Compare commits
12 Commits
485b787d09
...
9a55c22c23
| Author | SHA1 | Date | |
|---|---|---|---|
| 9a55c22c23 | |||
| 4e3f4b416f | |||
| d7fa9e2cc7 | |||
| d14ed789f5 | |||
| 4cb380812b | |||
| 0ffee96f6c | |||
| 09ca273f3e | |||
| 7b6dc8c2a8 | |||
| 0439f5083e | |||
| cadadbee02 | |||
| d8c3525423 | |||
| 5ab83572b3 |
114
flake.lock
generated
114
flake.lock
generated
@@ -1,24 +1,42 @@
|
||||
{
|
||||
"nodes": {
|
||||
"flake-utils": {
|
||||
"deploy-rs": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
"flake-compat": "flake-compat",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"lastModified": 1727447169,
|
||||
"narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
@@ -36,7 +54,7 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
@@ -54,6 +72,24 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flakey-profile": {
|
||||
"locked": {
|
||||
"lastModified": 1712898590,
|
||||
@@ -189,6 +225,22 @@
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1702272962,
|
||||
"narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1742422364,
|
||||
"narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=",
|
||||
@@ -204,7 +256,7 @@
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1741865919,
|
||||
"narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=",
|
||||
@@ -222,18 +274,19 @@
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"deploy-rs": "deploy-rs",
|
||||
"home-manager": "home-manager",
|
||||
"lix-module": "lix-module",
|
||||
"me-emacs": "me-emacs",
|
||||
"microvm": "microvm",
|
||||
"nix-darwin": "nix-darwin",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"sops-nix": "sops-nix"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1742595978,
|
||||
@@ -309,6 +362,39 @@
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_4": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
||||
20
flake.nix
20
flake.nix
@@ -14,9 +14,10 @@
|
||||
};
|
||||
microvm.url = "github:astro/microvm.nix";
|
||||
microvm.inputs.nixpkgs.follows = "nixpkgs";
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, sops-nix, me-emacs, nix-darwin, home-manager, lix-module, microvm }@inputs: let
|
||||
outputs = { self, nixpkgs, sops-nix, me-emacs, nix-darwin, home-manager, lix-module, microvm, deploy-rs }@inputs: let
|
||||
overlays = import ./overlays/default.nix inputs;
|
||||
modules = import ./modules/default.nix inputs;
|
||||
|
||||
@@ -69,7 +70,7 @@
|
||||
modules = [
|
||||
./machines/pericyte/configuration.nix
|
||||
modules.sops
|
||||
# lix-module.nixosModules.default
|
||||
lix-module.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
];
|
||||
};
|
||||
@@ -101,6 +102,21 @@
|
||||
};
|
||||
};
|
||||
|
||||
deploy = {
|
||||
nodes = {
|
||||
pericyte = {
|
||||
hostname = "opcp";
|
||||
sshUser = "root";
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.pericyte;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
# This is highly advised, and will prevent many possible mistakes
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
||||
|
||||
hydraJobs = {
|
||||
inherit (me-emacs) packages;
|
||||
};
|
||||
|
||||
@@ -4,8 +4,11 @@
|
||||
"${inputs.nixpkgs}/nixos/modules/profiles/headless.nix"
|
||||
"${inputs.nixpkgs}/nixos/modules/profiles/minimal.nix"
|
||||
|
||||
./microvm-configuration.nix
|
||||
./k3s.nix
|
||||
./podman.nix
|
||||
./container-registry.nix
|
||||
./test.nix
|
||||
# ./microvm-configuration.nix
|
||||
# ./k3s.nix
|
||||
];
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
@@ -13,10 +16,12 @@
|
||||
environment.systemPackages = with pkgs; [
|
||||
git
|
||||
btop
|
||||
tmux
|
||||
oci-cli
|
||||
];
|
||||
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
zramSwap.enable = true;
|
||||
# zramSwap.enable = true;
|
||||
networking.hostName = "pericyte";
|
||||
networking.domain = "";
|
||||
services.openssh.enable = true;
|
||||
|
||||
6
machines/pericyte/container-registry.nix
Normal file
6
machines/pericyte/container-registry.nix
Normal file
@@ -0,0 +1,6 @@
|
||||
{ pkgs, ... }: {
|
||||
services.dockerRegistry = {
|
||||
enable = true;
|
||||
package = pkgs.distribution;
|
||||
};
|
||||
}
|
||||
@@ -7,8 +7,12 @@
|
||||
device = "nodev";
|
||||
};
|
||||
fileSystems."/boot" = { device = "/dev/disk/by-uuid/FCE4-1F46"; fsType = "vfat"; };
|
||||
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
|
||||
swapDevices = [
|
||||
{
|
||||
device = "/swapfile";
|
||||
}
|
||||
];
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
|
||||
boot.initrd.kernelModules = [ "nvme" ];
|
||||
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
|
||||
|
||||
}
|
||||
|
||||
21
machines/pericyte/podman.nix
Normal file
21
machines/pericyte/podman.nix
Normal file
@@ -0,0 +1,21 @@
|
||||
{ pkgs, ... }: {
|
||||
# Enable common container config files in /etc/containers
|
||||
virtualisation.containers.enable = true;
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
|
||||
# Required for containers under podman-compose to be able to talk to each other.
|
||||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Useful other development tools
|
||||
environment.systemPackages = with pkgs; [
|
||||
dive # look into docker image layers
|
||||
skopeo # Inspect images
|
||||
podlet # create quadlets (systemd units)
|
||||
podman-tui # status of containers in the terminal
|
||||
podman-compose # start group of containers for dev
|
||||
];
|
||||
}
|
||||
32
machines/pericyte/test.nix
Normal file
32
machines/pericyte/test.nix
Normal file
@@ -0,0 +1,32 @@
|
||||
{ pkgs, ... }: {
|
||||
users.groups.peertube = { };
|
||||
users.users.peertube = {
|
||||
isSystemUser = true;
|
||||
group = "peertube";
|
||||
home = "/var/lib/peertube";
|
||||
createHome = true;
|
||||
uid = 2342;
|
||||
subUidRanges = [
|
||||
{
|
||||
count = 65536;
|
||||
startUid = 2147483646;
|
||||
}
|
||||
];
|
||||
subGidRanges = [
|
||||
{
|
||||
count = 65536;
|
||||
startGid = 2147483647;
|
||||
}
|
||||
];
|
||||
};
|
||||
virtualisation.oci-containers = {
|
||||
backend = "podman";
|
||||
# containers.peertube = {
|
||||
# image = "chocobozzz/peertube:latest";
|
||||
# ports = [ ];
|
||||
# podman = {
|
||||
# user = "peertube";
|
||||
# };
|
||||
# };
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user