lbailly/infrastructure
1
0
Fork 0
forked from DGNum/infrastructure
Code Pull requests Activity

feat(netbox-agent): init

Browse source
This commit is contained in:
sinavir 2024-03-23 20:22:58 +01:00
parent 733c9c74a7
commit 747d8c08cb
7 changed files with 165 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
meta/nodes.nix
View file

@ -25,6 +25,7 @@
deployment.tags = [ "web" ]; deployment.tags = [ "web" ];
stateVersion = "23.05"; stateVersion = "23.05";
vm-cluster = "Hyperviseur NPS";
}; };
compute01 = { compute01 = {
@ -67,11 +68,13 @@
stateVersion = "24.05"; stateVersion = "24.05";
nixpkgs = "unstable"; nixpkgs = "unstable";
vm-cluster = "Hyperviseur NPS";
}; };
rescue01 = { rescue01 = {
site = "luj01"; site = "luj01";
stateVersion = "23.11"; stateVersion = "23.11";
vm-cluster = "Hyperviseur Luj";
}; };
} }

6
meta/options.nix
View file

@ -117,6 +117,12 @@ in
Geographical site where the node is located. Geographical site where the node is located.
''; '';
}; };
vm-cluster = mkOption {
type = nullOr str;
default = null;
description = "VM cluster where the VM is located";
};
}; };
config = { config = {

1
modules/default.nix
View file

@ -43,6 +43,7 @@
"dgn-console" "dgn-console"
"dgn-fail2ban" "dgn-fail2ban"
"dgn-hardware" "dgn-hardware"
"dgn-netbox-agent"
"dgn-network" "dgn-network"
"dgn-records" "dgn-records"
"dgn-ssh" "dgn-ssh"

48
modules/dgn-netbox-agent/default.nix Normal file
View file

@ -0,0 +1,48 @@
{
config,
meta,
name,
lib,
...
}:
let
inherit (config.deployment) tags;
inherit (config.networking) hostName domain;
in
{
options.dgn-netbox-agent = {
enable = lib.mkEnableOption "DGNum netbox agent setup." // {
default = true;
};
};
config = lib.mkIf config.dgn-netbox-agent.enable {
services.netbox-agent = {
enable = true;
settings = {
netbox.url = "https://netbox.dgnum.eu/";
network.ignore_interfaces = "(lo|dummy.*|docker.*|podman.*)";
register = true;
update_all = true;
virtual = {
enabled = meta.nodes.${name}.vm-cluster != null;
cluster_name = meta.nodes.${name}.vm-cluster;
};
purge_old_devices = true;
hostname_cmd = "echo ${hostName}.${domain}";
datacenter_location = {
driver = "cmd:echo ${meta.nodes.${name}.site}";
regex = "(.*)";
};
device = {
tags = "netbox-agent";
# Default role
server_role = "Staging infra";
};
};
randomizedDelaySec = "1h";
environmentFile = config.age.secrets."netbox-agent".path;
};
age-secrets.sources = [ ./. ];
};
}

43
modules/dgn-netbox-agent/netbox-agent Normal file
View file

@ -0,0 +1,43 @@
age-encryption.org/v1
-> ssh-ed25519 jIXfPA 7gTIVQPNYztJT+qoF84OnMxPeap+NsLzh6bASMHG9As
k4ojDFQTJEgxELiAFZ3ZfIFYIHMgxLOb4/tNYUsEpOU
-> ssh-ed25519 QlRB9Q X6m3M+he0IvK14coQpOQoE9fhLCrIwsj1yVkdAO6BTY
odBZdJHLB+Gou6ZsyaQ8W7gbK9RKPm6dxy0XAZmkadg
-> ssh-ed25519 r+nK/Q o55S/i2wyaWzFSH97AYrza9bUBvlt82oMmbwQfIhh10
eNZWfTVdm6TDbxTNFB8sI9vIKpDv2K+eG2WjO99Z1UM
-> ssh-rsa krWCLQ
Fq1SPGGq4x1HRLKO11taw4/JBkoVERx+kFEhJ1i9CDfFveZlE0GNGUPoHOEz2ofd
+cvdeLvj+dd/kwPLi1dEXRtD1Fi3LKpeoRgFJXiQXVUR78layx+kNAVV6tWmSX0v
xdnKmAiLBz3JXkD6xl8Uenz3xVMXbUNQqqhJwNv3e1eNFaWaShaKYqCB5uJUxHB/
1gXmtyuJfzIzV8V35dYPOAaGhAc6z6tqJv1vZs1Cd4ynFeDKue2Hx+vnfljf1RVC
/myae5OXdJU7ROATd4+Gl7GEt+Vqy8VrJXe5Dcl9vdnhjMU/JCCr/6Tk+u4254GW
Sitp80V7MXldLwLxDgXgrA
-> ssh-ed25519 /vwQcQ py7z6m7mIBlNMOmXPAef/NZ8zFa84VHY5OnH0xWe630
BzDYVzkYflzh0bCsAykfcJhLWs7Xfj/DJpLUUjznug8
-> ssh-ed25519 0R97PA XKN1c2DF1gndn7m9ayJnxN6HyMdOSHdWpIXkjP44+yw
Qo2oloI/LpwkEzNjRAKNQPVYG1zm601KZ2Z+sRZ8hB0
-> ssh-ed25519 JGx7Ng QKaSYE0pO6VxWvr6RpRZXQf5CGv0w6NJYThyTqigMAY
Tt7UkHLoGW88iNh0eu0UkGoU2ms4Ui7MCqRu3KggxoY
-> ssh-ed25519 5SY7Kg aLdVxQgVwt3JPDUSJYXt/OUljR2/8Izb5FAluaV3Nk0
0X/zLgsHN5N3yxUCetRiuwEp7rGrg7YnGQjwy1ZvsD0
-> ssh-ed25519 p/Mg4Q wSje5R0PF31xLIkwi3FzHDwaW/NMA5VLVtbAAa7mzFc
wfOL3Dc9wDcidBv7GGmkSNwKLSAjRcvn0cXtHslbFSM
-> ssh-ed25519 tDqJRg kfJgtWRLeHnGNDxq3MW45URbQz1Gh2hhR59E5UWKQ2E
KPnLwjPPtmCclbHz/aN4ATNxshqo7YbnDOXQN19aSGo
-> ssh-ed25519 9pVK7Q jmYiL9ImKqZ5n2SCs+RNFi44ge99e7agOBFZHakQqAk
j8WG/QuoYETnyPvOuOpIyvPBm0W2CQYLqSMw2AH2OaU
-> ssh-ed25519 /BRpBQ Myx966lE1Cy1GEjlHczKsj4h/LgKuNyQI8f47rAKsGY
d+XUuPJrjzJbkenl3sjJKScBNPLaGFyUu25zYuleGyU
-> ssh-ed25519 +MNHsw GT736xXXFYrMX5nLiUhlab+iPaKZ/7lBZiSitNkMwWk
4zygmNGD1arO5dWN43IxXc9Yk09rvvH6L27VwdunG/4
-> ssh-ed25519 rHotTw 7nZ8PTnHh5zgUq8VBA07xsBLiNmuIXVgL5RXmpQprQA
Oue9kpki0BjeMdgPQkIyQDxspD0yiVFhap1YnFSJPf4
-> ssh-ed25519 +mFdtQ mZ1ZlXrLzg1jJCpCRnX4Gp+ifHOy86k3BDMJZ8Bx9Qc
JhI3SmE1UpvKEUu6LvSVEiQZnhCjKRwBrF7zJ9L4ANM
-> ssh-ed25519 0IVRbA 0XPF4deOErbp3EwMBmOpd3JIcwLv4wGIIrIHISC3mDU
sBP09UtJ/0vga2mMLqnvR7tQAdX+BtOctDb8jl0OkQQ
-> ssh-ed25519 8V9fnQ Ug56Iiw3mixnOL/Ky8/p+tpj89AWCbHwHuD6R7htgmQ
trXKH540NOZAzt7f197A8aL2zX3jlx+/K4JAEQWaSbo
--- iqcgcJMxU1/rYicqdLL9AD9UrC5okQmnsnAa1vkkB9g
 ª¹3CÈÆc<EFBFBD>O·*ÿœ‹.)öh$,Ê£²¿ñjåqq6Xt)-kä>÷Çýd¿3y$ëÝGΣÂMžLO®ÛêGà*oòsç[½ß¤f{-ù© áÛM]
òo¢.ÂË

1
modules/dgn-netbox-agent/secrets.nix Normal file
View file

@ -0,0 +1 @@
{ netbox-agent.publicKeys = (import ../../lib { }).machineKeys; }

63
patches/default.nix
View file

@ -1,3 +1,11 @@
let
netboxAgent =
# netbox-agent
{
id = "244549";
hash = "sha256-8/qjrwpVGZoztafIk80ALZqZ4dZgwdC9amK/tK30D0M=";
};
in
{ {
"nixos-23.11" = [ "nixos-23.11" = [
# netbox module # netbox module
@ -7,6 +15,60 @@
includes = [ "nixos/modules/services/web-apps/netbox.nix" ]; includes = [ "nixos/modules/services/web-apps/netbox.nix" ];
hash = "sha256-mjeRxtZozgLNzHkCxcTs3xnonNPkmPoaGxawixC9jfo="; hash = "sha256-mjeRxtZozgLNzHkCxcTs3xnonNPkmPoaGxawixC9jfo=";
} }
netboxAgent
# missing jsonargparse deps for netbox-agent
{
# json arg parse dep: typesched-client
_type = "commit";
sha = "b1770afd23a7a1ebb4e5bccd8d34dfb3a58a4341";
hash = "sha256-PNUOPgmNFQr+bwG8MQiwlI4+zkDKLL3e1GgHHskX/Dk=";
}
{
# json arg parse dep: reconplogger
_type = "commit";
sha = "3835e47059eee32eaf5ef0eb03fce90e8c9b8ab4";
hash = "sha256-owJL1nmYfEXSHekBGgbJrTkl3OpX6dG9oq3mjN4Xgj8=";
}
{
# json arg parse dep: logmatic
_type = "commit";
sha = "b0de35af031b4282ac99919384f029a18704d819";
hash = "sha256-0nJzF2WMPNs2/zI65T1j9DQ0kORDKCu3H2PWjd/bXuo=";
}
{
# init at 4.27.2
_type = "commit";
sha = "aa724f81163725b54a06623d191de6d4c064c5ea";
hash = "sha256-ZWOVpVVsmjBCCiMe/j4YKz6YP4m5I8TTbqWNqBaMtKA=";
}
{
# 4.27.2 -> 4.27.3
id = "284460";
hash = "sha256-di9F8d5l0QDWt9yNpamHMyMm4AVxnsRko8+/Ruo7G3I=";
}
{
# 4.27.3 -> 4.27.4
id = "285873";
hash = "sha256-GRytcYvIsMP2RfHlmOJIH3po2/KmfZ3fDwo3YUyXGEU=";
}
{
# 4.27.4 -> 4.27.5
id = "288546";
hash = "sha256-iHXwZQKlaWmbd9kJbm6YyjIc3bPFHGbIghYRCPsSGHo=";
}
{
# 4.27.5 -> 4.27.6
id = "296359";
hash = "sha256-BHevlu8eqkoRgxwFMoS9bkT/9+w0Hfp3JXWh6UKovUk=";
}
{
# 4.27.6 -> 4.27.7
id = "297825";
hash = "sha256-tu91+T1G/sHfCLfLL4Jk/zLU/QwnHLbpxiYzRBJXFXw=";
}
# castopod: 1.6.4 -> 1.7.0 + ajout du support de loadcredentials # castopod: 1.6.4 -> 1.7.0 + ajout du support de loadcredentials
{ {
_type = "static"; _type = "static";
@ -82,4 +144,5 @@
hash = "sha256-XVq72jiLCDrZhADgyvI5y1y/5zlpX89vUBvxUolrYp8="; hash = "sha256-XVq72jiLCDrZhADgyvI5y1y/5zlpX89vUBvxUolrYp8=";
} }
]; ];
"nixos-unstable" = [ netboxAgent ];
} }