From 2f19307456d659f10326d4be8ad9e6ab20405c96 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Tue, 12 Aug 2025 02:27:42 +0200 Subject: [PATCH 01/10] Configure proxmox-nixos cache --- hosts/nixos-server-test/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/hosts/nixos-server-test/default.nix b/hosts/nixos-server-test/default.nix index 9b7f27d..409e2fa 100644 --- a/hosts/nixos-server-test/default.nix +++ b/hosts/nixos-server-test/default.nix @@ -34,6 +34,15 @@ }; }; + nix.settings = { + substituters = [ + "https://cache.saumon.network/proxmox-nixos" + ]; + trusted-public-keys = [ + "proxmox-nixos:D9RYSWpQQC/msZUWphOY2I5RLH5Dd6yQcaHIuug7dWM=" + ]; + }; + services.proxmox-ve = { enable = true; ipAddress = "192.168.122.71"; From 1038d8a24840dce1d337b3304e7e2fcce52f0490 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sat, 16 Aug 2025 22:07:11 +0200 Subject: [PATCH 02/10] Add disko --- flake.lock | 33 +++++++++++++++++++++++++++------ flake.nix | 20 ++++++++++++++++++++ 2 files changed, 47 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 48507a1..97db651 100644 --- a/flake.lock +++ b/flake.lock @@ -20,6 +20,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753140376, + "narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=", + "owner": "nix-community", + "repo": "disko", + "rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -117,11 +137,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1754229794, - "narHash": "sha256-yOl7REX6O/1mh+tpscJPKgjK6nmXSMOB1xhmDNAMUZM=", + "lastModified": 1754564048, + "narHash": "sha256-dz303vGuzWjzOPOaYkS9xSW+B93PSAJxvBd6CambXVA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a872d985392ee5b19d8409bfcc3f106de2070070", + "rev": "26ed7a0d4b8741fe1ef1ee6fa64453ca056ce113", "type": "github" }, "original": { @@ -133,11 +153,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754028485, - "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", + "lastModified": 1754767907, + "narHash": "sha256-8OnUzRQZkqtUol9vuUuQC30hzpMreKptNyET2T9lB6g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "59e69648d345d6e8fef86158c555730fa12af9de", + "rev": "c5f08b62ed75415439d48152c2a784e36909b1bc", "type": "github" }, "original": { @@ -241,6 +261,7 @@ "root": { "inputs": { "auto-cpufreq": "auto-cpufreq", + "disko": "disko", "home-manager": "home-manager", "lazy-apps": "lazy-apps", "nixos-hardware": "nixos-hardware", diff --git a/flake.nix b/flake.nix index 867eeb5..2204722 100644 --- a/flake.nix +++ b/flake.nix @@ -18,6 +18,10 @@ inputs.nixpkgs.follows = "nixpkgs"; }; proxmox-nixos.url = "github:SaumonNet/proxmox-nixos"; + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; + }; systems.url = "github:nix-systems/default-linux"; }; @@ -30,6 +34,7 @@ home-manager, auto-cpufreq, proxmox-nixos, + disko, systems, ... } @ inputs: let @@ -111,6 +116,21 @@ }) ]; }; + + kube01 = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + + specialArgs = { + inherit inputs outputs; + }; + + modules = [ + disko.nixosModules.disko + ./hosts/kube01/disko-config.nix + ./hosts/kube01 + ]; + }; + }; }; } From 21582cbf81003981178f7b7844d326ef348e9461 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sat, 16 Aug 2025 22:07:27 +0200 Subject: [PATCH 03/10] Add configuration for kubernetes host kube01 --- hosts/kube01/default.nix | 60 +++++++++++++++++++++++++ hosts/kube01/disko-config.nix | 56 +++++++++++++++++++++++ hosts/kube01/hardware-configuration.nix | 24 ++++++++++ modules/k3s.nix | 27 +++++++++++ 4 files changed, 167 insertions(+) create mode 100644 hosts/kube01/default.nix create mode 100644 hosts/kube01/disko-config.nix create mode 100644 hosts/kube01/hardware-configuration.nix create mode 100644 modules/k3s.nix diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix new file mode 100644 index 0000000..a19be4d --- /dev/null +++ b/hosts/kube01/default.nix @@ -0,0 +1,60 @@ +{ inputs, outputs, config, lib, pkgs, ... }: + +{ + imports = + [ + ../../modules/nix.nix + ../../modules/network-server.nix + ../../modules/locale.nix + ../../modules/server-cli.nix + ../../modules/sshd.nix + ../../modules/k3s.nix + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + boot = { + loader = { + systemd-boot = { + enable = true; + }; + efi.canTouchEfiVariables = true; + }; + tmp.useTmpfs = true; + }; + + networking.hostName = "kube01"; # Define your hostname. + + users = { + users = { + julius = { + initialPassword = "password"; + isNormalUser = true; + uid = 1000; + extraGroups = [ "wheel" "julius" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiZXFM8XFkReb9HuGcY5rtPXsGuZ2eDnBBpI0kcHa6c julius@julius-framework" + ]; + }; + }; + groups = { + julius = { + gid = 1000; + }; + }; + }; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/kube01/disko-config.nix b/hosts/kube01/disko-config.nix new file mode 100644 index 0000000..24ffe29 --- /dev/null +++ b/hosts/kube01/disko-config.nix @@ -0,0 +1,56 @@ +{ + disko.devices = { + disk = { + vdb = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "128M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; # Override existing partition + # Subvolumes must set a mountpoint in order to be mounted, + # unless their parent is mounted + subvolumes = { + # Subvolume name is different from mountpoint + "/rootfs" = { + mountpoint = "/"; + }; + # Subvolume name is the same as the mountpoint + "/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + # Sub(sub)volume doesn't need a mountpoint as its parent is mounted + "/home/julius" = { }; + # Parent is not mounted so the mountpoint must be set + "/nix" = { + mountOptions = [ "compress=zstd" "noatime" ]; + mountpoint = "/nix"; + }; + }; + + mountpoint = "/partition-root"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/kube01/hardware-configuration.nix b/hosts/kube01/hardware-configuration.nix new file mode 100644 index 0000000..f198f81 --- /dev/null +++ b/hosts/kube01/hardware-configuration.nix @@ -0,0 +1,24 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/modules/k3s.nix b/modules/k3s.nix new file mode 100644 index 0000000..940355e --- /dev/null +++ b/modules/k3s.nix @@ -0,0 +1,27 @@ +{ + pkgs, + lib, + ... +}: { + + services.k3s = { + enable = true; + role = "server"; + clusterInit = true; + token = "verysecrettoken"; + extraFlags = toString ([ + "--write-kubeconfig-mode \"0644\"" + "--disable servicelb" + "--disable traefik" + "--disable local-storage" + ]); + }; + + networking.firewall.allowedTCPPorts = [ + 6443 + ]; + networking.firewall.allowedUDPPorts = [ + 8472 + ]; + +} From 59506dac35118b701d618c7866c0d7ffe72364b3 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sat, 16 Aug 2025 22:18:20 +0200 Subject: [PATCH 04/10] Move disko configuration to modules --- flake.nix | 1 - hosts/kube01/default.nix | 2 ++ .../kube01/disko-config.nix => modules/disko/efi-full-btrfs.nix | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) rename hosts/kube01/disko-config.nix => modules/disko/efi-full-btrfs.nix (99%) diff --git a/flake.nix b/flake.nix index 2204722..527a41f 100644 --- a/flake.nix +++ b/flake.nix @@ -126,7 +126,6 @@ modules = [ disko.nixosModules.disko - ./hosts/kube01/disko-config.nix ./hosts/kube01 ]; }; diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix index a19be4d..53f1ac3 100644 --- a/hosts/kube01/default.nix +++ b/hosts/kube01/default.nix @@ -3,6 +3,8 @@ { imports = [ + ../../modules/disko/efi-full-btrfs.nix + ../../modules/nix.nix ../../modules/network-server.nix ../../modules/locale.nix diff --git a/hosts/kube01/disko-config.nix b/modules/disko/efi-full-btrfs.nix similarity index 99% rename from hosts/kube01/disko-config.nix rename to modules/disko/efi-full-btrfs.nix index 24ffe29..5dcb78c 100644 --- a/hosts/kube01/disko-config.nix +++ b/modules/disko/efi-full-btrfs.nix @@ -1,7 +1,7 @@ { disko.devices = { disk = { - vdb = { + sda = { type = "disk"; device = "/dev/sda"; content = { From 544930ff2d0f4cfdcb1d5b169b669f70c2c70f12 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sun, 17 Aug 2025 01:34:38 +0200 Subject: [PATCH 05/10] Externalize systemd-boot module --- hosts/kube01/default.nix | 10 +--------- modules/systemd-boot.nix | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 9 deletions(-) create mode 100644 modules/systemd-boot.nix diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix index 53f1ac3..e50f156 100644 --- a/hosts/kube01/default.nix +++ b/hosts/kube01/default.nix @@ -4,6 +4,7 @@ imports = [ ../../modules/disko/efi-full-btrfs.nix + ../../modules/systemd-boot.nix ../../modules/nix.nix ../../modules/network-server.nix @@ -15,15 +16,6 @@ ./hardware-configuration.nix ]; - boot = { - loader = { - systemd-boot = { - enable = true; - }; - efi.canTouchEfiVariables = true; - }; - tmp.useTmpfs = true; - }; networking.hostName = "kube01"; # Define your hostname. diff --git a/modules/systemd-boot.nix b/modules/systemd-boot.nix new file mode 100644 index 0000000..02f515d --- /dev/null +++ b/modules/systemd-boot.nix @@ -0,0 +1,15 @@ +{ + ... +}: { + + boot = { + loader = { + systemd-boot = { + enable = true; + }; + efi.canTouchEfiVariables = true; + }; + tmp.useTmpfs = true; + }; + +} From 18b28c2e9d3053d27536cf79a9f8d9d4d67a0660 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sun, 17 Aug 2025 01:35:09 +0200 Subject: [PATCH 06/10] Add qemu-guest-utils module --- hosts/kube01/default.nix | 1 + modules/qemu-guest.nix | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 modules/qemu-guest.nix diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix index e50f156..7b69d12 100644 --- a/hosts/kube01/default.nix +++ b/hosts/kube01/default.nix @@ -12,6 +12,7 @@ ../../modules/server-cli.nix ../../modules/sshd.nix ../../modules/k3s.nix + ../../modules/qemu-guest.nix # Include the results of the hardware scan. ./hardware-configuration.nix ]; diff --git a/modules/qemu-guest.nix b/modules/qemu-guest.nix new file mode 100644 index 0000000..97e2081 --- /dev/null +++ b/modules/qemu-guest.nix @@ -0,0 +1,7 @@ +{ + ... +}: { + + services.qemuGuest.enable = true; + +} From 75d4187baa7afe1741fc8f7d2aa73637bc69ab74 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sun, 17 Aug 2025 01:36:10 +0200 Subject: [PATCH 07/10] Add nixos-server user module --- hosts/kube01/default.nix | 19 +------------------ users/julius/nixos-server.nix | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 18 deletions(-) create mode 100644 users/julius/nixos-server.nix diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix index 7b69d12..2fe7891 100644 --- a/hosts/kube01/default.nix +++ b/hosts/kube01/default.nix @@ -6,6 +6,7 @@ ../../modules/disko/efi-full-btrfs.nix ../../modules/systemd-boot.nix + ../../users/julius/nixos-server.nix ../../modules/nix.nix ../../modules/network-server.nix ../../modules/locale.nix @@ -20,24 +21,6 @@ networking.hostName = "kube01"; # Define your hostname. - users = { - users = { - julius = { - initialPassword = "password"; - isNormalUser = true; - uid = 1000; - extraGroups = [ "wheel" "julius" ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiZXFM8XFkReb9HuGcY5rtPXsGuZ2eDnBBpI0kcHa6c julius@julius-framework" - ]; - }; - }; - groups = { - julius = { - gid = 1000; - }; - }; - }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. diff --git a/users/julius/nixos-server.nix b/users/julius/nixos-server.nix new file mode 100644 index 0000000..5802f86 --- /dev/null +++ b/users/julius/nixos-server.nix @@ -0,0 +1,23 @@ +{ + ... +}: { + + users = { + users = { + julius = { + initialPassword = "password"; + isNormalUser = true; + uid = 1000; + group = "julius"; + extraGroups = [ "wheel" ]; + }; + }; + groups = { + julius = { + gid = 1000; + }; + }; + }; + + nix.settings.trusted-users = [ "julius" ]; +} From 31267fa34ca1147e7fe77f144776f953dca69c5f Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sun, 17 Aug 2025 01:46:17 +0200 Subject: [PATCH 08/10] Add more kube nodes --- flake.nix | 26 +++++++++++++++++ hosts/kube02/default.nix | 36 +++++++++++++++++++++++ hosts/kube02/hardware-configuration.nix | 24 ++++++++++++++++ hosts/kube03/default.nix | 38 +++++++++++++++++++++++++ hosts/kube03/hardware-configuration.nix | 24 ++++++++++++++++ 5 files changed, 148 insertions(+) create mode 100644 hosts/kube02/default.nix create mode 100644 hosts/kube02/hardware-configuration.nix create mode 100644 hosts/kube03/default.nix create mode 100644 hosts/kube03/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index 527a41f..a27ec37 100644 --- a/flake.nix +++ b/flake.nix @@ -130,6 +130,32 @@ ]; }; + kube02 = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + + specialArgs = { + inherit inputs outputs; + }; + + modules = [ + disko.nixosModules.disko + ./hosts/kube02 + ]; + }; + + kube03 = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + + specialArgs = { + inherit inputs outputs; + }; + + modules = [ + disko.nixosModules.disko + ./hosts/kube03 + ]; + }; + }; }; } diff --git a/hosts/kube02/default.nix b/hosts/kube02/default.nix new file mode 100644 index 0000000..cf65b75 --- /dev/null +++ b/hosts/kube02/default.nix @@ -0,0 +1,36 @@ +{ inputs, outputs, config, lib, pkgs, ... }: + +{ + imports = + [ + ../../modules/disko/efi-full-btrfs.nix + ../../modules/systemd-boot.nix + + ../../users/julius/nixos-server.nix + ../../modules/nix.nix + ../../modules/network-server.nix + ../../modules/locale.nix + ../../modules/server-cli.nix + ../../modules/sshd.nix + ../../modules/k3s.nix + ../../modules/qemu-guest.nix + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + networking.hostName = "kube02"; # Define your hostname. + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/kube02/hardware-configuration.nix b/hosts/kube02/hardware-configuration.nix new file mode 100644 index 0000000..f198f81 --- /dev/null +++ b/hosts/kube02/hardware-configuration.nix @@ -0,0 +1,24 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/kube03/default.nix b/hosts/kube03/default.nix new file mode 100644 index 0000000..8eda858 --- /dev/null +++ b/hosts/kube03/default.nix @@ -0,0 +1,38 @@ +{ inputs, outputs, config, lib, pkgs, ... }: + +{ + imports = + [ + ../../modules/disko/efi-full-btrfs.nix + ../../modules/systemd-boot.nix + + ../../users/julius/nixos-server.nix + ../../modules/nix.nix + ../../modules/network-server.nix + ../../modules/locale.nix + ../../modules/server-cli.nix + ../../modules/sshd.nix + ../../modules/k3s.nix + ../../modules/qemu-guest.nix + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + + networking.hostName = "kube03"; # Define your hostname. + + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/kube03/hardware-configuration.nix b/hosts/kube03/hardware-configuration.nix new file mode 100644 index 0000000..f198f81 --- /dev/null +++ b/hosts/kube03/hardware-configuration.nix @@ -0,0 +1,24 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} From 2249b4cc5819ddf8820dca20340e9ff3a2af6007 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Sun, 17 Aug 2025 02:53:39 +0200 Subject: [PATCH 09/10] Configure clustering with k3s --- hosts/kube01/default.nix | 3 +++ hosts/kube02/default.nix | 5 +++++ hosts/kube03/default.nix | 4 ++++ modules/k3s.nix | 3 ++- 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix index 2fe7891..a72dee8 100644 --- a/hosts/kube01/default.nix +++ b/hosts/kube01/default.nix @@ -21,6 +21,9 @@ networking.hostName = "kube01"; # Define your hostname. + services.k3s = { + clusterInit = true; + }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. diff --git a/hosts/kube02/default.nix b/hosts/kube02/default.nix index cf65b75..504afef 100644 --- a/hosts/kube02/default.nix +++ b/hosts/kube02/default.nix @@ -20,6 +20,11 @@ networking.hostName = "kube02"; # Define your hostname. + services.k3s = { + serverAddr = "https://kube01:6443"; + clusterInit = false; + }; + # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # Most users should NEVER change this value after the initial install, for any reason, diff --git a/hosts/kube03/default.nix b/hosts/kube03/default.nix index 8eda858..12884e5 100644 --- a/hosts/kube03/default.nix +++ b/hosts/kube03/default.nix @@ -21,6 +21,10 @@ networking.hostName = "kube03"; # Define your hostname. + services.k3s = { + serverAddr = "https://kube01:6443"; + clusterInit = false; + }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. diff --git a/modules/k3s.nix b/modules/k3s.nix index 940355e..2dab28a 100644 --- a/modules/k3s.nix +++ b/modules/k3s.nix @@ -7,7 +7,6 @@ services.k3s = { enable = true; role = "server"; - clusterInit = true; token = "verysecrettoken"; extraFlags = toString ([ "--write-kubeconfig-mode \"0644\"" @@ -19,6 +18,8 @@ networking.firewall.allowedTCPPorts = [ 6443 + 2379 + 2380 ]; networking.firewall.allowedUDPPorts = [ 8472 From db8b0f1d5fd5e87d27159588752351a714623c80 Mon Sep 17 00:00:00 2001 From: JuliusFreudenberger Date: Mon, 18 Aug 2025 23:12:46 +0200 Subject: [PATCH 10/10] Add srv01.hf as docker host --- flake.nix | 13 ++++++++ hosts/srv01.hf/default.nix | 37 +++++++++++++++++++++++ hosts/srv01.hf/hardware-configuration.nix | 24 +++++++++++++++ 3 files changed, 74 insertions(+) create mode 100644 hosts/srv01.hf/default.nix create mode 100644 hosts/srv01.hf/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index a27ec37..a4ec7a2 100644 --- a/flake.nix +++ b/flake.nix @@ -117,6 +117,19 @@ ]; }; + srv01-hf = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + + specialArgs = { + inherit inputs outputs; + }; + + modules = [ + disko.nixosModules.disko + ./hosts/srv01.hf + ]; + }; + kube01 = nixpkgs.lib.nixosSystem rec { system = "x86_64-linux"; diff --git a/hosts/srv01.hf/default.nix b/hosts/srv01.hf/default.nix new file mode 100644 index 0000000..d341361 --- /dev/null +++ b/hosts/srv01.hf/default.nix @@ -0,0 +1,37 @@ +{ inputs, outputs, config, lib, pkgs, ... }: + +{ + imports = + [ + ../../modules/disko/efi-full-btrfs.nix + ../../modules/systemd-boot.nix + + ../../users/julius/nixos-server.nix + ../../modules/nix.nix + ../../modules/network-server.nix + ../../modules/locale.nix + ../../modules/server-cli.nix + ../../modules/sshd.nix + ../../modules/qemu-guest.nix + ../../modules/docker.nix + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + + networking.hostName = "srv01-hf"; # Define your hostname. + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/srv01.hf/hardware-configuration.nix b/hosts/srv01.hf/hardware-configuration.nix new file mode 100644 index 0000000..d152a40 --- /dev/null +++ b/hosts/srv01.hf/hardware-configuration.nix @@ -0,0 +1,24 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +}