aurore/nixos
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

colmena: configuration et doc

Browse source
This commit is contained in:
korenstin 2025-10-11 12:46:10 +02:00
parent dd227a92dc
commit ef1453ab1e
Signed by: korenstin
GPG key ID: 0FC4734F279D20A1
5 changed files with 106 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
README.md
View file

@ -71,3 +71,36 @@ commande :
```bash ```bash
$ nix fmt $ nix fmt
``` ```
## Colmena
Pour faciliter le redeploiement des machines, l'outils colmena est utilisé.
Pour cela, l'ensemble des machines doivent être écrite dans la `flake` au
format `colmena.<name>`. Des tags peuvent être ajouté avec `deployment.tags`
afin redéployer un groupe de machines en même temps.
Pour utiliser les commandes suivantes, il est nécessaire d'avoir colmena sur
son ordinateur. La commande `nix develop` s'en chargera.
Remarque :
> Si l'ensemble des fichiers du repertoire ne sont pas commit, alors colmena
> considérera que le répertoire est "impure". S'il est vraiment nécessaire
> d'appliquer la confifuration, il est possible de le faire à l'aide du flag
> `--impure`.
### Build
```bash
$ colmena build # Build toutes les machines
$ colmena build --on <machine> # Build uniquement la machine <machine>
$ colmena build --on @<tag> # Build les machines possédant ce tag
```
### Apply
```bash
$ colmena apply # Apply toutes les machines
$ colmena apply --on <machine> # Apply uniquement la machine <machine>
$ colmena apply --on @<tag> # Apply les machines possédant ce tag
```

142
flake.nix
View file

@ -34,78 +34,86 @@
}: }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ inputs.treefmt-nix.flakeModule ]; imports = [ inputs.treefmt-nix.flakeModule ];
systems = [ "x86_64-linux" ]; systems = [ "x86_64-linux" ];
flake = with nixpkgs.lib; { flake = with nixpkgs.lib;
colmena = { let
meta = { defaultConfig = [
nixpkgs = import nixpkgs { ./profiles/common
system = "x86_64-linux";
overlays = [ ]; agenix.nixosModules.default
disko.nixosModules.disko
];
defaultVM = [
./profiles/vm
./disks/layout_vm.nix
]
++ defaultConfig;
machines = {
jitsi = {
domain = "pub.infra.auro.re";
tags = [ "vm" ];
config = [ ./hosts/vm/jitsi ] ++ defaultVM;
}; };
grafana = {
}; domain = "ext.infra.auro.re";
tags = [ "vm" ];
jitsi = { config = [
deployment = {
targetHost = "jitsi.pub.infra.auro.re";
targetPort = 22;
targetUser = "root";
tags = [ "services" ];
};
imports = [
./profiles/common
agenix.nixosModules.default
disko.nixosModules.disko
./profiles/vm
./disks/layout_vm.nix
./hosts/vm/jitsi
];
};
};
nixosConfigurations =
let
defaultConfig = [
./profiles/common
agenix.nixosModules.default
disko.nixosModules.disko
];
defaultVM = [
./profiles/vm
./disks/layout_vm.nix
]
++ defaultConfig;
in
{
grafana = nixosSystem {
specialArgs = inputs;
modules = [
./hosts/vm/grafana ./hosts/vm/grafana
] ] ++ defaultVM;
++ defaultVM;
}; };
log-2 = nixosSystem { log-2 = {
specialArgs = inputs; domain = "int.infra.auro.re";
modules = [ tags = [ "vm" "log" ];
config = [
./hosts/vm/log-2 ./hosts/vm/log-2
./disks/layout_vm_log.nix ./disks/layout_vm_log.nix
] ] ++ defaultVM;
++ defaultVM;
};
# VL: Peut-être avoir de l'auto-discovery: On a beaucoup trop de machines
jitsi = nixosSystem {
specialArgs = inputs;
modules = [
./hosts/vm/jitsi
]
++ defaultVM;
}; };
}; };
}; colmena_conf = builtins.mapAttrs
(
name: conf: {
deployment = {
targetHost = "${name}.${conf.domain}";
targetPort = 22;
targetUser = "root";
tags = conf.tags;
};
networking = {
hostName = name;
domain = conf.domain;
};
imports = conf.config;
}
)
machines;
nixos_conf = builtins.mapAttrs
(
name: conf: nixosSystem {
specialArgs = inputs;
modules = [{
networking = {
hostName = name;
domain = conf.domain;
};
}] ++ conf.config;
}
)
machines;
in
{
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [ ];
};
};
} // colmena_conf;
nixosConfigurations = nixos_conf;
};
perSystem = { config, pkgs, system, ... }: perSystem = { config, pkgs, system, ... }:
{ {
@ -116,13 +124,9 @@
# Formatter # Formatter
treefmt.config = { treefmt.config = {
package = pkgs.treefmt; package = pkgs.treefmt;
programs = { programs = {
# *.nix nixpkgs-fmt.enable = true; # *.nix
nixpkgs-fmt.enable = true; prettier.enable = true; # *.md (and more)
# *.md (and more)
prettier.enable = true;
}; };
}; };
}; };

5
hosts/vm/grafana/default.nix
View file

@ -5,11 +5,6 @@
./grafana.nix ./grafana.nix
]; ];
networking = {
hostName = "grafana";
domain = "ext.infra.auro.re";
};
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
systemd.network = { systemd.network = {

5
hosts/vm/jitsi/default.nix
View file

@ -5,11 +5,6 @@
./jitsi.nix ./jitsi.nix
]; ];
networking = {
hostName = "jitsi";
domain = "pub.infra.auro.re";
};
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
systemd.network = { systemd.network = {

5
hosts/vm/log-2/default.nix
View file

@ -7,11 +7,6 @@
disko.devices.disk.logs.device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1"; disko.devices.disk.logs.device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1";
networking = {
hostName = "log-2";
domain = "int.infra.auro.re";
};
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
systemd.network = { systemd.network = {