Compare commits
6 commits
f89dbc0d99
...
96e9f14e2d
Author | SHA1 | Date | |
---|---|---|---|
|
96e9f14e2d | ||
|
c233a22a1a | ||
|
04854d24bc | ||
|
2b52c9997a | ||
|
f637ae9ea8 | ||
|
ac09d221ad |
18
hive.nix
18
hive.nix
|
@ -66,10 +66,24 @@ in
|
|||
};
|
||||
|
||||
defaults =
|
||||
{ name, nodeMeta, ... }:
|
||||
{
|
||||
pkgs,
|
||||
name,
|
||||
nodeMeta,
|
||||
...
|
||||
}:
|
||||
{
|
||||
# Import the default modules
|
||||
imports = [ ./modules ];
|
||||
imports = [
|
||||
./modules
|
||||
(import "${sources.lix-module}/module.nix" {
|
||||
lix = pkgs.applyPatches {
|
||||
name = "lix-2.90.patched";
|
||||
src = sources.lix;
|
||||
patches = [ ./patches/00-disable-installChecks-lix.patch ];
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
# Include default secrets
|
||||
age-secrets.sources = [ ./machines/${name}/secrets ];
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.services.castopod;
|
||||
fpm = config.services.phpfpm.pools.castopod;
|
||||
in
|
||||
{
|
||||
services.nginx = {
|
||||
resolver.addresses = [ "127.0.0.53" ];
|
||||
virtualHosts."${cfg.localDomain}" = {
|
||||
|
||||
locations."@force_get" = {
|
||||
extraConfig = lib.mkForce ''
|
||||
recursive_error_pages on;
|
||||
proxy_method GET;
|
||||
proxy_pass https://podcasts.dgnum.eu/$request_uri;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."~ .php$" = {
|
||||
extraConfig = lib.mkForce ''
|
||||
error_page 550 = @force_get;
|
||||
if ($request_method = HEAD) { return 550; }
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_pass unix:${fpm.socket};
|
||||
try_files $uri =404;
|
||||
fastcgi_read_timeout 3600;
|
||||
fastcgi_send_timeout 3600;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -8,7 +8,7 @@ in
|
|||
enable = true;
|
||||
localDomain = host;
|
||||
environmentFile = config.age.secrets.castopod-environment_file.path;
|
||||
maxUploadSize = 512;
|
||||
maxUploadSize = "512M";
|
||||
settings = {
|
||||
"email.fromEmail" = "noreply@infra.dgnum.eu";
|
||||
"email.SMTPHost" = "kurisu.lahfa.xyz";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
_:
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
imports = [ ./packages ];
|
||||
|
@ -8,9 +8,29 @@ _:
|
|||
|
||||
api.host = "api.meet.dgnum.eu";
|
||||
frontend.host = "meet.dgnum.eu";
|
||||
|
||||
configureNginx = true;
|
||||
};
|
||||
|
||||
dgn-backups.postgresDatabases = [ "crabfit" ];
|
||||
|
||||
services.nginx =
|
||||
let
|
||||
cfg = config.services.crabfit;
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
|
||||
virtualHosts.${cfg.frontend.host} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.frontend.port}";
|
||||
};
|
||||
|
||||
virtualHosts.${cfg.api.host} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.api.port}";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -34,6 +34,21 @@ TODO.
|
|||
|
||||
Machines can use different versions of NixOS, the supported and default ones are specified here.
|
||||
|
||||
## How to add a new version
|
||||
|
||||
- Switch to a new branch `nixos-$VERSION`
|
||||
- Run the following command
|
||||
|
||||
```bash
|
||||
npins add channel nixos-$VERSION
|
||||
```
|
||||
|
||||
- Edit `meta/nixpkgs.nix` and add `$VERSION` to the supported version.
|
||||
- Read the release notes and check for changes.
|
||||
- Update the nodes versions
|
||||
- Create a PR so that the CI check that it builds
|
||||
|
||||
|
||||
# Nodes
|
||||
|
||||
The nodes are declared statically, several options can be configured:
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
{
|
||||
# Default version of nixpkgs to use
|
||||
default = "23.11";
|
||||
default = "24.05";
|
||||
|
||||
# Supported nixpkgs versions
|
||||
supported = [
|
||||
"unstable"
|
||||
"23.11"
|
||||
"24.05"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@
|
|||
stateVersion = "23.05";
|
||||
vm-cluster = "Hyperviseur NPS";
|
||||
|
||||
nix-modules = [ "services/crabfit" ];
|
||||
nixpkgs = "24.05";
|
||||
};
|
||||
|
||||
compute01 = {
|
||||
|
@ -35,6 +35,7 @@
|
|||
|
||||
stateVersion = "23.05";
|
||||
nix-modules = [ "services/stirling-pdf" ];
|
||||
nixpkgs = "24.05";
|
||||
};
|
||||
|
||||
geo01 = {
|
||||
|
@ -42,7 +43,7 @@
|
|||
deployment.tags = [ "geo" ];
|
||||
|
||||
stateVersion = "24.05";
|
||||
nixpkgs = "unstable";
|
||||
nixpkgs = "24.05";
|
||||
};
|
||||
|
||||
geo02 = {
|
||||
|
@ -50,12 +51,13 @@
|
|||
deployment.tags = [ "geo" ];
|
||||
|
||||
stateVersion = "24.05";
|
||||
nixpkgs = "unstable";
|
||||
nixpkgs = "24.05";
|
||||
};
|
||||
|
||||
storage01 = {
|
||||
site = "pav01";
|
||||
stateVersion = "23.11";
|
||||
nixpkgs = "24.05";
|
||||
|
||||
nix-modules = [ "services/forgejo-nix-runners" ];
|
||||
};
|
||||
|
@ -65,7 +67,7 @@
|
|||
deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";
|
||||
|
||||
stateVersion = "23.11";
|
||||
nixpkgs = "unstable";
|
||||
nixpkgs = "24.05";
|
||||
|
||||
adminGroups = [ "fai" ];
|
||||
};
|
||||
|
@ -74,7 +76,7 @@
|
|||
site = "rat01";
|
||||
|
||||
stateVersion = "24.05";
|
||||
nixpkgs = "unstable";
|
||||
nixpkgs = "24.05";
|
||||
vm-cluster = "Hyperviseur NPS";
|
||||
};
|
||||
|
||||
|
|
|
@ -100,6 +100,28 @@
|
|||
"url": "https://github.com/JulienMalka/Linkal/archive/085630bf369b68d2264baca020efc94c877d78e6.tar.gz",
|
||||
"hash": "0m426vjk7mjyp1gd1dsnnn5xkplsqs0ksawbmhza6fycsmavc3cx"
|
||||
},
|
||||
"lix": {
|
||||
"type": "Git",
|
||||
"repository": {
|
||||
"type": "Git",
|
||||
"url": "https://git.lix.systems/lix-project/lix.git"
|
||||
},
|
||||
"branch": "main",
|
||||
"revision": "d00edfb28d0a52d9acd392c582a43f98e773cf4c",
|
||||
"url": null,
|
||||
"hash": "0gnvk11kblidk2fpb4fhglc4lwk5acjm4v68rj79z7pjr4sc5r7p"
|
||||
},
|
||||
"lix-module": {
|
||||
"type": "Git",
|
||||
"repository": {
|
||||
"type": "Git",
|
||||
"url": "https://git.lix.systems/lix-project/nixos-module.git"
|
||||
},
|
||||
"branch": "main",
|
||||
"revision": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37",
|
||||
"url": null,
|
||||
"hash": "02dg1icyxamxblrvgxshadp2s8mx2ryjja7m9w26sgs07jl438zk"
|
||||
},
|
||||
"metis": {
|
||||
"type": "Git",
|
||||
"repository": {
|
||||
|
@ -154,6 +176,12 @@
|
|||
"url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz",
|
||||
"hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj"
|
||||
},
|
||||
"nixos-24.05": {
|
||||
"type": "Channel",
|
||||
"name": "nixos-24.05",
|
||||
"url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.1135.9b5328b7f761/nixexprs.tar.xz",
|
||||
"hash": "0k8d0xvygkxzvs5ikcw8j0pnksvzdmxdl03i69mni3nxylszyxvl"
|
||||
},
|
||||
"nixos-generators": {
|
||||
"type": "Git",
|
||||
"repository": {
|
||||
|
@ -226,4 +254,4 @@
|
|||
}
|
||||
},
|
||||
"version": 3
|
||||
}
|
||||
}
|
||||
|
|
13
patches/00-disable-installChecks-lix.patch
Normal file
13
patches/00-disable-installChecks-lix.patch
Normal file
|
@ -0,0 +1,13 @@
|
|||
diff --git a/package.nix b/package.nix
|
||||
index 43b709023..b68857796 100644
|
||||
--- a/package.nix
|
||||
+++ b/package.nix
|
||||
@@ -351,7 +351,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
echo "doc internal-api-docs $out/share/doc/nix/internal-api/html" >> "$out/nix-support/hydra-build-products"
|
||||
'';
|
||||
|
||||
- doInstallCheck = finalAttrs.doCheck;
|
||||
+ doInstallCheck = false;
|
||||
|
||||
mesonInstallCheckFlags = [
|
||||
"--suite=installcheck"
|
|
@ -6,6 +6,21 @@ let
|
|||
in
|
||||
|
||||
{
|
||||
"nixos-24.05" = [
|
||||
# netbox qrcode plugin
|
||||
{
|
||||
_type = "commit";
|
||||
sha = "ae4bf4c110378ebacb3989c9533726859cfebbfa";
|
||||
hash = "sha256-SgHhW9HCkDQsxT3eG4P9q68c43e3sbDHRY9qs7oSt8o=";
|
||||
}
|
||||
|
||||
netboxAgent
|
||||
|
||||
{
|
||||
id = "275165";
|
||||
hash = "sha256-9a26V3Pi8yLD3N9+mC1kvJoruxRTp/qOHapnt6VX7pw=";
|
||||
}
|
||||
];
|
||||
"nixos-23.11" = [
|
||||
# netbox module
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue