DGNum/infrastructure
13
6
Fork 3
Code Issues 20 Pull requests 8 Projects 1 Releases Packages Wiki Activity Actions

feat(infra): Deploy web03

Browse source
This commit is contained in:
Tom Hubrecht 2024-10-16 11:07:40 +02:00
parent 4b2d1cde5b
commit b6cbf6e918
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
6 changed files with 94 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
keys/default.nix
View file

@ -23,6 +23,7 @@ rec {
vault01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJA6VA7LENvTRlKdcrqt8DxDOPvX3bg3Gjy9mNkdFEW" ]; vault01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJA6VA7LENvTRlKdcrqt8DxDOPvX3bg3Gjy9mNkdFEW" ];
web01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR+lewuJ/zhCyizJGJOH1UaAB699ItNKEaeuoK57LY5" ]; web01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR+lewuJ/zhCyizJGJOH1UaAB699ItNKEaeuoK57LY5" ];
web02 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX" ]; web02 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX" ];
web03 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrWsMEfK86iaO9SubMqE2UvZNtHkLY5VUod/bbqKC0L" ];
# SSH keys of the DGNum members # SSH keys of the DGNum members
catvayor = [ catvayor = [

16
machines/web03/_configuration.nix Normal file
View file

@ -0,0 +1,16 @@
{ lib, ... }:
lib.extra.mkConfig {
enabledModules = [
# List of modules to enable
"dgn-web"
];
enabledServices = [
# List of services to enable
];
extraConfig = { };
root = ./.;
}

45
machines/web03/_hardware-configuration.nix Normal file
View file

@ -0,0 +1,45 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot = {
initrd = {
availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
kernelModules = [ ];
luks.devices."main" = {
device = "/dev/disk/by-uuid/21a5fa9b-35d2-49c9-80f8-5161c652bdc8";
tryEmptyPassphrase = true;
};
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/9069a0a6-2f9f-4219-a2c4-248de932da6f";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/9826-E466";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [ { device = "/dev/disk/by-uuid/a91c29b4-9b1b-477e-820f-3cf610158e2a"; } ];
}

3
machines/web03/secrets/secrets.nix Normal file
View file

@ -0,0 +1,3 @@
(import ../../../keys).mkSecrets [ "web03" ] [
# List of secrets for web03
]

19
meta/network.nix
View file

@ -178,6 +178,25 @@
netbirdIp = null; # web02 is not to be connected on the VPN netbirdIp = null; # web02 is not to be connected on the VPN
}; };
web03 = {
interfaces = {
enp1s0 = {
ipv4 = [
{
address = "129.199.129.223";
prefixLength = 24;
}
];
gateways = [ "129.199.129.1" ];
enableDefaultDNS = true;
};
};
hostId = "8afc7749";
netbirdIp = null; # web03 is not yet connected to the VPN
};
rescue01 = { rescue01 = {
interfaces = { interfaces = {
ens18 = { ens18 = {

10
meta/nodes.nix
View file

@ -124,6 +124,16 @@
vm-cluster = "Hyperviseur NPS"; vm-cluster = "Hyperviseur NPS";
}; };
web03 = {
site = "rat01";
hashedPassword = "$y$j9T$Un/tcX5SPKNXG.sy/BcTa.$kyNHELjb1GAOWnauJfcjyVi5tacWcuEBKflZDCUC6x4";
stateVersion = "24.05";
nixpkgs = "24.05";
vm-cluster = "Hyperviseur NPS";
};
rescue01 = { rescue01 = {
site = "luj01"; site = "luj01";