tangled.org / infra
Tangled infrastructure definitions in Nix
fork atom

wip: add mirror host

Signed-off-by: Seongmin Lee <git@boltless.me>

boltless.me 8a2e6f38 46256c82

verified
+126 -7
unified split
+2
common/ssh.nix
··· 3 3 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICf5rx2r0w98r5lOpxr+/hScABDnk1UfgTH8T2WzeNp4 icy@kvothe" 4 4 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJPYX06+qKr9IHWfkgCtHbExoBOOwS/+iAWbog9bAdk icy@wyndle" 5 5 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMj1Dn9YuFo2BNr993ymBa6nzyyIKAURIqMbUtfI8+4X op@mantis" 6 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvOtYc+aIb98WyIrGKK0KX0OErE7hwqMJfQ81s4ElOQ lewis@tangled" 7 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDOY6GSSHXeWiQIbykg4H1ZpUNYmSr9dFfm7q1mlFaZ boltless@tangled" 6 8 ]; 7 9 }
+7 -7
flake.lock
··· 256 256 }, 257 257 "nixpkgs_2": { 258 258 "locked": { 259 - "lastModified": 1767634882, 260 - "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=", 259 + "lastModified": 1771714954, 260 + "narHash": "sha256-nhZJPnBavtu40/L2aqpljrfUNb2rxmWTmSjK2c9UKds=", 261 261 "owner": "nixos", 262 262 "repo": "nixpkgs", 263 - "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c", 263 + "rev": "afbbf774e2087c3d734266c22f96fca2e78d3620", 264 264 "type": "github" 265 265 }, 266 266 "original": { ··· 354 354 "sqlite-lib-src": "sqlite-lib-src" 355 355 }, 356 356 "locked": { 357 - "lastModified": 1769315813, 358 - "narHash": "sha256-00bsaIsA9wK/dTvGURkgB7G5/quxS/kBJLubyt5hTsY=", 357 + "lastModified": 1772611656, 358 + "narHash": "sha256-o/drjqXS+BZm7klAuZ0K+DxhMBCYYyyajwI2D9Wkr4w=", 359 359 "ref": "refs/heads/master", 360 - "rev": "6721acdba0ff77933645402a281c2a857cf06ffe", 361 - "revCount": 1874, 360 + "rev": "7b28c489b8a3c3ddcc35639aa61c35478be65fab", 361 + "revCount": 2009, 362 362 "type": "git", 363 363 "url": "https://tangled.org/tangled.org/core" 364 364 },
+7
flake.nix
··· 100 100 ]; 101 101 target = "knot1.alpha.tangled.sh"; 102 102 }; 103 + 104 + mirror = { 105 + modules = []; 106 + target = "213.163.194.13"; 107 + }; 103 108 }; 104 109 in 105 110 { ··· 110 115 nixery = mkHost "nixery" hosts.nixery.modules; 111 116 spindle = mkHost "spindle" hosts.spindle.modules; 112 117 knot1 = mkHost "knot1" hosts.knot1.modules; 118 + mirror = mkHost "mirror" hosts.mirror.modules; 113 119 }; 114 120 115 121 # colmena uses this ··· 134 140 nixery = mkColmenaHost "nixery" hosts.nixery.target 22 hosts.nixery.modules; 135 141 spindle = mkColmenaHost "spindle" hosts.spindle.target 22 hosts.spindle.modules; 136 142 knot1 = mkColmenaHost "knot1" hosts.knot1.target 22 hosts.knot1.modules; 143 + mirror = mkColmenaHost "mirror" hosts.mirror.target 22 hosts.mirror.modules; 137 144 }; 138 145 }; 139 146 }
+54
hosts/mirror/configuration.nix
··· 1 + { modulesPath 2 + , lib 3 + , pkgs 4 + , ... 5 + } @ args: 6 + { 7 + imports = [ 8 + (modulesPath + "/installer/scan/not-detected.nix") 9 + (modulesPath + "/profiles/qemu-guest.nix") 10 + ./disk-config.nix 11 + ]; 12 + 13 + boot.loader.grub = { 14 + efiSupport = true; 15 + efiInstallAsRemovable = true; 16 + }; 17 + 18 + networking.hostName = "mirror"; 19 + 20 + services.openssh.enable = true; 21 + 22 + nix = { 23 + extraOptions = '' 24 + experimental-features = nix-command flakes ca-derivations 25 + warn-dirty = false 26 + keep-outputs = false 27 + ''; 28 + }; 29 + 30 + environment.systemPackages = map lib.lowPrio [ 31 + pkgs.curl 32 + pkgs.gitMinimal 33 + ]; 34 + 35 + users.users.tangler = { 36 + extraGroups = [ "networkmanager" "wheel" ]; 37 + openssh.authorizedKeys.keys = args.commonArgs.sshKeys; 38 + isNormalUser = true; 39 + }; 40 + 41 + security.sudo.extraRules = [ 42 + { 43 + users = [ "tangler" ]; 44 + commands = [ 45 + { 46 + command = "ALL"; 47 + options = [ "NOPASSWD" ]; 48 + } 49 + ]; 50 + } 51 + ]; 52 + 53 + system.stateVersion = "25.05"; 54 + }
+56
hosts/mirror/disk-config.nix
··· 1 + # Example to create a bios compatible gpt partition 2 + { lib, ... }: 3 + { 4 + disko.devices = { 5 + disk.disk1 = { 6 + device = lib.mkDefault "/dev/vda"; 7 + type = "disk"; 8 + content = { 9 + type = "gpt"; 10 + partitions = { 11 + boot = { 12 + name = "boot"; 13 + size = "1M"; 14 + type = "EF02"; 15 + }; 16 + esp = { 17 + name = "ESP"; 18 + size = "500M"; 19 + type = "EF00"; 20 + content = { 21 + type = "filesystem"; 22 + format = "vfat"; 23 + mountpoint = "/boot"; 24 + }; 25 + }; 26 + root = { 27 + name = "root"; 28 + size = "100%"; 29 + content = { 30 + type = "lvm_pv"; 31 + vg = "pool"; 32 + }; 33 + }; 34 + }; 35 + }; 36 + }; 37 + lvm_vg = { 38 + pool = { 39 + type = "lvm_vg"; 40 + lvs = { 41 + root = { 42 + size = "100%FREE"; 43 + content = { 44 + type = "filesystem"; 45 + format = "ext4"; 46 + mountpoint = "/"; 47 + mountOptions = [ 48 + "defaults" 49 + ]; 50 + }; 51 + }; 52 + }; 53 + }; 54 + }; 55 + }; 56 + }