feat: Upgrade machines to nixos-24.05 #113

Merged
thubrecht merged 3 commits from nixos-24.05 into main 2024-07-05 11:01:29 +02:00
8 changed files with 68 additions and 42 deletions

View file

@ -1,33 +0,0 @@
{ config, lib, ... }:
let
cfg = config.services.castopod;
fpm = config.services.phpfpm.pools.castopod;
in
{
services.nginx = {
resolver.addresses = [ "127.0.0.53" ];
virtualHosts."${cfg.localDomain}" = {
locations."@force_get" = {
extraConfig = lib.mkForce ''
recursive_error_pages on;
proxy_method GET;
proxy_pass https://podcasts.dgnum.eu/$request_uri;
'';
};
locations."~ .php$" = {
extraConfig = lib.mkForce ''
error_page 550 = @force_get;
if ($request_method = HEAD) { return 550; }
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_pass unix:${fpm.socket};
try_files $uri =404;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
'';
};
};
};
}

View file

@ -8,7 +8,7 @@ in
enable = true;
localDomain = host;
environmentFile = config.age.secrets.castopod-environment_file.path;
maxUploadSize = 512;
maxUploadSize = "512M";
settings = {
"email.fromEmail" = "noreply@infra.dgnum.eu";
"email.SMTPHost" = "kurisu.lahfa.xyz";

View file

@ -1,4 +1,4 @@
_:
{ config, ... }:
{
imports = [ ./packages ];
@ -8,9 +8,29 @@ _:
api.host = "api.meet.dgnum.eu";
frontend.host = "meet.dgnum.eu";
configureNginx = true;
};
dgn-backups.postgresDatabases = [ "crabfit" ];
services.nginx =
let
cfg = config.services.crabfit;
in
{
enable = true;
virtualHosts.${cfg.frontend.host} = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.frontend.port}";
};
virtualHosts.${cfg.api.host} = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.api.port}";
};
};
}

View file

@ -34,6 +34,21 @@ TODO.
Machines can use different versions of NixOS, the supported and default ones are specified here.
## How to add a new version
- Switch to a new branch `nixos-$VERSION`
- Run the following command
```bash
npins add channel nixos-$VERSION
```
- Edit `meta/nixpkgs.nix` and add `$VERSION` to the supported version.
- Read the release notes and check for changes.
- Update the nodes versions
- Create a PR so that the CI check that it builds
# Nodes
The nodes are declared statically, several options can be configured:

View file

@ -6,5 +6,6 @@
supported = [
"unstable"
"23.11"
"24.05"
];
}

View file

@ -27,7 +27,7 @@
stateVersion = "23.05";
vm-cluster = "Hyperviseur NPS";
nix-modules = [ "services/crabfit" ];
nixpkgs = "24.05";
};
compute01 = {
@ -35,6 +35,7 @@
stateVersion = "23.05";
nix-modules = [ "services/stirling-pdf" ];
nixpkgs = "24.05";
};
geo01 = {
@ -42,7 +43,7 @@
deployment.tags = [ "geo" ];
stateVersion = "24.05";
nixpkgs = "unstable";
nixpkgs = "24.05";
};
geo02 = {
@ -50,12 +51,13 @@
deployment.tags = [ "geo" ];
stateVersion = "24.05";
nixpkgs = "unstable";
nixpkgs = "24.05";
};
storage01 = {
site = "pav01";
stateVersion = "23.11";
nixpkgs = "24.05";
nix-modules = [ "services/forgejo-nix-runners" ];
};
@ -65,7 +67,7 @@
deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";
stateVersion = "23.11";
nixpkgs = "unstable";
nixpkgs = "24.05";
adminGroups = [ "fai" ];
};

View file

@ -154,6 +154,12 @@
"url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz",
"hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj"
},
"nixos-24.05": {
"type": "Channel",
"name": "nixos-24.05",
"url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.1135.9b5328b7f761/nixexprs.tar.xz",
"hash": "0k8d0xvygkxzvs5ikcw8j0pnksvzdmxdl03i69mni3nxylszyxvl"
},
"nixos-generators": {
"type": "Git",
"repository": {
@ -226,4 +232,4 @@
}
},
"version": 3
}
}

View file

@ -6,6 +6,21 @@ let
in
{
"nixos-24.05" = [
# netbox qrcode plugin
{
_type = "commit";
sha = "ae4bf4c110378ebacb3989c9533726859cfebbfa";
hash = "sha256-SgHhW9HCkDQsxT3eG4P9q68c43e3sbDHRY9qs7oSt8o=";
}
netboxAgent
{
id = "275165";
hash = "sha256-9a26V3Pi8yLD3N9+mC1kvJoruxRTp/qOHapnt6VX7pw=";
}
];
"nixos-23.11" = [
# netbox module
{