forked from DGNum/infrastructure
feat(krz01): init
This commit is contained in:
parent
bdf0e4cf7a
commit
70c69346fb
11 changed files with 179 additions and 42 deletions
2
keys/machines/krz01.keys
Normal file
2
keys/machines/krz01.keys
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP4o65gWOgNrxbSd3kiQIGZUM+YD6kuZOQtblvzUGsfB root@krz01
|
||||||
|
|
26
machines/krz01/_configuration.nix
Normal file
26
machines/krz01/_configuration.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
{ lib, ... }:
|
||||||
|
|
||||||
|
lib.extra.mkConfig {
|
||||||
|
enabledModules = [
|
||||||
|
# INFO: This list needs to stay sorted alphabetically
|
||||||
|
];
|
||||||
|
|
||||||
|
enabledServices = [
|
||||||
|
# INFO: This list needs to stay sorted alphabetically
|
||||||
|
# "proxmox"
|
||||||
|
];
|
||||||
|
|
||||||
|
extraConfig = {
|
||||||
|
dgn-hardware = {
|
||||||
|
useZfs = true;
|
||||||
|
zfsPools = [
|
||||||
|
"dpool"
|
||||||
|
"ppool0"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
#services.netbird.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
root = ./.;
|
||||||
|
}
|
50
machines/krz01/_hardware-configuration.nix
Normal file
50
machines/krz01/_hardware-configuration.nix
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = [
|
||||||
|
"ehci_pci"
|
||||||
|
"ahci"
|
||||||
|
"mpt3sas"
|
||||||
|
"usbhid"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
kernelModules = [ "kvm-intel" ];
|
||||||
|
extraModulePackages = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-uuid/92bf4d66-2693-4eca-9b26-f86ae09d468d";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.initrd.luks.devices."mainfs" = {
|
||||||
|
device = "/dev/disk/by-uuid/26f9737b-28aa-4c3f-bd3b-b028283cef88";
|
||||||
|
keyFileSize = 1;
|
||||||
|
keyFile = "/dev/zero";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/280C-8844";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = [
|
||||||
|
"fmask=0022"
|
||||||
|
"dmask=0022"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
}
|
9
machines/krz01/proxmox.nix
Normal file
9
machines/krz01/proxmox.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{ sources, ... }:
|
||||||
|
let
|
||||||
|
proxmox-nixos = import sources.proxmox-nixos;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [ proxmox-nixos.nixosModules.proxmox-ve ];
|
||||||
|
services.proxmox-ve.enable = true;
|
||||||
|
nixpkgs.overlays = [ proxmox-nixos.overlays.x86_64-linux ];
|
||||||
|
}
|
5
machines/krz01/secrets/secrets.nix
Normal file
5
machines/krz01/secrets/secrets.nix
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
let
|
||||||
|
lib = import ../../../lib { };
|
||||||
|
in
|
||||||
|
|
||||||
|
lib.setDefault { publicKeys = lib.getNodeKeys "krz01"; } [ ]
|
|
@ -29,6 +29,28 @@
|
||||||
netbirdIp = "100.80.75.197";
|
netbirdIp = "100.80.75.197";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
krz01 = {
|
||||||
|
interfaces = {
|
||||||
|
eno1 = {
|
||||||
|
ipv4 = [
|
||||||
|
{
|
||||||
|
address = "129.199.146.21";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
address = "192.168.1.145";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
gateways = [ "129.199.146.254" ];
|
||||||
|
enableDefaultDNS = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hostId = "bd11e8fc";
|
||||||
|
};
|
||||||
|
|
||||||
geo01 = {
|
geo01 = {
|
||||||
interfaces = {
|
interfaces = {
|
||||||
eno1 = {
|
eno1 = {
|
||||||
|
|
|
@ -70,6 +70,15 @@
|
||||||
nixpkgs = "24.05";
|
nixpkgs = "24.05";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
krz01 = {
|
||||||
|
site = "pav01";
|
||||||
|
|
||||||
|
stateVersion = "24.05";
|
||||||
|
nixpkgs = "24.05";
|
||||||
|
|
||||||
|
deployment.targetHost = "192.168.1.145";
|
||||||
|
};
|
||||||
|
|
||||||
storage01 = {
|
storage01 = {
|
||||||
site = "pav01";
|
site = "pav01";
|
||||||
stateVersion = "23.11";
|
stateVersion = "23.11";
|
||||||
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,44 +1,46 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 jIXfPA FhSZKBAccqBqfeayNqY3fhYSi+0NMxsxS3WsdvuVu2M
|
-> ssh-ed25519 jIXfPA sHMGZvBA3KQ+vgyPRvthm7RrZv+cpA8rVaLMG11tWzc
|
||||||
xT37RUaShiHdPBUnjWntSY43LqXsR8Pgz5kUZ/mgz2w
|
wb74jb8YFbu4hTaKECNpaCV5besptdBoXXstKd+eLTI
|
||||||
-> ssh-ed25519 QlRB9Q xwok3cJ6SlGxlGi/UesKHVf+O4q9mn7btLweXJzeknI
|
-> ssh-ed25519 QlRB9Q RILFFiLngUvfSPOmw6ZLmFLVyIIQqzib7LTV8hZP/w4
|
||||||
LrigakDhwhHCHEaJ0eQx6TIke9vYLqXwwaUjusWOvSk
|
na6S3iWEs3cxff30X59wD0SUNEP0/9LcuCyCUi7wgxg
|
||||||
-> ssh-ed25519 r+nK/Q DS8/iUfczVGxB/Hl6EkweNAGSM0ZhWqrFy4xn82QNH8
|
-> ssh-ed25519 r+nK/Q Mtrr3NKJG1MBw150IZK1ZTKCglktIK8mV2M7FiLz9EQ
|
||||||
0Z8KOLZtxh2c0JTeiPbz3ZDF3CYrDs7bmwKjjemTs0o
|
zEEJwKeucMsZePFTZF/Cxfcuqn7KiSoBmBnNVKX1jAY
|
||||||
-> ssh-rsa krWCLQ
|
-> ssh-rsa krWCLQ
|
||||||
CDqVAHHD/1keQdgJZX5/hkiYMpZae1MocI5LjtWWg+QDkw1Bp6bNZLou8Uc2RG0H
|
r3OX+AaSGO0zLoEAvAo3UrtWwU/Vjyfdp+qy4haB3tpl305I6Y6O6n2iHnc1PFgw
|
||||||
xZIB+z1XSXf7iMla5l7RWbW+g61T38QKWoAwvAGFz+XOstBTDY4bWgSv1g6vm+6x
|
qQ7Sa0GekbxNcwD7MzAmKbsm9wmnrF2hX03gFDI5isEPxaLC6ha207Ykauc2q1JC
|
||||||
XuQLxCkj4cmy3dUsvaiiQXsstuMGOWSUbp2OQWfErzoVegHVCr/XKSAI1vMwQOWN
|
/SOZ/OUiizBUuO5OjywYz2AJUfEabmd+X1fw5QxAPSfp57KBZDJCGSpEDeJigU7M
|
||||||
9tJUJCKEo2DTr5OmIL7kSWguVZYy77ta7JxmGbPrNQ7LJuRoZkUgX4V37SFgDKN4
|
1n1XsT6eCyNDIIozRzIIyxLZU+tDDswjvjCaDJ/t2BE76LienwMRZK4P4tSn8DQP
|
||||||
QgpupxXP/3oDhDSzZYbS6Fw+b7U01BwPyziY1kOYztv2qSoBJFMVtZS3oJEu4ChU
|
Jbm7bb5T2P1VAK4qIMP04DXQ861Kr2DvpLA/aPtHd9yMcZn5wQWMCVDgsL3ko0fU
|
||||||
7MRHaN15cGZRsC5zIQAg9w
|
VThQwBW4qe59CCxA68TUcQ
|
||||||
-> ssh-ed25519 /vwQcQ ZPWBCoQ7imVFfTkUYrp4NGRnz3vskNtMgbV41F1s8BE
|
-> ssh-ed25519 /vwQcQ KYM+4CPxNwxwh3liBBJYIqlWzpDO3h/dl54rEKQXGHU
|
||||||
oTrgDNisd8Sqmxo0ZDpVSO5iURWNLrIlKABjys+gHhw
|
uteNJEqwLKUC3Gjm0BiRmb3uLb3bzRfpf3c1Da3vGjY
|
||||||
-> ssh-ed25519 0R97PA CgUUW9m8+M1rpsCPAPyRC8VKvilDKMA8VkDqqDfbpAs
|
-> ssh-ed25519 0R97PA Sc9QAI4UNY6x0fZAoQOpUjzFzwev196x+7fjeIry3AU
|
||||||
qJ/pa3VLh6650lDN5YPyYtxsDYMiRyTtK1yu+JeF3ww
|
puUi8W0jCbMW3cN7PjoDM+vXnHjdQ2RLfX0kdpsaWhI
|
||||||
-> ssh-ed25519 JGx7Ng r8OMU9Grvd8yxzzUzeEH4iCPp8NBHVcQKQe13AJOKjE
|
-> ssh-ed25519 JGx7Ng LzO5qvnVWhF3+cR4J3nJv9IB55/FYKillkJ2jKadfQA
|
||||||
eYC+/VMsoetiVFTGdlAL3xDDe6WziBYU4Fr6XN/HlJI
|
r3F+FKdpoKTB0/e5Vz5JFh9u8BKBOjn9XXE4dJEriuw
|
||||||
-> ssh-ed25519 5SY7Kg 4T4xlrNW8yqI23A3GH7dRDyhbUA62ldS2/R7YCsHz0U
|
-> ssh-ed25519 5SY7Kg Uz/EgMgi0ACJStIvz06efUQpeU6VAuXVj+Veki0LkXA
|
||||||
ukewT84UtQcAQNNSNogi3WOjoNeA7p50D1JHJ+39lYs
|
ukCkNIQMYbZBCBfd5R5dKWJwOcIKHzS9HN9CNk5iSF4
|
||||||
-> ssh-ed25519 p/Mg4Q EBlu4oYIa4hX5mGExy2xwyHbnDli9xY7MebUOr+hTzw
|
-> ssh-ed25519 p/Mg4Q 9+IsF8fUNcQhRxRddI6WQyKP8Ky0HV4jAUvS0ySDDwM
|
||||||
TqmNgHL1xxyI+i4h3KgskVsWrlYUnuT5MJWcYj2crps
|
7WamT/OA2Os6uE/hKzWkfjlwOKQpZ6j+fcgkvsk6wCY
|
||||||
-> ssh-ed25519 DqHxWQ KiCWC6eJOUScSlPNpC2G2FbfD/fQ2b14KHhuw+QKNTI
|
-> ssh-ed25519 DqHxWQ WndaDm+ApRfFj+KL5cJgJqwaZXUYrXHpQ6AxDtGb5FY
|
||||||
Un89T6OXiXWTBZqwdXPvyckxcBIhp2wmC4A5723b/5g
|
u5RHgWaY28QfA3jsD54PLR50Jl5KQyVpPv4CFhLPiYI
|
||||||
-> ssh-ed25519 tDqJRg k5YZwwURv21NC/0tt2r3CBuUPDhfO/Y7c3ISVhMGQkA
|
-> ssh-ed25519 tDqJRg Wgx7QpoPeendwBsWB+jAN5K+1uhxPsEHMugOPeC+Ono
|
||||||
sdm+SpychoEekD6JK6Wz2CCcfDpwPD6rlLyB3RJES08
|
CRWVWTQB2eCVSKAwIzNNaWefAmniVtF5hu8xYeTGF0Q
|
||||||
-> ssh-ed25519 9pVK7Q 2kUnZCmNsAu90KA+st/ZFnez8rg4zqIZ3AZQsqHW0y8
|
-> ssh-ed25519 9pVK7Q kB5gWwwNNcCnjN5+1j7alWzqEgYMDQ3IvA8/0ltfLwo
|
||||||
YlCXQ5g8vnNboPVHdSKyrdwRNvjwp9VHP+RV2WP7z00
|
Tp7n6v/s4swKjOqEDKEKhM8agghKEvaz+zymG+b72f8
|
||||||
-> ssh-ed25519 /BRpBQ w+kqiukijvXdlvKdTfVvNYv6pLTifaZeagzU1VWQLwE
|
-> ssh-ed25519 /BRpBQ 6B5ODsRsRx8EIOrzBnAAw1bYsAQMvssSC1xxbAh+bGE
|
||||||
RKNPvu971viqMHBXpgE9D8L9ievWxIS5ANU8QADqwRY
|
Xmhe74XTMwfcGvk620XixhR/6GtOt2fynSMdJ7riZxs
|
||||||
-> ssh-ed25519 +MNHsw m+K/VIApzxBfYxc4/dPod+9TwBBTrtGa/B28QhawAD8
|
-> ssh-ed25519 /x+F2Q /idVQW3v18G3e++zLmmcpZTvSW6YTfYKYX0xalx3DTU
|
||||||
gwJLtE5zIiNtKZ/YdroneSLLuZzvoAXaJYsqPzPkyLc
|
ybNKGMgW5ChQU2HXHfM0Od6GWC+HRKDemibhzi+NCA4
|
||||||
-> ssh-ed25519 rHotTw NSgFCgFQxKc7DSrNq/77PAnAKxSG055gutF2aUUDLzA
|
-> ssh-ed25519 +MNHsw +5EkjYR0CD0tF3jazvyz6WtzIG+84czuEsGzPmucOVI
|
||||||
uL3QhQHmtQrrUPllFtVf7QiLIMWkT0EYIokxUVkLMrc
|
AqBXlugxP84nJ9jK1dPWWRJAAAzZjKl0RKd1+aXeIJg
|
||||||
-> ssh-ed25519 +mFdtQ otE9brZku3sOSb9IvvTW/eioWDFvMJlsxSUvOcPNwiU
|
-> ssh-ed25519 rHotTw IzGcfj5jNooeVt7+iJwnxUfka95NVEtE9dStQUt+gCE
|
||||||
7vV6u7zLv2EfSz3qmY9Sboj2Z5LBwSTxrl4FWm3mYAs
|
+lrjFHAgNOxI4JS6tGXcDSnbdn6/qwt2tI2WdVX2tO4
|
||||||
-> ssh-ed25519 0IVRbA kwQNIVhpFtgIlJAAoqk1fqUP9OHN9YGWcYXbT+/bHE0
|
-> ssh-ed25519 +mFdtQ AieFjWmv27LvUbZXCBEqmvfTQM7SLXL12qIOzZLxdi8
|
||||||
gDOPJMeDI2eDx+emxUNSb/MW7IRPj8ni3mOLgZV9F0Y
|
s0qzhUO2FDqr/w8B4cbnX8NuXfZM+nv4gj6SF0DreCY
|
||||||
-> ssh-ed25519 IY5FSQ gtGe4X/Vx4oWn0IIUwv6qpWZ250slvT/QMdwVQQrsAQ
|
-> ssh-ed25519 0IVRbA +S10pCaLByp+UrfbZXIIhMvUW79NPSSr5qHbm8Q8nxY
|
||||||
yeJ8+BibBiwq2944ruZdek/4tpAqyMnG0RsyzkXQpRg
|
fLU4Shu/luX9gLrJDM8rY+HRpHuuLKJAz0BSiLfXkj8
|
||||||
--- QhDkZSHLpgsvAUk5YhkhD8MNNX6Vlj7CWeQfJ6oEmk0
|
-> ssh-ed25519 IY5FSQ FJGXPcN7XjZTl3zc8iLSmc2IfhHx/xqIqnNz7j0dXGg
|
||||||
|`ŸP!ùá+ôÃg&ói¤;¶šªâlÔNn„Äõ¬¸ç¤ °ü’4´kWó§#èƒ<C3A8><C692>±€w
|
D99jvNKh7yzafKB9qzOX6xNjhf3WS4bYBcc91dVX6Ow
|
||||||
|
--- USWnD/9XEj6tW0aHMZiVK1Guf43b/8wWcsafnVT0+h4
|
||||||
|
RqÏHª,XHs8ÌÛÔtAbAGI<47>áΤÂ,åÖÝ¥¿è:<G=bFb†ÀTGSGäÊÙ _
˜
|
|
@ -268,6 +268,18 @@
|
||||||
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre689466.7d49afd36b55/nixexprs.tar.xz",
|
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre689466.7d49afd36b55/nixexprs.tar.xz",
|
||||||
"hash": "0r4zb6j8in4dk7gxciapfm49dqbdd0c7ajjzj9iy2xrrj5aj32qp"
|
"hash": "0r4zb6j8in4dk7gxciapfm49dqbdd0c7ajjzj9iy2xrrj5aj32qp"
|
||||||
},
|
},
|
||||||
|
"proxmox-nixos": {
|
||||||
|
"type": "Git",
|
||||||
|
"repository": {
|
||||||
|
"type": "GitHub",
|
||||||
|
"owner": "SaumonNet",
|
||||||
|
"repo": "proxmox-nixos"
|
||||||
|
},
|
||||||
|
"branch": "main",
|
||||||
|
"revision": "53f9cd6ad81f1bf36b257470d82e77e0629578c8",
|
||||||
|
"url": "https://github.com/SaumonNet/proxmox-nixos/archive/53f9cd6ad81f1bf36b257470d82e77e0629578c8.tar.gz",
|
||||||
|
"hash": "1nirb5k029bphflifks1kc1qdmvdw88x492dfy9ma4yldsiqrgyi"
|
||||||
|
},
|
||||||
"signal-irc-bridge": {
|
"signal-irc-bridge": {
|
||||||
"type": "Git",
|
"type": "Git",
|
||||||
"repository": {
|
"repository": {
|
||||||
|
|
Loading…
Reference in a new issue