stateVersion = "21.05";
}
@ -49,11 +71,15 @@
storage1 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
sops-nix.nixosModules.sops
simple-nixos-mailserver.nixosModule
./profiles/storage.nix
(
{
sops.defaultSopsFile = ./secrets.enc.yml;
networking.hostName = "storage1";
networking.domain = "banditlair.com";
nix.registry.nixpkgs.flake = nixpkgs;
system.stateVersion = "21.05";
}
@ -62,32 +88,28 @@
};
};
deploy.nodes = {
db1 = {
hostname = "db1.banditlair.com";
profiles.system = {
deploy.nodes =
let
createSystemProfile = configuration: {
user = "root";
sshUser = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.db1;
path = deploy-rs.lib.x86_64-linux.activate.nixos configuration;
};
in
{
db1 = {
hostname = "db1.banditlair.com";
profiles.system = createSystemProfile self.nixosConfigurations.db1;
};
backend1 = {
hostname = "backend1.banditlair.com";
profiles.system = createSystemProfile self.nixosConfigurations.backend1;
};
storage1 = {
hostname = "78.46.96.243";
profiles.system = createSystemProfile self.nixosConfigurations.storage1;
};
};
backend1 = {
hostname = "backend1.banditlair.com";
profiles.system = {
user = "root";
sshUser = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.backend1;
};
};
storage1 = {
hostname = "78.46.96.243";
profiles.system = {
user = "root";
sshUser = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.storage1;
};
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};