holm/nixos-wiki-infra
1
0
Fork 0
forked from extern/nixos-wiki-infra
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge #5

Browse Source 
5: inherit ssh keys from terraform r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
This commit is contained in:
bors[bot] 2023-05-14 18:41:58 +00:00 committed by GitHub
commit 0be9e90559
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 87 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
flake.lock
View File

@ -1,5 +1,25 @@
{ {
"nodes": { "nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1684003056,
"narHash": "sha256-zl11zyRNKzAW7YLvTkxmFjSBqxZbEvfwZqNCT91ELfU=",
"owner": "nix-community",
"repo": "disko",
"rev": "8f95856432e091e5ac56fea2df81e905ddd02d27",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@ -38,6 +58,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"disko": "disko",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"srvos": "srvos", "srvos": "srvos",

3
flake.nix
View File

@ -8,6 +8,9 @@
treefmt-nix.url = "github:numtide/treefmt-nix"; treefmt-nix.url = "github:numtide/treefmt-nix";
treefmt-nix.inputs.nixpkgs.follows = "nixpkgs"; treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
srvos.url = "github:numtide/srvos"; srvos.url = "github:numtide/srvos";
# Use the version of nixpkgs that has been tested to work with SrvOS # Use the version of nixpkgs that has been tested to work with SrvOS
srvos.inputs.nixpkgs.follows = "nixpkgs"; srvos.inputs.nixpkgs.follows = "nixpkgs";

1
modules/flake-module.nix
View File

@ -3,6 +3,7 @@
hcloud.imports = [ hcloud.imports = [
inputs.srvos.nixosModules.server inputs.srvos.nixosModules.server
inputs.srvos.nixosModules.hardware-hetzner-cloud inputs.srvos.nixosModules.hardware-hetzner-cloud
./single-disk.nix
]; ];
nixos-wiki.imports = [ nixos-wiki.imports = [

51
modules/single-disk.nix Normal file
View File

@ -0,0 +1,51 @@
{ self, ... }:
let
partitions = [
{
name = "grub";
end = "1M";
part-type = "primary";
flags = [ "bios_grub" ];
}
{
name = "ESP";
start = "1MiB";
end = "500MiB";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "root";
start = "100MiB";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
# We use xfs because it has support for compression and has a quite good performance for databases
format = "xfs";
mountpoint = "/";
};
}
];
in
{
imports = [
self.inputs.disko.nixosModules.disko
];
disko.devices = {
disk.sda = {
type = "disk";
device = "/dev/sda";
content = {
type = "table";
format = "gpt";
inherit partitions;
};
};
};
}

6
targets/nixos-wiki.thalheim.io/configuration.nix
View File

@ -1,6 +1,10 @@
{ self, ... }: { { self, ... }: let
nixosVars = builtins.fromJSON (builtins.readFile ./nixos-vars.json);
in {
imports = [ imports = [
self.nixosModules.nixos-wiki self.nixosModules.nixos-wiki
self.nixosModules.hcloud self.nixosModules.hcloud
]; ];
users.users.root.openssh.authorizedKeys.keys = nixosVars.ssh_keys;
system.stateVersion = "23.05";
} }

6
targets/staging.nixos-wiki.thalheim.io/configuration.nix
View File

@ -1,6 +1,10 @@
{ self, ... }: { { self, ... }: let
nixosVars = builtins.fromJSON (builtins.readFile ./nixos-vars.json);
in {
imports = [ imports = [
self.nixosModules.nixos-wiki self.nixosModules.nixos-wiki
self.nixosModules.hcloud self.nixosModules.hcloud
]; ];
users.users.root.openssh.authorizedKeys.keys = nixosVars.ssh_keys;
system.stateVersion = "23.05";
} }