-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
129 lines (117 loc) · 3.2 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
{
description = "NixOS configuration for my homelab nodes";
inputs = {
nixpkgs = {
url = "github:NixOS/nixpkgs/nixos-unstable";
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
turing-rk1 = {
url = "github:GiyoMoon/nixos-turing-rk1";
# url = "git+file:///Users/jasi/Documents/dev/nixos-turing-rk1";
# Don't follow nixpkgs, or we'd need to rebuild the entire kernel on every nixpkgs update
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
kubenix = {
url = "github:GiyoMoon/kubenix";
inputs.nixpkgs.follows = "nixpkgs";
};
traefik-chart = {
url = "github:traefik/traefik-helm-chart";
flake = false;
};
cert-manager-chart = {
url = "https://charts.jetstack.io/charts/cert-manager-v1.15.3.tgz";
flake = false;
};
cert-manager-crds = {
url = "https://github.com/cert-manager/cert-manager/releases/download/v1.15.3/cert-manager.crds.yaml";
flake = false;
};
reflector-chart = {
url = "https://github.com/emberstack/helm-charts/raw/main/repository/reflector/reflector-7.1.288.tgz";
flake = false;
};
longhorn-chart = {
url = "github:longhorn/longhorn";
flake = false;
};
metallb-chart = {
url = "https://github.com/metallb/metallb/releases/download/metallb-chart-0.14.8/metallb-0.14.8.tgz";
flake = false;
};
};
outputs =
{
self,
nixpkgs,
deploy-rs,
sops-nix,
turing-rk1,
kubenix,
...
}@inputs:
let
system = "aarch64-linux";
in
{
nixosConfigurations = {
node1 = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {
inherit kubenix inputs;
meta = {
hostname = "node1";
};
};
modules = [
turing-rk1.nixosModules.turing-rk1
sops-nix.nixosModules.sops
./modules/default.nix
];
};
node3 = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {
inherit inputs;
meta = {
hostname = "node3";
};
};
modules = [
turing-rk1.nixosModules.turing-rk1
sops-nix.nixosModules.sops
./modules/default.nix
./nodes/node3.nix
];
};
};
deploy.nodes = {
node1 = {
hostname = "node1.lan";
sshUser = "root";
# Enable on first run
# sshUser = "nixos";
user = "root";
autoRollback = false;
magicRollback = false;
profiles.system.path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.node1;
};
node3 = {
hostname = "node3.lan";
sshUser = "root";
# Enable on first run
# sshUser = "nixos";
user = "root";
autoRollback = false;
magicRollback = false;
profiles.system.path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.node3;
};
};
};
}