gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(prox): reisen node config

Browse source
This commit is contained in:
arcnmx 2024-04-16 16:22:02 -07:00
parent 3053ec927c
commit bdc353964d
7 changed files with 116 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ci/generate.sh
View file

@ -2,8 +2,9 @@
set -eu set -eu
for node in reisen; do for node in reisen; do
nix eval --json "${NF_CONFIG_ROOT}#lib.generate.$node.users" | jq -M . > "$NF_CONFIG_ROOT/systems/$node/users.json" nix eval --json "${NF_CONFIG_ROOT}#lib.generate.nodes.$node.users" | jq -M . > "$NF_CONFIG_ROOT/systems/$node/users.json"
nix eval --json "${NF_CONFIG_ROOT}#lib.generate.$node.systems" | jq -M . > "$NF_CONFIG_ROOT/systems/$node/systems.json" nix eval --json "${NF_CONFIG_ROOT}#lib.generate.nodes.$node.systems" | jq -M . > "$NF_CONFIG_ROOT/systems/$node/systems.json"
nix eval --json "${NF_CONFIG_ROOT}#lib.generate.nodes.$node.extern" | jq -M . > "$NF_CONFIG_ROOT/systems/$node/extern.json"
done done
nix eval --json "${NF_CONFIG_ROOT}#lib.generate.systems" | jq -M . > "$NF_CONFIG_ROOT/ci/systems.json" nix eval --json "${NF_CONFIG_ROOT}#lib.generate.systems" | jq -M . > "$NF_CONFIG_ROOT/ci/systems.json"

15
generate.nix
View file

@ -40,9 +40,16 @@
}; };
}; };
mkNodeSystems = systems: mapAttrs (_: mkNodeSystem) systems; mkNodeSystems = systems: mapAttrs (_: mkNodeSystem) systems;
mkNode = {name}: { mkExtern = system: {
files = mapAttrs' (_: file: nameValuePair file.path {
source = assert file.relativeSource != null; file.relativeSource;
inherit (file) owner group mode;
}) system.extern.files;
};
mkNode = system: {
users = mkNodeUsers templateUsers; users = mkNodeUsers templateUsers;
systems = mkNodeSystems (nodeSystems name); systems = mkNodeSystems (nodeSystems system.config.name);
extern = mkExtern system.config;
}; };
mkNetwork = system: { mkNetwork = system: {
inherit (system.config.access) hostName; inherit (system.config.access) hostName;
@ -58,6 +65,8 @@
network = mkNetwork system; network = mkNetwork system;
}; };
in { in {
reisen = mkNode {name = "reisen";}; nodes = let
nodes = filterAttrs (_: node: node.config.proxmox.node.enable) systems;
in mapAttrs (_: mkNode) nodes;
systems = mapAttrs mkSystem systems; systems = mapAttrs mkSystem systems;
} }

31
modules/system/extern/files.nix vendored
View file

@ -1,6 +1,9 @@
{config, lib, ...}: let let
inherit (lib.options) mkOption; fileModule = {config, name, gensokyo-zone, lib, ...}: let
fileModule = {config, name, ...}: { inherit (lib.options) mkOption;
inherit (lib.modules) mkOptionDefault;
inherit (lib.strings) hasPrefix removePrefix;
in {
options = with lib.types; { options = with lib.types; {
path = mkOption { path = mkOption {
type = str; type = str;
@ -21,12 +24,32 @@
source = mkOption { source = mkOption {
type = path; type = path;
}; };
relativeSource = mkOption {
type = nullOr str;
};
};
config = {
relativeSource = let
flakeRoot = toString gensokyo-zone.self + "/";
sourcePath = toString config.source;
in mkOptionDefault (
if hasPrefix flakeRoot sourcePath then removePrefix flakeRoot sourcePath
else null
);
}; };
}; };
in {config, gensokyo-zone, lib, ...}: let
inherit (lib.options) mkOption;
in { in {
options.extern = with lib.types; { options.extern = with lib.types; {
files = mkOption { files = mkOption {
type = attrsOf (submodule fileModule); type = attrsOf (submoduleWith {
modules = [ fileModule ];
specialArgs = {
inherit gensokyo-zone;
system = config;
};
});
default = { }; default = { };
}; };
}; };

13
modules/system/proxmox/node.nix Normal file
View file

@ -0,0 +1,13 @@
{config, lib, gensokyo-zone, ...}: let
inherit (gensokyo-zone.lib) mkAlmostOptionDefault;
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.modules) mkIf;
cfg = config.proxmox.node;
in {
options.proxmox.node = with lib.types; {
enable = mkEnableOption "Proxmox Node";
};
config.proxmox.node = {
name = mkIf cfg.enable (mkAlmostOptionDefault config.access.hostName);
};
}

17
systems/reisen/default.nix
View file

@ -1,5 +1,22 @@
_: { _: {
type = "Linux"; type = "Linux";
proxmox.node = {
enable = true;
};
extern.files = {
"/etc/sysctl.d/50-net.conf" = {
source = ./sysctl.50-net.conf;
};
"/etc/network/interfaces.d/50-vmbr0-ipv6.conf" = {
source = ./net.50-vmbr0-ipv6.conf;
};
"/etc/udev/rules.d/90-dri.rules" = {
source = ./udev.90-dri.rules;
};
"/etc/udev/rules.d/90-z2m.rules" = {
source = ./udev.90-z2m.rules;
};
};
network.networks = { network.networks = {
local = { local = {
address4 = "10.1.1.40"; address4 = "10.1.1.40";

28
systems/reisen/extern.json Normal file
View file

@ -0,0 +1,28 @@
{
"files": {
"/etc/network/interfaces.d/50-vmbr0-ipv6.conf": {
"group": "root",
"mode": "0644",
"owner": "root",
"source": "systems/reisen/net.50-vmbr0-ipv6.conf"
},
"/etc/sysctl.d/50-net.conf": {
"group": "root",
"mode": "0644",
"owner": "root",
"source": "systems/reisen/sysctl.50-net.conf"
},
"/etc/udev/rules.d/90-dri.rules": {
"group": "root",
"mode": "0644",
"owner": "root",
"source": "systems/reisen/udev.90-dri.rules"
},
"/etc/udev/rules.d/90-z2m.rules": {
"group": "root",
"mode": "0644",
"owner": "root",
"source": "systems/reisen/udev.90-z2m.rules"
}
}
}

33
tf/proxmox_reisen.tf
View file

@ -11,24 +11,28 @@ locals {
port = var.proxmox_reisen_ssh_port port = var.proxmox_reisen_ssh_port
} }
proxmox_reisen_sysctl_net = file("${path.root}/../systems/reisen/sysctl.50-net.conf")
proxmox_reisen_net_vmbr0_ipv6 = file("${path.root}/../systems/reisen/net.50-vmbr0-ipv6.conf")
proxmox_reisen_udev_dri = file("${path.root}/../systems/reisen/udev.90-dri.rules")
proxmox_reisen_udev_z2m = file("${path.root}/../systems/reisen/udev.90-z2m.rules")
proxmox_reisen_users = jsondecode(file("${path.root}/../systems/reisen/users.json")) proxmox_reisen_users = jsondecode(file("${path.root}/../systems/reisen/users.json"))
proxmox_reisen_systems = jsondecode(file("${path.root}/../systems/reisen/systems.json")) proxmox_reisen_systems = jsondecode(file("${path.root}/../systems/reisen/systems.json"))
proxmox_reisen_extern = jsondecode(file("${path.root}/../systems/reisen/extern.json"))
proxmox_reisen_files = [
for dest, file in local.proxmox_reisen_extern.files : merge(
file,
{
dest = dest
path = "${path.root}/../${file.source}"
}
)
]
systems = jsondecode(file("${path.root}/../ci/systems.json")) systems = jsondecode(file("${path.root}/../ci/systems.json"))
} }
resource "terraform_data" "proxmox_reisen_etc" { resource "terraform_data" "proxmox_reisen_etc" {
triggers_replace = [ triggers_replace = [for file in local.proxmox_reisen_files : {
local.proxmox_reisen_sysctl_net, dest = file.dest
local.proxmox_reisen_net_vmbr0_ipv6, sh256 = filesha256(file.path)
local.proxmox_reisen_udev_dri, }]
local.proxmox_reisen_udev_z2m,
]
connection { connection {
type = local.proxmox_reisen_connection.type type = local.proxmox_reisen_connection.type
@ -39,12 +43,7 @@ resource "terraform_data" "proxmox_reisen_etc" {
} }
provisioner "remote-exec" { provisioner "remote-exec" {
inline = [ inline = [for file in local.proxmox_reisen_files : "putfile64 ${file.dest} ${filebase64(file.path)}"]
"putfile64 /etc/network/interfaces.d/50-vmbr0-ipv6.conf ${base64encode(local.proxmox_reisen_net_vmbr0_ipv6)}",
"putfile64 /etc/sysctl.d/50-net.conf ${base64encode(local.proxmox_reisen_sysctl_net)}",
"putfile64 /etc/udev/rules.d/90-dri.rules ${base64encode(local.proxmox_reisen_udev_dri)}",
"putfile64 /etc/udev/rules.d/90-z2m.rules ${base64encode(local.proxmox_reisen_udev_z2m)}",
]
} }
} }