chore(meta): Split nodes into systems

2024-12-09 10:20:44 +01:00 · 2024-12-09 10:20:44 +01:00 · c5e3da3ac9
commit c5e3da3ac9
parent a818917d77
5 changed files with 213 additions and 2 deletions
--- a/hive.nix
+++ b/hive.nix
@ -16,7 +16,7 @@ let

  patch = import ./lib/nix-patches { patchFile = ./patches; };

-  nodes' = import ./meta/nodes.nix;
+  nodes' = import ./meta/nodes;
  nodes = builtins.attrNames nodes';

  mkNode = node: {
--- a/meta/default.nix
+++ b/meta/default.nix
@ -14,7 +14,7 @@ lib:
    ./options.nix
    {
      network = import ./network.nix;
-      nodes = import ./nodes.nix;
+      nodes = import ./nodes;
      organization = import ./organization.nix;
    }
  ];
--- a/meta/nodes/default.nix
+++ b/meta/nodes/default.nix
@ -0,0 +1,4 @@
+builtins.foldl' (nodes: path: nodes // import path) { } [
+  ./liminix.nix
+  ./nixos.nix
+]
--- a/meta/nodes/liminix.nix
+++ b/meta/nodes/liminix.nix
@ -0,0 +1,27 @@
+###
+# File specifying all the deployement options for the nodes administrated by the dgnum.
+#
+# Node metadata template is:
+#
+# NODE_NAME = {
+#   adminGroups = []; # List of groups that have root access
+#   admins = []; # List of individuals that have root access
+#   deployment = {}; # Colmena deployment options
+#   nixpkgs = "unstable" or "22.11"; # nixpkgs version
+# }
+
+{
+  ap01 = {
+    site = "unknown";
+    adminGroups = [ "fai" ];
+
+    hashedPassword = "$y$j9T$DMOQEWOYFHjNS0myrXp4x/$MG33VSdXGvib.99eN.AbvyVdNNJw4ERjAwK4.ULJe/A";
+
+    stateVersion = null;
+
+    nixpkgs = {
+      system = "zyxel-nwa50ax";
+      version = "24.05";
+    };
+  };
+}
--- a/meta/nodes/nixos.nix
+++ b/meta/nodes/nixos.nix
@ -0,0 +1,180 @@
+###
+# File specifying all the deployement options for the nodes administrated by the dgnum.
+#
+# Node metadata template is:
+#
+# NODE_NAME = {
+#   adminGroups = []; # List of groups that have root access
+#   admins = []; # List of individuals that have root access
+#   deployment = {}; # Colmena deployment options
+#   nixpkgs = "unstable" or "22.11"; # nixpkgs version
+# }
+
+/*
+  Liste des différents sites :
+  - rat01 -> VM du NPSPI
+  - pav01 -> Salle serveur sous le pavillon Pasteur
+  - oik01 -> Local DGNum Jourdan
+  - hyp01 -> Salle serveur Hypnos 1
+  - luj01 -> VM de Luj
+*/
+{
+  bridge01 = {
+    site = "hyp01";
+
+    hashedPassword = "$y$j9T$EPJdz70kselouXAVUmAH01$8nYbUBY9NPTMfYigegY0qFSdxJwhqzW8sFacDqEYCP5";
+
+    stateVersion = "24.05";
+
+    adminGroups = [ "fai" ];
+
+    deployment = {
+      targetHost = "fd26:baf9:d250:8000::ffff";
+      sshOptions = [
+        "-J"
+        "root@vault01.hyp01.infra.dgnum.eu"
+      ];
+    };
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  compute01 = {
+    site = "pav01";
+
+    hashedPassword = "$y$j9T$2nxZHq84G7fWvWMEaGavE/$0ADnmD9qMpXJJ.rWWH9086EakvZ3wAg0mSxZYugOf3C";
+
+    stateVersion = "23.05";
+    nix-modules = [ "services/stirling-pdf" ];
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  geo01 = {
+    site = "oik01";
+    deployment.tags = [ "geo" ];
+
+    hashedPassword = "$y$j9T$2XmDpJu.QLhV57yYCh5Lf1$LK.X0HKB02Q0Ujvhj5nIofW2IRrIAL/Uxnvl9AXM1L8";
+
+    stateVersion = "24.05";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  geo02 = {
+    site = "oik01";
+    deployment.tags = [ "geo" ];
+
+    hashedPassword = "$y$j9T$Q4fbMpSm9beWu4DPNAR9t0$dx/1pH4GPY72LpS5ZiECXAZFDdxwmIywztsX.qo2VVA";
+
+    stateVersion = "24.05";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  rescue01 = {
+    site = "luj01";
+
+    deployment.targetHost = "v6.rescue01.luj01.infra.dgnum.eu";
+
+    hashedPassword = "$y$j9T$nqoMMu/axrD0m8AlUFdbs.$UFVmIdPAOHBe2jJv5HJJTcDgINC7LTnSGRQNs9zS1mC";
+
+    stateVersion = "23.11";
+    vm-cluster = "Hyperviseur Luj";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  storage01 = {
+    site = "pav01";
+
+    hashedPassword = "$y$j9T$tvRu1EJ9MwDSvEm0ogwe70$bKSw6nNteN0L3NOy2Yix7KlIvO/oROQmQ.Ynq002Fg8";
+
+    stateVersion = "23.11";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+
+    nix-modules = [
+      "services/forgejo-nix-runners"
+      "services/netbird/server.nix"
+    ];
+  };
+
+  vault01 = {
+    site = "hyp01";
+    deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";
+
+    hashedPassword = "$y$j9T$5osXVNxCDxu3jIndcyh7G.$UrjiDRpMu3W59tKHLGNdLWllZh.4p8IM4sBS5SrNrN1";
+
+    stateVersion = "23.11";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+
+    adminGroups = [ "fai" ];
+  };
+
+  web01 = {
+    site = "rat01";
+
+    deployment.tags = [ "web" ];
+
+    hashedPassword = "$y$j9T$9YqXO93VJE/GP3z8Sh4h51$hrBsEPL2O1eP/wBZTrNT8XV906V4JKbQ0g04IWBcyd2";
+
+    stateVersion = "23.05";
+    vm-cluster = "Hyperviseur NPS";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  web02 = {
+    site = "rat01";
+
+    hashedPassword = "$y$j9T$p42UVNy78PykkQOjPwXNJ/$B/zCUOrHXVSFGUY63wnViMiSmU2vCWsiX0y62qqgNQ5";
+
+    stateVersion = "24.05";
+    vm-cluster = "Hyperviseur NPS";
+
+    nixpkgs = {
+      version = "24.05";
+      system = "nixos";
+    };
+  };
+
+  web03 = {
+    site = "rat01";
+
+    hashedPassword = "$y$j9T$Un/tcX5SPKNXG.sy/BcTa.$kyNHELjb1GAOWnauJfcjyVi5tacWcuEBKflZDCUC6x4";
+
+    stateVersion = "24.05";
+    vm-cluster = "Hyperviseur NPS";
+
+    nixpkgs = {
+      version = "24.11";
+      system = "nixos";
+    };
+  };
+}