botalex/nixos-server
1
0
Fork 0
mirror of https://github.com/MagicBOTAlex/nixos-server.git synced 2026-02-04 05:39:18 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

checkpoint

Browse source
This commit is contained in:
BOTAlex 2025-12-11 23:36:34 +01:00
parent 44957eb1a4
commit 4e2d73d546
6 changed files with 88 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

7
configuration.nix
View file

@ -9,8 +9,9 @@
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./aliases.nix ./aliases.nix
./docker.nix
./modules/drivers/nvidia.nix ./modules/drivers/nvidia.nix
./docker.nix
./modules/k8s.nix
./modules/python.nix ./modules/python.nix
./programs.nix ./programs.nix
@ -32,9 +33,11 @@
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.timeout = 2; boot.loader.timeout = 2;
networking.hostName = "nixos"; # Define your hostname. networking.hostName = "botkube"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
environment.variables.EDITOR = "nvim";
# Configure network proxy if necessary # Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

30
flake.nix
View file

@ -14,24 +14,22 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = outputs = { self, nixpkgs, ... }@inputs: {
{ self, nixpkgs, ... }@inputs: # configuration name matches hostname, so this system is chosen by default
{ nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
# configuration name matches hostname, so this system is chosen by default # pass along all the inputs and stuff to the system function
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs; };
# pass along all the inputs and stuff to the system function modules = [
specialArgs = { inherit inputs; }; # import configuration
modules = [ ./configuration.nix
# import configuration
./configuration.nix
# home manager part 2 # home manager part 2
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
inputs.nix-index-database.nixosModules.nix-index inputs.nix-index-database.nixosModules.nix-index
{ programs.nix-index-database.comma.enable = true; } { programs.nix-index-database.comma.enable = true; }
]; ];
};
}; };
};
} }

61
modules/k8s.nix Normal file
View file

@ -0,0 +1,61 @@
{ pkgs, ... }:
let
kubeMasterIP = "37.49.130.171";
kubeMasterHostname = "polycule.deprived";
kubeMasterAPIServerPort = 6443;
in {
nixpkgs.overlays = [
(final: prev: {
containerd = prev.containerd.overrideAttrs rec {
version = "1.7.29";
src = final.fetchFromGitHub {
owner = "containerd";
repo = "containerd";
rev = "v${version}";
sha256 = "sha256-aR0i+0v2t6vyI+QN30P1+t+pHU2Bw7/XPUYLjJm1rhw=";
};
installTargets = [ "install" ];
outputs = [ "out" ];
};
})
];
virtualisation.containerd.enable = true;
environment.systemPackages = with pkgs; [ kompose kubectl kubernetes argocd ];
networking.useNetworkd = true;
networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
services.kubernetes = let
api = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
in {
roles = [ "node" ];
masterAddress = kubeMasterHostname;
easyCerts = true;
# point kubelet and other services to kube-apiserver
kubelet.kubeconfig.server = api;
apiserverAddress = api;
# use coredns
addons.dns.enable = true;
# needed if you use swap
kubelet.extraOpts = "--fail-swap-on=false";
};
systemd.services."forward-argocd" = {
enable = true;
description =
"forwards argocd running on kubernetes to argocd.spoodythe.one";
after = [ "network-online.target" "kubelet.service" ];
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
${pkgs.kubernetes}/bin/kubectl port-forward svc/argocd-server -n argocd 4325:80 || true
'';
serviceConfig = { User = "botserver"; };
};
}

6
networking/caddy.nix
View file

@ -13,6 +13,12 @@
''; '';
}; };
services.caddy.virtualHosts."argocd.deprived.dev" = {
extraConfig = ''
reverse_proxy 127.0.0.1:4325
'';
};
services.caddy.virtualHosts."jelly.deprived.dev" = { services.caddy.virtualHosts."jelly.deprived.dev" = {
extraConfig = '' extraConfig = ''
reverse_proxy * 127.0.0.1:8096 reverse_proxy * 127.0.0.1:8096

1
programs.nix
View file

@ -13,6 +13,7 @@
nixfmt-tree nixfmt-tree
ffmpeg-full ffmpeg-full
borgbackup borgbackup
openssl
p7zip p7zip
vtk vtk
immich-cli immich-cli

2
users.nix
View file

@ -2,7 +2,7 @@
users.users.botserver = { users.users.botserver = {
isNormalUser = true; isNormalUser = true;
description = "botserver"; description = "botserver";
extraGroups = [ "networkmanager" "wheel" "docker" "starr" ]; extraGroups = [ "networkmanager" "wheel" "docker" "starr" "kubernetes" ];
packages = with pkgs; packages = with pkgs;
[ [
# thunderbird # thunderbird