diff --git a/hive.nix b/hive.nix index 0b6a3b8..d2da079 100644 --- a/hive.nix +++ b/hive.nix @@ -16,7 +16,7 @@ let patch = import ./lib/nix-patches { patchFile = ./patches; }; - nodes' = import ./meta/nodes.nix; + nodes' = import ./meta/nodes; nodes = builtins.attrNames nodes'; mkNode = node: { diff --git a/meta/default.nix b/meta/default.nix index 719985f..b2e07b1 100644 --- a/meta/default.nix +++ b/meta/default.nix @@ -14,7 +14,7 @@ lib: ./options.nix { network = import ./network.nix; - nodes = import ./nodes.nix; + nodes = import ./nodes; organization = import ./organization.nix; } ]; diff --git a/meta/nodes/default.nix b/meta/nodes/default.nix new file mode 100644 index 0000000..751ac4b --- /dev/null +++ b/meta/nodes/default.nix @@ -0,0 +1,4 @@ +builtins.foldl' (nodes: path: nodes // import path) { } [ + ./liminix.nix + ./nixos.nix +] diff --git a/meta/nodes/liminix.nix b/meta/nodes/liminix.nix new file mode 100644 index 0000000..9210d95 --- /dev/null +++ b/meta/nodes/liminix.nix @@ -0,0 +1,27 @@ +### +# File specifying all the deployement options for the nodes administrated by the dgnum. +# +# Node metadata template is: +# +# NODE_NAME = { +# adminGroups = []; # List of groups that have root access +# admins = []; # List of individuals that have root access +# deployment = {}; # Colmena deployment options +# nixpkgs = "unstable" or "22.11"; # nixpkgs version +# } + +{ + ap01 = { + site = "unknown"; + adminGroups = [ "fai" ]; + + hashedPassword = "$y$j9T$DMOQEWOYFHjNS0myrXp4x/$MG33VSdXGvib.99eN.AbvyVdNNJw4ERjAwK4.ULJe/A"; + + stateVersion = null; + + nixpkgs = { + system = "zyxel-nwa50ax"; + version = "24.05"; + }; + }; +} diff --git a/meta/nodes/nixos.nix b/meta/nodes/nixos.nix new file mode 100644 index 0000000..c43f209 --- /dev/null +++ b/meta/nodes/nixos.nix @@ -0,0 +1,180 @@ +### +# File specifying all the deployement options for the nodes administrated by the dgnum. +# +# Node metadata template is: +# +# NODE_NAME = { +# adminGroups = []; # List of groups that have root access +# admins = []; # List of individuals that have root access +# deployment = {}; # Colmena deployment options +# nixpkgs = "unstable" or "22.11"; # nixpkgs version +# } + +/* + Liste des différents sites : + - rat01 -> VM du NPSPI + - pav01 -> Salle serveur sous le pavillon Pasteur + - oik01 -> Local DGNum Jourdan + - hyp01 -> Salle serveur Hypnos 1 + - luj01 -> VM de Luj +*/ +{ + bridge01 = { + site = "hyp01"; + + hashedPassword = "$y$j9T$EPJdz70kselouXAVUmAH01$8nYbUBY9NPTMfYigegY0qFSdxJwhqzW8sFacDqEYCP5"; + + stateVersion = "24.05"; + + adminGroups = [ "fai" ]; + + deployment = { + targetHost = "fd26:baf9:d250:8000::ffff"; + sshOptions = [ + "-J" + "root@vault01.hyp01.infra.dgnum.eu" + ]; + }; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + compute01 = { + site = "pav01"; + + hashedPassword = "$y$j9T$2nxZHq84G7fWvWMEaGavE/$0ADnmD9qMpXJJ.rWWH9086EakvZ3wAg0mSxZYugOf3C"; + + stateVersion = "23.05"; + nix-modules = [ "services/stirling-pdf" ]; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + geo01 = { + site = "oik01"; + deployment.tags = [ "geo" ]; + + hashedPassword = "$y$j9T$2XmDpJu.QLhV57yYCh5Lf1$LK.X0HKB02Q0Ujvhj5nIofW2IRrIAL/Uxnvl9AXM1L8"; + + stateVersion = "24.05"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + geo02 = { + site = "oik01"; + deployment.tags = [ "geo" ]; + + hashedPassword = "$y$j9T$Q4fbMpSm9beWu4DPNAR9t0$dx/1pH4GPY72LpS5ZiECXAZFDdxwmIywztsX.qo2VVA"; + + stateVersion = "24.05"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + rescue01 = { + site = "luj01"; + + deployment.targetHost = "v6.rescue01.luj01.infra.dgnum.eu"; + + hashedPassword = "$y$j9T$nqoMMu/axrD0m8AlUFdbs.$UFVmIdPAOHBe2jJv5HJJTcDgINC7LTnSGRQNs9zS1mC"; + + stateVersion = "23.11"; + vm-cluster = "Hyperviseur Luj"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + storage01 = { + site = "pav01"; + + hashedPassword = "$y$j9T$tvRu1EJ9MwDSvEm0ogwe70$bKSw6nNteN0L3NOy2Yix7KlIvO/oROQmQ.Ynq002Fg8"; + + stateVersion = "23.11"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + + nix-modules = [ + "services/forgejo-nix-runners" + "services/netbird/server.nix" + ]; + }; + + vault01 = { + site = "hyp01"; + deployment.targetHost = "vault01.hyp01.infra.dgnum.eu"; + + hashedPassword = "$y$j9T$5osXVNxCDxu3jIndcyh7G.$UrjiDRpMu3W59tKHLGNdLWllZh.4p8IM4sBS5SrNrN1"; + + stateVersion = "23.11"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + + adminGroups = [ "fai" ]; + }; + + web01 = { + site = "rat01"; + + deployment.tags = [ "web" ]; + + hashedPassword = "$y$j9T$9YqXO93VJE/GP3z8Sh4h51$hrBsEPL2O1eP/wBZTrNT8XV906V4JKbQ0g04IWBcyd2"; + + stateVersion = "23.05"; + vm-cluster = "Hyperviseur NPS"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + web02 = { + site = "rat01"; + + hashedPassword = "$y$j9T$p42UVNy78PykkQOjPwXNJ/$B/zCUOrHXVSFGUY63wnViMiSmU2vCWsiX0y62qqgNQ5"; + + stateVersion = "24.05"; + vm-cluster = "Hyperviseur NPS"; + + nixpkgs = { + version = "24.05"; + system = "nixos"; + }; + }; + + web03 = { + site = "rat01"; + + hashedPassword = "$y$j9T$Un/tcX5SPKNXG.sy/BcTa.$kyNHELjb1GAOWnauJfcjyVi5tacWcuEBKflZDCUC6x4"; + + stateVersion = "24.05"; + vm-cluster = "Hyperviseur NPS"; + + nixpkgs = { + version = "24.11"; + system = "nixos"; + }; + }; +}