feat(krz01): init

This commit is contained in:
sinavir 2024-10-08 12:18:26 +02:00
parent bdf0e4cf7a
commit 70c69346fb
11 changed files with 179 additions and 42 deletions

2
keys/machines/krz01.keys Normal file
View file

@ -0,0 +1,2 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP4o65gWOgNrxbSd3kiQIGZUM+YD6kuZOQtblvzUGsfB root@krz01

View file

@ -0,0 +1,26 @@
{ lib, ... }:
lib.extra.mkConfig {
enabledModules = [
# INFO: This list needs to stay sorted alphabetically
];
enabledServices = [
# INFO: This list needs to stay sorted alphabetically
# "proxmox"
];
extraConfig = {
dgn-hardware = {
useZfs = true;
zfsPools = [
"dpool"
"ppool0"
];
};
#services.netbird.enable = true;
};
root = ./.;
}

View file

@ -0,0 +1,50 @@
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [
"ehci_pci"
"ahci"
"mpt3sas"
"usbhid"
"sd_mod"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/92bf4d66-2693-4eca-9b26-f86ae09d468d";
fsType = "ext4";
};
boot.initrd.luks.devices."mainfs" = {
device = "/dev/disk/by-uuid/26f9737b-28aa-4c3f-bd3b-b028283cef88";
keyFileSize = 1;
keyFile = "/dev/zero";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/280C-8844";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,9 @@
{ sources, ... }:
let
proxmox-nixos = import sources.proxmox-nixos;
in
{
imports = [ proxmox-nixos.nixosModules.proxmox-ve ];
services.proxmox-ve.enable = true;
nixpkgs.overlays = [ proxmox-nixos.overlays.x86_64-linux ];
}

View file

@ -0,0 +1,5 @@
let
lib = import ../../../lib { };
in
lib.setDefault { publicKeys = lib.getNodeKeys "krz01"; } [ ]

View file

@ -29,6 +29,28 @@
netbirdIp = "100.80.75.197"; netbirdIp = "100.80.75.197";
}; };
krz01 = {
interfaces = {
eno1 = {
ipv4 = [
{
address = "129.199.146.21";
prefixLength = 24;
}
{
address = "192.168.1.145";
prefixLength = 24;
}
];
gateways = [ "129.199.146.254" ];
enableDefaultDNS = true;
};
};
hostId = "bd11e8fc";
};
geo01 = { geo01 = {
interfaces = { interfaces = {
eno1 = { eno1 = {

View file

@ -70,6 +70,15 @@
nixpkgs = "24.05"; nixpkgs = "24.05";
}; };
krz01 = {
site = "pav01";
stateVersion = "24.05";
nixpkgs = "24.05";
deployment.targetHost = "192.168.1.145";
};
storage01 = { storage01 = {
site = "pav01"; site = "pav01";
stateVersion = "23.11"; stateVersion = "23.11";

Binary file not shown.

View file

@ -1,44 +1,46 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 jIXfPA FhSZKBAccqBqfeayNqY3fhYSi+0NMxsxS3WsdvuVu2M -> ssh-ed25519 jIXfPA sHMGZvBA3KQ+vgyPRvthm7RrZv+cpA8rVaLMG11tWzc
xT37RUaShiHdPBUnjWntSY43LqXsR8Pgz5kUZ/mgz2w wb74jb8YFbu4hTaKECNpaCV5besptdBoXXstKd+eLTI
-> ssh-ed25519 QlRB9Q xwok3cJ6SlGxlGi/UesKHVf+O4q9mn7btLweXJzeknI -> ssh-ed25519 QlRB9Q RILFFiLngUvfSPOmw6ZLmFLVyIIQqzib7LTV8hZP/w4
LrigakDhwhHCHEaJ0eQx6TIke9vYLqXwwaUjusWOvSk na6S3iWEs3cxff30X59wD0SUNEP0/9LcuCyCUi7wgxg
-> ssh-ed25519 r+nK/Q DS8/iUfczVGxB/Hl6EkweNAGSM0ZhWqrFy4xn82QNH8 -> ssh-ed25519 r+nK/Q Mtrr3NKJG1MBw150IZK1ZTKCglktIK8mV2M7FiLz9EQ
0Z8KOLZtxh2c0JTeiPbz3ZDF3CYrDs7bmwKjjemTs0o zEEJwKeucMsZePFTZF/Cxfcuqn7KiSoBmBnNVKX1jAY
-> ssh-rsa krWCLQ -> ssh-rsa krWCLQ
CDqVAHHD/1keQdgJZX5/hkiYMpZae1MocI5LjtWWg+QDkw1Bp6bNZLou8Uc2RG0H r3OX+AaSGO0zLoEAvAo3UrtWwU/Vjyfdp+qy4haB3tpl305I6Y6O6n2iHnc1PFgw
xZIB+z1XSXf7iMla5l7RWbW+g61T38QKWoAwvAGFz+XOstBTDY4bWgSv1g6vm+6x qQ7Sa0GekbxNcwD7MzAmKbsm9wmnrF2hX03gFDI5isEPxaLC6ha207Ykauc2q1JC
XuQLxCkj4cmy3dUsvaiiQXsstuMGOWSUbp2OQWfErzoVegHVCr/XKSAI1vMwQOWN /SOZ/OUiizBUuO5OjywYz2AJUfEabmd+X1fw5QxAPSfp57KBZDJCGSpEDeJigU7M
9tJUJCKEo2DTr5OmIL7kSWguVZYy77ta7JxmGbPrNQ7LJuRoZkUgX4V37SFgDKN4 1n1XsT6eCyNDIIozRzIIyxLZU+tDDswjvjCaDJ/t2BE76LienwMRZK4P4tSn8DQP
QgpupxXP/3oDhDSzZYbS6Fw+b7U01BwPyziY1kOYztv2qSoBJFMVtZS3oJEu4ChU Jbm7bb5T2P1VAK4qIMP04DXQ861Kr2DvpLA/aPtHd9yMcZn5wQWMCVDgsL3ko0fU
7MRHaN15cGZRsC5zIQAg9w VThQwBW4qe59CCxA68TUcQ
-> ssh-ed25519 /vwQcQ ZPWBCoQ7imVFfTkUYrp4NGRnz3vskNtMgbV41F1s8BE -> ssh-ed25519 /vwQcQ KYM+4CPxNwxwh3liBBJYIqlWzpDO3h/dl54rEKQXGHU
oTrgDNisd8Sqmxo0ZDpVSO5iURWNLrIlKABjys+gHhw uteNJEqwLKUC3Gjm0BiRmb3uLb3bzRfpf3c1Da3vGjY
-> ssh-ed25519 0R97PA CgUUW9m8+M1rpsCPAPyRC8VKvilDKMA8VkDqqDfbpAs -> ssh-ed25519 0R97PA Sc9QAI4UNY6x0fZAoQOpUjzFzwev196x+7fjeIry3AU
qJ/pa3VLh6650lDN5YPyYtxsDYMiRyTtK1yu+JeF3ww puUi8W0jCbMW3cN7PjoDM+vXnHjdQ2RLfX0kdpsaWhI
-> ssh-ed25519 JGx7Ng r8OMU9Grvd8yxzzUzeEH4iCPp8NBHVcQKQe13AJOKjE -> ssh-ed25519 JGx7Ng LzO5qvnVWhF3+cR4J3nJv9IB55/FYKillkJ2jKadfQA
eYC+/VMsoetiVFTGdlAL3xDDe6WziBYU4Fr6XN/HlJI r3F+FKdpoKTB0/e5Vz5JFh9u8BKBOjn9XXE4dJEriuw
-> ssh-ed25519 5SY7Kg 4T4xlrNW8yqI23A3GH7dRDyhbUA62ldS2/R7YCsHz0U -> ssh-ed25519 5SY7Kg Uz/EgMgi0ACJStIvz06efUQpeU6VAuXVj+Veki0LkXA
ukewT84UtQcAQNNSNogi3WOjoNeA7p50D1JHJ+39lYs ukCkNIQMYbZBCBfd5R5dKWJwOcIKHzS9HN9CNk5iSF4
-> ssh-ed25519 p/Mg4Q EBlu4oYIa4hX5mGExy2xwyHbnDli9xY7MebUOr+hTzw -> ssh-ed25519 p/Mg4Q 9+IsF8fUNcQhRxRddI6WQyKP8Ky0HV4jAUvS0ySDDwM
TqmNgHL1xxyI+i4h3KgskVsWrlYUnuT5MJWcYj2crps 7WamT/OA2Os6uE/hKzWkfjlwOKQpZ6j+fcgkvsk6wCY
-> ssh-ed25519 DqHxWQ KiCWC6eJOUScSlPNpC2G2FbfD/fQ2b14KHhuw+QKNTI -> ssh-ed25519 DqHxWQ WndaDm+ApRfFj+KL5cJgJqwaZXUYrXHpQ6AxDtGb5FY
Un89T6OXiXWTBZqwdXPvyckxcBIhp2wmC4A5723b/5g u5RHgWaY28QfA3jsD54PLR50Jl5KQyVpPv4CFhLPiYI
-> ssh-ed25519 tDqJRg k5YZwwURv21NC/0tt2r3CBuUPDhfO/Y7c3ISVhMGQkA -> ssh-ed25519 tDqJRg Wgx7QpoPeendwBsWB+jAN5K+1uhxPsEHMugOPeC+Ono
sdm+SpychoEekD6JK6Wz2CCcfDpwPD6rlLyB3RJES08 CRWVWTQB2eCVSKAwIzNNaWefAmniVtF5hu8xYeTGF0Q
-> ssh-ed25519 9pVK7Q 2kUnZCmNsAu90KA+st/ZFnez8rg4zqIZ3AZQsqHW0y8 -> ssh-ed25519 9pVK7Q kB5gWwwNNcCnjN5+1j7alWzqEgYMDQ3IvA8/0ltfLwo
YlCXQ5g8vnNboPVHdSKyrdwRNvjwp9VHP+RV2WP7z00 Tp7n6v/s4swKjOqEDKEKhM8agghKEvaz+zymG+b72f8
-> ssh-ed25519 /BRpBQ w+kqiukijvXdlvKdTfVvNYv6pLTifaZeagzU1VWQLwE -> ssh-ed25519 /BRpBQ 6B5ODsRsRx8EIOrzBnAAw1bYsAQMvssSC1xxbAh+bGE
RKNPvu971viqMHBXpgE9D8L9ievWxIS5ANU8QADqwRY Xmhe74XTMwfcGvk620XixhR/6GtOt2fynSMdJ7riZxs
-> ssh-ed25519 +MNHsw m+K/VIApzxBfYxc4/dPod+9TwBBTrtGa/B28QhawAD8 -> ssh-ed25519 /x+F2Q /idVQW3v18G3e++zLmmcpZTvSW6YTfYKYX0xalx3DTU
gwJLtE5zIiNtKZ/YdroneSLLuZzvoAXaJYsqPzPkyLc ybNKGMgW5ChQU2HXHfM0Od6GWC+HRKDemibhzi+NCA4
-> ssh-ed25519 rHotTw NSgFCgFQxKc7DSrNq/77PAnAKxSG055gutF2aUUDLzA -> ssh-ed25519 +MNHsw +5EkjYR0CD0tF3jazvyz6WtzIG+84czuEsGzPmucOVI
uL3QhQHmtQrrUPllFtVf7QiLIMWkT0EYIokxUVkLMrc AqBXlugxP84nJ9jK1dPWWRJAAAzZjKl0RKd1+aXeIJg
-> ssh-ed25519 +mFdtQ otE9brZku3sOSb9IvvTW/eioWDFvMJlsxSUvOcPNwiU -> ssh-ed25519 rHotTw IzGcfj5jNooeVt7+iJwnxUfka95NVEtE9dStQUt+gCE
7vV6u7zLv2EfSz3qmY9Sboj2Z5LBwSTxrl4FWm3mYAs +lrjFHAgNOxI4JS6tGXcDSnbdn6/qwt2tI2WdVX2tO4
-> ssh-ed25519 0IVRbA kwQNIVhpFtgIlJAAoqk1fqUP9OHN9YGWcYXbT+/bHE0 -> ssh-ed25519 +mFdtQ AieFjWmv27LvUbZXCBEqmvfTQM7SLXL12qIOzZLxdi8
gDOPJMeDI2eDx+emxUNSb/MW7IRPj8ni3mOLgZV9F0Y s0qzhUO2FDqr/w8B4cbnX8NuXfZM+nv4gj6SF0DreCY
-> ssh-ed25519 IY5FSQ gtGe4X/Vx4oWn0IIUwv6qpWZ250slvT/QMdwVQQrsAQ -> ssh-ed25519 0IVRbA +S10pCaLByp+UrfbZXIIhMvUW79NPSSr5qHbm8Q8nxY
yeJ8+BibBiwq2944ruZdek/4tpAqyMnG0RsyzkXQpRg fLU4Shu/luX9gLrJDM8rY+HRpHuuLKJAz0BSiLfXkj8
--- QhDkZSHLpgsvAUk5YhkhD8MNNX6Vlj7CWeQfJ6oEmk0 -> ssh-ed25519 IY5FSQ FJGXPcN7XjZTl3zc8iLSmc2IfhHx/xqIqnNz7j0dXGg
|`ŸP!ùá+ôÃg&ói¤;¶šªâlÔNn„Äõ¬¸ç¤ °ü4´kWó§#èƒ<C3A8><C692>±€w D99jvNKh7yzafKB9qzOX6xNjhf3WS4bYBcc91dVX6Ow
--- USWnD/9XEj6tW0aHMZiVK1Guf43b/8wWcsafnVT0+h4
RqÏHª,XHs8ÌÛÔtAbAGI<47>áΤÂ,åÖÝ¥¿è:<G=bFb†ÀTGSGäÊÙ _ ˜

View file

@ -268,6 +268,18 @@
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre689466.7d49afd36b55/nixexprs.tar.xz", "url": "https://releases.nixos.org/nixpkgs/nixpkgs-24.11pre689466.7d49afd36b55/nixexprs.tar.xz",
"hash": "0r4zb6j8in4dk7gxciapfm49dqbdd0c7ajjzj9iy2xrrj5aj32qp" "hash": "0r4zb6j8in4dk7gxciapfm49dqbdd0c7ajjzj9iy2xrrj5aj32qp"
}, },
"proxmox-nixos": {
"type": "Git",
"repository": {
"type": "GitHub",
"owner": "SaumonNet",
"repo": "proxmox-nixos"
},
"branch": "main",
"revision": "53f9cd6ad81f1bf36b257470d82e77e0629578c8",
"url": "https://github.com/SaumonNet/proxmox-nixos/archive/53f9cd6ad81f1bf36b257470d82e77e0629578c8.tar.gz",
"hash": "1nirb5k029bphflifks1kc1qdmvdw88x492dfy9ma4yldsiqrgyi"
},
"signal-irc-bridge": { "signal-irc-bridge": {
"type": "Git", "type": "Git",
"repository": { "repository": {