feat: colmena

Signed-off-by: jolheiser <john.olheiser@gmail.com>
teamcity
jolheiser 2023-10-17 23:54:24 -05:00
parent c0b5332645
commit 0946022a18
Signed by: jolheiser
GPG Key ID: B853ADA5DA7BBF7A
5 changed files with 27 additions and 14 deletions

View File

@ -169,14 +169,18 @@
(commonConfig {}) (commonConfig {})
]; ];
}; };
"dragonwell" = nixpkgs.lib.nixosSystem { };
system = "x86_64-linux"; colmena = {
modules = [ meta = {
home-manager.nixosModules.home-manager nixpkgs = import nixpkgs {
agenix.nixosModules.default system = "x86_64-linux";
overlays = overlays;
};
};
dragonwell = {
imports = [
golink.nixosModules.default golink.nixosModules.default
./machines/dragonwell ./machines/dragonwell
(commonConfig {gui = false;})
]; ];
}; };
}; };
@ -187,6 +191,7 @@
devShells.default = pkgs.mkShell { devShells.default = pkgs.mkShell {
nativeBuildInputs = [ nativeBuildInputs = [
agenix.packages.${system}.agenix agenix.packages.${system}.agenix
pkgs.colmena
]; ];
}; };
}); });

View File

@ -13,6 +13,10 @@ rebuild *args:
switch *args: switch *args:
@just rebuild switch {{args}} @just rebuild switch {{args}}
# Run colmena for remote deploy
colmena node:
@nix run nixpkgs#colmena -- apply --on {{node}}
# Update the flake # Update the flake
update-flake: update-flake:
@nix flake update @nix flake update

View File

@ -3,7 +3,7 @@
lib, lib,
... ...
}: let }: let
packages = ["tmpl" "git-age" "ffmd"]; packages = ["tmpl" "git-age" "ffmd" "kv"];
in { in {
services.caddy = { services.caddy = {
enable = true; enable = true;

View File

@ -1,7 +1,8 @@
let let
username = "jolheiser"; username = "jolheiser";
key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
in { in {
imports = [./caddy.nix ./golink.nix ./hardware.nix ../common/nogui]; imports = [./caddy.nix ./golink.nix ./hardware.nix];
boot.tmp.cleanOnBoot = true; boot.tmp.cleanOnBoot = true;
zramSwap.enable = true; zramSwap.enable = true;
@ -18,12 +19,15 @@ in {
services.openssh.enable = true; services.openssh.enable = true;
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
users.users."${username}" = { users.users = {
extraGroups = ["wheel" "docker" "storage"]; "${username}" = {
isNormalUser = true; extraGroups = ["wheel" "docker" "storage"];
openssh.authorizedKeys.keys = [ isNormalUser = true;
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'' openssh.authorizedKeys.keys = [
]; key
];
};
"root".openssh.authorizedKeys.keys = [key];
}; };
system.stateVersion = "22.11"; system.stateVersion = "22.11";

Binary file not shown.