Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-14 16:55:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

things

Browse source
This commit is contained in:
nora 2024-07-27 00:06:49 +02:00
parent 01ce6387da
commit 6d47ea67f0
5 changed files with 29 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

28
newinfra/nix/hive.nix
View file

@ -17,7 +17,7 @@
# machinesFile = ./machines.client-a; # machinesFile = ./machines.client-a;
}; };
defaults = { pkgs, ... }: { defaults = { pkgs, config, lib, ... }: {
# This module will be imported by all hosts # This module will be imported by all hosts
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim vim
@ -31,6 +31,7 @@
"${builtins.fetchTarball "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz"}/modules/age.nix" # main 2024-07-26 "${builtins.fetchTarball "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz"}/modules/age.nix" # main 2024-07-26
]; ];
deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";
time.timeZone = "Europe/Zurich"; time.timeZone = "Europe/Zurich";
users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ]; users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];
@ -43,22 +44,15 @@
dns1 = { name, nodes, modulesPath, ... }: { dns1 = { name, nodes, modulesPath, ... }: {
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
./modules/contabo
./modules/dns ./modules/dns
]; ];
# The name and nodes parameters are supported in Colmena, # The name and nodes parameters are supported in Colmena,
# allowing you to reference configurations in other nodes. # allowing you to reference configurations in other nodes.
networking.hostName = name; networking.hostName = name;
deployment.targetHost = "dns1.nilstrieb.dev";
deployment.tags = [ "dns" "us" ]; deployment.tags = [ "dns" "us" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
}; };
dns2 = { name, nodes, modulesPath, lib, ... }: { dns2 = { name, nodes, modulesPath, lib, ... }: {
imports = [ imports = [
@ -66,13 +60,8 @@
./modules/dns ./modules/dns
]; ];
# The name and nodes parameters are supported in Colmena,
# allowing you to reference configurations in other nodes.
networking.hostName = name; networking.hostName = name;
deployment.targetHost = "dns2.nilstrieb.dev";
deployment.tags = [ "dns" "eu" ]; deployment.tags = [ "dns" "eu" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
@ -116,24 +105,15 @@
vps1 = { name, nodes, modulesPath, ... }: { vps1 = { name, nodes, modulesPath, ... }: {
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
./modules/contabo
./modules/ingress ./modules/ingress
./modules/widetom ./modules/widetom
]; ];
age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age; age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age;
# The name and nodes parameters are supported in Colmena,
# allowing you to reference configurations in other nodes.
networking.hostName = name; networking.hostName = name;
deployment.targetHost = "vps1.nilstrieb.dev";
deployment.tags = [ "ingress" "eu" "apps" ]; deployment.tags = [ "ingress" "eu" "apps" ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
}; };
} }

7
newinfra/nix/modules/contabo/default.nix Normal file
View file

@ -0,0 +1,7 @@
# Default settings for Contabo VPS.
{ ... }: {
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
}

1
newinfra/nix/modules/dns/noratrieb.dev.nix
View file

@ -33,6 +33,7 @@ let
localhost.A = [ (a "127.0.0.1") ]; localhost.A = [ (a "127.0.0.1") ];
newtest.TXT = [ "uwu it works" ]; newtest.TXT = [ "uwu it works" ];
# TODO: generate dynamically from IPs...
infra.subdomains = { infra.subdomains = {
inherit dns1; inherit dns1;
inherit dns2; inherit dns2;

4
newinfra/nix/modules/ingress/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { { pkgs, config, ... }: {
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
22 22
443 443
@ -10,7 +10,7 @@
( (
builtins.readFile ./Caddyfile + builtins.readFile ./Caddyfile +
'' ''
vps1.nilstrieb.dev { ${config.networking.hostName}.infra.noratrieb.dev {
root * ${./debugging-page} root * ${./debugging-page}
file_server file_server
} }

15
newinfra/nix/smoke-tests.sh Executable file
View file

@ -0,0 +1,15 @@
#!/usr/bin/env bash
# This script does a few basic smoke tests to ensure the servers haven't completely died.
set -eux
# Check DNS name servers
dig @ns1.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154.38.163.74
dig @ns2.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154.38.163.74
dig @ns1.noratrieb.dev nilstrieb.dev +noall +answer | grep 185.199.108.153
dig @ns2.noratrieb.dev nilstrieb.dev +noall +answer | grep 185.199.108.153
# Check HTTP responses
curl --fail https://vps1.infra.noratrieb.dev