deploy-netbox-agent #76
7 changed files with 165 additions and 0 deletions
|
@ -25,6 +25,7 @@
|
|||
deployment.tags = [ "web" ];
|
||||
|
||||
stateVersion = "23.05";
|
||||
vm-cluster = "Hyperviseur NPS";
|
||||
};
|
||||
|
||||
compute01 = {
|
||||
|
@ -67,11 +68,13 @@
|
|||
|
||||
stateVersion = "24.05";
|
||||
nixpkgs = "unstable";
|
||||
vm-cluster = "Hyperviseur NPS";
|
||||
};
|
||||
|
||||
rescue01 = {
|
||||
site = "luj01";
|
||||
|
||||
stateVersion = "23.11";
|
||||
vm-cluster = "Hyperviseur Luj";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -117,6 +117,12 @@ in
|
|||
Geographical site where the node is located.
|
||||
'';
|
||||
};
|
||||
|
||||
vm-cluster = mkOption {
|
||||
type = nullOr str;
|
||||
default = null;
|
||||
description = "VM cluster where the VM is located";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
|
|
|
@ -43,6 +43,7 @@
|
|||
"dgn-console"
|
||||
"dgn-fail2ban"
|
||||
"dgn-hardware"
|
||||
"dgn-netbox-agent"
|
||||
"dgn-network"
|
||||
"dgn-records"
|
||||
"dgn-ssh"
|
||||
|
|
48
modules/dgn-netbox-agent/default.nix
Normal file
48
modules/dgn-netbox-agent/default.nix
Normal file
|
@ -0,0 +1,48 @@
|
|||
{
|
||||
config,
|
||||
meta,
|
||||
name,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (config.deployment) tags;
|
||||
inherit (config.networking) hostName domain;
|
||||
in
|
||||
{
|
||||
|
||||
options.dgn-netbox-agent = {
|
||||
enable = lib.mkEnableOption "DGNum netbox agent setup." // {
|
||||
default = true;
|
||||
};
|
||||
};
|
||||
config = lib.mkIf config.dgn-netbox-agent.enable {
|
||||
services.netbox-agent = {
|
||||
enable = true;
|
||||
settings = {
|
||||
netbox.url = "https://netbox.dgnum.eu/";
|
||||
network.ignore_interfaces = "(lo|dummy.*|docker.*|podman.*)";
|
||||
register = true;
|
||||
update_all = true;
|
||||
virtual = {
|
||||
enabled = meta.nodes.${name}.vm-cluster != null;
|
||||
cluster_name = meta.nodes.${name}.vm-cluster;
|
||||
};
|
||||
purge_old_devices = true;
|
||||
hostname_cmd = "echo ${hostName}.${domain}";
|
||||
datacenter_location = {
|
||||
driver = "cmd:echo ${meta.nodes.${name}.site}";
|
||||
regex = "(.*)";
|
||||
};
|
||||
device = {
|
||||
tags = "netbox-agent";
|
||||
# Default role
|
||||
server_role = "Staging infra";
|
||||
};
|
||||
};
|
||||
randomizedDelaySec = "1h";
|
||||
environmentFile = config.age.secrets."netbox-agent".path;
|
||||
};
|
||||
age-secrets.sources = [ ./. ];
|
||||
};
|
||||
}
|
43
modules/dgn-netbox-agent/netbox-agent
Normal file
43
modules/dgn-netbox-agent/netbox-agent
Normal file
|
@ -0,0 +1,43 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 jIXfPA 7gTIVQPNYztJT+qoF84OnMxPeap+NsLzh6bASMHG9As
|
||||
k4ojDFQTJEgxELiAFZ3ZfIFYIHMgxLOb4/tNYUsEpOU
|
||||
-> ssh-ed25519 QlRB9Q X6m3M+he0IvK14coQpOQoE9fhLCrIwsj1yVkdAO6BTY
|
||||
odBZdJHLB+Gou6ZsyaQ8W7gbK9RKPm6dxy0XAZmkadg
|
||||
-> ssh-ed25519 r+nK/Q o55S/i2wyaWzFSH97AYrza9bUBvlt82oMmbwQfIhh10
|
||||
eNZWfTVdm6TDbxTNFB8sI9vIKpDv2K+eG2WjO99Z1UM
|
||||
-> ssh-rsa krWCLQ
|
||||
Fq1SPGGq4x1HRLKO11taw4/JBkoVERx+kFEhJ1i9CDfFveZlE0GNGUPoHOEz2ofd
|
||||
+cvdeLvj+dd/kwPLi1dEXRtD1Fi3LKpeoRgFJXiQXVUR78layx+kNAVV6tWmSX0v
|
||||
xdnKmAiLBz3JXkD6xl8Uenz3xVMXbUNQqqhJwNv3e1eNFaWaShaKYqCB5uJUxHB/
|
||||
1gXmtyuJfzIzV8V35dYPOAaGhAc6z6tqJv1vZs1Cd4ynFeDKue2Hx+vnfljf1RVC
|
||||
/myae5OXdJU7ROATd4+Gl7GEt+Vqy8VrJXe5Dcl9vdnhjMU/JCCr/6Tk+u4254GW
|
||||
Sitp80V7MXldLwLxDgXgrA
|
||||
-> ssh-ed25519 /vwQcQ py7z6m7mIBlNMOmXPAef/NZ8zFa84VHY5OnH0xWe630
|
||||
BzDYVzkYflzh0bCsAykfcJhLWs7Xfj/DJpLUUjznug8
|
||||
-> ssh-ed25519 0R97PA XKN1c2DF1gndn7m9ayJnxN6HyMdOSHdWpIXkjP44+yw
|
||||
Qo2oloI/LpwkEzNjRAKNQPVYG1zm601KZ2Z+sRZ8hB0
|
||||
-> ssh-ed25519 JGx7Ng QKaSYE0pO6VxWvr6RpRZXQf5CGv0w6NJYThyTqigMAY
|
||||
Tt7UkHLoGW88iNh0eu0UkGoU2ms4Ui7MCqRu3KggxoY
|
||||
-> ssh-ed25519 5SY7Kg aLdVxQgVwt3JPDUSJYXt/OUljR2/8Izb5FAluaV3Nk0
|
||||
0X/zLgsHN5N3yxUCetRiuwEp7rGrg7YnGQjwy1ZvsD0
|
||||
-> ssh-ed25519 p/Mg4Q wSje5R0PF31xLIkwi3FzHDwaW/NMA5VLVtbAAa7mzFc
|
||||
wfOL3Dc9wDcidBv7GGmkSNwKLSAjRcvn0cXtHslbFSM
|
||||
-> ssh-ed25519 tDqJRg kfJgtWRLeHnGNDxq3MW45URbQz1Gh2hhR59E5UWKQ2E
|
||||
KPnLwjPPtmCclbHz/aN4ATNxshqo7YbnDOXQN19aSGo
|
||||
-> ssh-ed25519 9pVK7Q jmYiL9ImKqZ5n2SCs+RNFi44ge99e7agOBFZHakQqAk
|
||||
j8WG/QuoYETnyPvOuOpIyvPBm0W2CQYLqSMw2AH2OaU
|
||||
-> ssh-ed25519 /BRpBQ Myx966lE1Cy1GEjlHczKsj4h/LgKuNyQI8f47rAKsGY
|
||||
d+XUuPJrjzJbkenl3sjJKScBNPLaGFyUu25zYuleGyU
|
||||
-> ssh-ed25519 +MNHsw GT736xXXFYrMX5nLiUhlab+iPaKZ/7lBZiSitNkMwWk
|
||||
4zygmNGD1arO5dWN43IxXc9Yk09rvvH6L27VwdunG/4
|
||||
-> ssh-ed25519 rHotTw 7nZ8PTnHh5zgUq8VBA07xsBLiNmuIXVgL5RXmpQprQA
|
||||
Oue9kpki0BjeMdgPQkIyQDxspD0yiVFhap1YnFSJPf4
|
||||
-> ssh-ed25519 +mFdtQ mZ1ZlXrLzg1jJCpCRnX4Gp+ifHOy86k3BDMJZ8Bx9Qc
|
||||
JhI3SmE1UpvKEUu6LvSVEiQZnhCjKRwBrF7zJ9L4ANM
|
||||
-> ssh-ed25519 0IVRbA 0XPF4deOErbp3EwMBmOpd3JIcwLv4wGIIrIHISC3mDU
|
||||
sBP09UtJ/0vga2mMLqnvR7tQAdX+BtOctDb8jl0OkQQ
|
||||
-> ssh-ed25519 8V9fnQ Ug56Iiw3mixnOL/Ky8/p+tpj89AWCbHwHuD6R7htgmQ
|
||||
trXKH540NOZAzt7f197A8aL2zX3jlx+/K4JAEQWaSbo
|
||||
--- iqcgcJMxU1/rYicqdLL9AD9UrC5okQmnsnAa1vkkB9g
|
||||
pï ª¹3CÈÆc<EFBFBD>O·*‰ÿœ‹.)öh$,Ê£²¿ñjåqq6Xt)-kä>÷Çýd¿3y$ëÝG‘ΣÂMžLO®ÛêGà*oòsç[½ß¤f{-ù©áÛM]–
|
||||
òo¢.ÂË
|
1
modules/dgn-netbox-agent/secrets.nix
Normal file
1
modules/dgn-netbox-agent/secrets.nix
Normal file
|
@ -0,0 +1 @@
|
|||
{ netbox-agent.publicKeys = (import ../../lib { }).machineKeys; }
|
|
@ -1,3 +1,11 @@
|
|||
let
|
||||
netboxAgent =
|
||||
# netbox-agent
|
||||
{
|
||||
id = "244549";
|
||||
hash = "sha256-8/qjrwpVGZoztafIk80ALZqZ4dZgwdC9amK/tK30D0M=";
|
||||
};
|
||||
in
|
||||
{
|
||||
"nixos-23.11" = [
|
||||
# netbox module
|
||||
|
@ -7,6 +15,60 @@
|
|||
includes = [ "nixos/modules/services/web-apps/netbox.nix" ];
|
||||
hash = "sha256-mjeRxtZozgLNzHkCxcTs3xnonNPkmPoaGxawixC9jfo=";
|
||||
}
|
||||
|
||||
netboxAgent
|
||||
|
||||
# missing jsonargparse deps for netbox-agent
|
||||
{
|
||||
# json arg parse dep: typesched-client
|
||||
_type = "commit";
|
||||
sha = "b1770afd23a7a1ebb4e5bccd8d34dfb3a58a4341";
|
||||
hash = "sha256-PNUOPgmNFQr+bwG8MQiwlI4+zkDKLL3e1GgHHskX/Dk=";
|
||||
}
|
||||
{
|
||||
# json arg parse dep: reconplogger
|
||||
_type = "commit";
|
||||
sha = "3835e47059eee32eaf5ef0eb03fce90e8c9b8ab4";
|
||||
hash = "sha256-owJL1nmYfEXSHekBGgbJrTkl3OpX6dG9oq3mjN4Xgj8=";
|
||||
}
|
||||
{
|
||||
# json arg parse dep: logmatic
|
||||
_type = "commit";
|
||||
sha = "b0de35af031b4282ac99919384f029a18704d819";
|
||||
hash = "sha256-0nJzF2WMPNs2/zI65T1j9DQ0kORDKCu3H2PWjd/bXuo=";
|
||||
}
|
||||
{
|
||||
# init at 4.27.2
|
||||
_type = "commit";
|
||||
sha = "aa724f81163725b54a06623d191de6d4c064c5ea";
|
||||
hash = "sha256-ZWOVpVVsmjBCCiMe/j4YKz6YP4m5I8TTbqWNqBaMtKA=";
|
||||
}
|
||||
{
|
||||
# 4.27.2 -> 4.27.3
|
||||
id = "284460";
|
||||
hash = "sha256-di9F8d5l0QDWt9yNpamHMyMm4AVxnsRko8+/Ruo7G3I=";
|
||||
}
|
||||
{
|
||||
# 4.27.3 -> 4.27.4
|
||||
id = "285873";
|
||||
hash = "sha256-GRytcYvIsMP2RfHlmOJIH3po2/KmfZ3fDwo3YUyXGEU=";
|
||||
}
|
||||
{
|
||||
# 4.27.4 -> 4.27.5
|
||||
id = "288546";
|
||||
hash = "sha256-iHXwZQKlaWmbd9kJbm6YyjIc3bPFHGbIghYRCPsSGHo=";
|
||||
}
|
||||
{
|
||||
# 4.27.5 -> 4.27.6
|
||||
id = "296359";
|
||||
hash = "sha256-BHevlu8eqkoRgxwFMoS9bkT/9+w0Hfp3JXWh6UKovUk=";
|
||||
}
|
||||
{
|
||||
# 4.27.6 -> 4.27.7
|
||||
id = "297825";
|
||||
hash = "sha256-tu91+T1G/sHfCLfLL4Jk/zLU/QwnHLbpxiYzRBJXFXw=";
|
||||
}
|
||||
|
||||
# castopod: 1.6.4 -> 1.7.0 + ajout du support de loadcredentials
|
||||
{
|
||||
_type = "static";
|
||||
|
@ -82,4 +144,5 @@
|
|||
hash = "sha256-XVq72jiLCDrZhADgyvI5y1y/5zlpX89vUBvxUolrYp8=";
|
||||
}
|
||||
];
|
||||
"nixos-unstable" = [ netboxAgent ];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue