forked from DGNum/infrastructure
feat(infra): Deploy web03
This commit is contained in:
parent
4b2d1cde5b
commit
b6cbf6e918
6 changed files with 94 additions and 0 deletions
|
@ -23,6 +23,7 @@ rec {
|
|||
vault01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJA6VA7LENvTRlKdcrqt8DxDOPvX3bg3Gjy9mNkdFEW" ];
|
||||
web01 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR+lewuJ/zhCyizJGJOH1UaAB699ItNKEaeuoK57LY5" ];
|
||||
web02 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX" ];
|
||||
web03 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrWsMEfK86iaO9SubMqE2UvZNtHkLY5VUod/bbqKC0L" ];
|
||||
|
||||
# SSH keys of the DGNum members
|
||||
catvayor = [
|
||||
|
|
16
machines/web03/_configuration.nix
Normal file
16
machines/web03/_configuration.nix
Normal file
|
@ -0,0 +1,16 @@
|
|||
{ lib, ... }:
|
||||
|
||||
lib.extra.mkConfig {
|
||||
enabledModules = [
|
||||
# List of modules to enable
|
||||
"dgn-web"
|
||||
];
|
||||
|
||||
enabledServices = [
|
||||
# List of services to enable
|
||||
];
|
||||
|
||||
extraConfig = { };
|
||||
|
||||
root = ./.;
|
||||
}
|
45
machines/web03/_hardware-configuration.nix
Normal file
45
machines/web03/_hardware-configuration.nix
Normal file
|
@ -0,0 +1,45 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||
|
||||
boot = {
|
||||
initrd = {
|
||||
availableKernelModules = [
|
||||
"ahci"
|
||||
"xhci_pci"
|
||||
"virtio_pci"
|
||||
"sr_mod"
|
||||
"virtio_blk"
|
||||
];
|
||||
kernelModules = [ ];
|
||||
|
||||
luks.devices."main" = {
|
||||
device = "/dev/disk/by-uuid/21a5fa9b-35d2-49c9-80f8-5161c652bdc8";
|
||||
tryEmptyPassphrase = true;
|
||||
};
|
||||
};
|
||||
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
extraModulePackages = [ ];
|
||||
};
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/9069a0a6-2f9f-4219-a2c4-248de932da6f";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/9826-E466";
|
||||
fsType = "vfat";
|
||||
options = [
|
||||
"fmask=0022"
|
||||
"dmask=0022"
|
||||
];
|
||||
};
|
||||
|
||||
swapDevices = [ { device = "/dev/disk/by-uuid/a91c29b4-9b1b-477e-820f-3cf610158e2a"; } ];
|
||||
}
|
3
machines/web03/secrets/secrets.nix
Normal file
3
machines/web03/secrets/secrets.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
(import ../../../keys).mkSecrets [ "web03" ] [
|
||||
# List of secrets for web03
|
||||
]
|
|
@ -178,6 +178,25 @@
|
|||
netbirdIp = null; # web02 is not to be connected on the VPN
|
||||
};
|
||||
|
||||
web03 = {
|
||||
interfaces = {
|
||||
enp1s0 = {
|
||||
ipv4 = [
|
||||
{
|
||||
address = "129.199.129.223";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
|
||||
gateways = [ "129.199.129.1" ];
|
||||
enableDefaultDNS = true;
|
||||
};
|
||||
};
|
||||
|
||||
hostId = "8afc7749";
|
||||
netbirdIp = null; # web03 is not yet connected to the VPN
|
||||
};
|
||||
|
||||
rescue01 = {
|
||||
interfaces = {
|
||||
ens18 = {
|
||||
|
|
|
@ -124,6 +124,16 @@
|
|||
vm-cluster = "Hyperviseur NPS";
|
||||
};
|
||||
|
||||
web03 = {
|
||||
site = "rat01";
|
||||
|
||||
hashedPassword = "$y$j9T$Un/tcX5SPKNXG.sy/BcTa.$kyNHELjb1GAOWnauJfcjyVi5tacWcuEBKflZDCUC6x4";
|
||||
|
||||
stateVersion = "24.05";
|
||||
nixpkgs = "24.05";
|
||||
vm-cluster = "Hyperviseur NPS";
|
||||
};
|
||||
|
||||
rescue01 = {
|
||||
site = "luj01";
|
||||
|
||||
|
|
Loading…
Reference in a new issue