feat(tower01): Init
Some checks failed
Check meta / check_meta (push) Successful in 19s
Check meta / check_dns (push) Successful in 19s
Run pre-commit on all files / pre-commit (push) Successful in 35s
Check meta / check_meta (pull_request) Successful in 24s
Check meta / check_dns (pull_request) Successful in 27s
Check workflows / check_workflows (pull_request) Failing after 28s
Build all the nodes / ap01 (pull_request) Successful in 1m11s
Build all the nodes / bridge01 (pull_request) Successful in 1m54s
Build all the nodes / geo01 (pull_request) Successful in 1m52s
Build all the nodes / geo02 (pull_request) Successful in 1m50s
Build all the nodes / compute01 (pull_request) Successful in 2m21s
Build all the nodes / hypervisor01 (pull_request) Successful in 1m33s
Build all the nodes / netcore02 (pull_request) Successful in 37s
Build all the nodes / hypervisor02 (pull_request) Successful in 1m45s
Build all the nodes / hypervisor03 (pull_request) Successful in 1m47s
Build all the nodes / rescue01 (pull_request) Successful in 2m20s
Build all the nodes / vault01 (pull_request) Successful in 1m54s
Build all the nodes / storage01 (pull_request) Successful in 2m12s
Run pre-commit on all files / pre-commit (pull_request) Successful in 34s
Build all the nodes / web02 (pull_request) Successful in 1m47s
Build all the nodes / web01 (pull_request) Successful in 2m21s
Build all the nodes / web03 (pull_request) Successful in 1m50s

This commit is contained in:
Elias Coppens 2024-12-21 23:38:36 +01:00
parent 5fa7ccb8e7
commit 3a0a098b36
Signed by: ecoppens
GPG key ID: 871893E37A732093
6 changed files with 185 additions and 0 deletions

View file

@ -32,6 +32,7 @@ rec {
]; ];
rescue01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJa02Annu8o7ggPjTH/9ttotdNGyghlWfU9E8pnuLUf" ]; rescue01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJa02Annu8o7ggPjTH/9ttotdNGyghlWfU9E8pnuLUf" ];
storage01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0s+rPcEcfWCqZ4B2oJiWT/60awOI8ijL1rtDM2glXZ" ]; storage01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0s+rPcEcfWCqZ4B2oJiWT/60awOI8ijL1rtDM2glXZ" ];
tower01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICVpR+TMRLGAfhn7Q0C3tKOydYYjfoC/e1ZYbKpby01Z" ];
vault01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJA6VA7LENvTRlKdcrqt8DxDOPvX3bg3Gjy9mNkdFEW" ]; vault01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJA6VA7LENvTRlKdcrqt8DxDOPvX3bg3Gjy9mNkdFEW" ];
web01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR+lewuJ/zhCyizJGJOH1UaAB699ItNKEaeuoK57LY5" ]; web01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR+lewuJ/zhCyizJGJOH1UaAB699ItNKEaeuoK57LY5" ];
web02 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX" ]; web02 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX" ];

View file

@ -0,0 +1,17 @@
# SPDX-FileCopyrightText: 2024 Elias Coppens <elias@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
{ lib, ... }:
lib.extra.mkConfig {
enabledModules = [ ];
enabledServices = [ ];
extraConfig = {
services.netbird.enable = true;
};
root = ./.;
}

View file

@ -0,0 +1,122 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
networking.hostId = "7874d06e";
boot = {
initrd = {
availableKernelModules = [
"ehci_pci"
"ahci"
"mpt3sas"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
luks.devices = {
rootfs01 = {
device = "/dev/disk/by-label/rootfs01";
keyFile = "/dev/zero";
keyFileSize = 1;
};
rootfs02 = {
device = "/dev/disk/by-label/rootfs02";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0101 = {
device = "/dev/disk/by-label/slow0101";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0102 = {
device = "/dev/disk/by-label/slow0102";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0201 = {
device = "/dev/disk/by-label/slow0201";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0202 = {
device = "/dev/disk/by-label/slow0202";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0301 = {
device = "/dev/disk/by-label/slow0301";
keyFile = "/dev/zero";
keyFileSize = 1;
};
slow0302 = {
device = "/dev/disk/by-label/slow0302";
keyFile = "/dev/zero";
keyFileSize = 1;
};
};
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "rootfs";
fsType = "zfs";
};
# boot1 = boot partition (primary)
# boot2 = boot partition (backup)
"/boot1" = {
device = "/dev/disk/by-uuid/1965-5D59";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
"/boot2" = {
device = "/dev/disk/by-uuid/19C4-49E1";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
"/nix" = {
device = "rootfs/nix";
fsType = "zfs";
};
"/var" = {
device = "rootfs/var";
fsType = "zfs";
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/7614fa12-c6a7-456e-9620-eb9c0e025140"; }
{ device = "/dev/disk/by-uuid/eb0aef44-b264-4f94-b847-3ad5dcc19ffd"; }
];
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,7 @@
# SPDX-FileCopyrightText: 2024 La Délégation Générale Numérique <context@dgnum.eu>
#
# SPDX-License-Identifer: EUPL-1.2
(import ../../../../keys).mkSecrets [ "tower01" ] [
]

View file

@ -189,6 +189,29 @@
netbirdIp = "100.80.156.154"; netbirdIp = "100.80.156.154";
}; };
tower01 = {
interfaces = {
eno2 = {
ipv4 = [
{
address = "129.199.210.119";
prefixLength = 24;
}
];
gateways = [ "129.199.210.254" ];
dns = [
"129.199.96.11"
"129.199.72.99"
];
};
};
hostId = "7874d06e";
netbirdIp = "100.80.185.124";
};
vault01 = { vault01 = {
interfaces = { interfaces = {
vlan-uplink-cri = { vlan-uplink-cri = {

View file

@ -182,6 +182,21 @@
]; ];
}; };
tower01 = {
site = "oik01";
hashedPassword = "$y$j9T$axihKDa.CrYcyoamJWxBq1$bl4TfropTrwLqMy6XK0DKkWRyx9b74kyI/ukE8X5iiD";
stateVersion = "24.11";
nixpkgs = {
version = "24.11";
system = "nixos";
};
admins = [ "ecoppens" ];
};
vault01 = { vault01 = {
site = "hyp01"; site = "hyp01";
deployment.targetHost = "vault01.hyp01.infra.dgnum.eu"; deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";