diff --git a/flake.nix b/flake.nix index 28d064d..75af120 100644 --- a/flake.nix +++ b/flake.nix @@ -8,16 +8,24 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + # k8nix = { + # url = "gitlab:luxzeitlos/k8nix/develop"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; }; outputs = - { + inputs@{ self, nixpkgs, nixpkgs-k8s, flake-utils, agenix, + # k8nix, }: - flake-utils.lib.eachDefaultSystem ( + { + nixosConfigurations = (import ./nixosConfigurations.nix inputs); + } + // flake-utils.lib.eachDefaultSystem ( system: let pkgs = import nixpkgs { inherit system; }; @@ -29,8 +37,7 @@ packages = with pkgs; [ agenix.packages.${system}.default gnumake - kubectl - kubernetes-helm + pkgs-k8s.kubectl cfssl # debugging @@ -39,45 +46,6 @@ openssl ]; }; - # Dell R630 - nixosConfigurations."k8s" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - agenix.nixosModules.default - { environment.systemPackages = [ agenix.packages.${system}.default ]; } - { - age.secrets = { - #etcd-root-crt = { - # file = ./secrets/etcd-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - #k8s-root-crt = { - # file = ./secrets/k8s-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - }; - } - ./configuration.nix - { - virtualisation = { - useEFIBoot = true; - libvirtd.enable = true; - }; - } - - #./services/etcd.nix - #./services/k8s.nix - #./services/k8s-apiserver.nix - #./services/k8s-controller-manager.nix - #./services/k8s-kubelet.nix - #./services/k8s-proxy.nix - #./services/k8s-scheduler.nix - ]; - }; } ); } diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix new file mode 100644 index 0000000..9c272eb --- /dev/null +++ b/nixosConfigurations.nix @@ -0,0 +1,71 @@ +{ nixpkgs, agenix, ... }: + +let + system = "x86_64-linux"; + baseModules = [ + agenix.nixosModules.default + { environment.systemPackages = [ agenix.packages.${system}.default ]; } + { + age.secrets = { + #etcd-root-crt = { + # file = ./secrets/etcd-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + #k8s-root-crt = { + # file = ./secrets/k8s-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + }; + } + ./common.nix + ]; + mkSystem = + extraModules: + nixpkgs.lib.nixosSystem { + inherit system; + modules = baseModules ++ extraModules; + }; + mkControlPlaneNode = + extraModules: + mkSystem [ + #./services/etcd.nix + #./services/k8s.nix + #./services/k8s-apiserver.nix + #./services/k8s-controller-manager.nix + #./services/k8s-kubelet.nix + #./services/k8s-proxy.nix + #./services/k8s-scheduler.nix + ] + ++ extraModules; + mkWorkerNode = + extraModules: + mkSystem [ + #./services/k8s.nix + #./services/k8s-kubelet.nix + #./services/k8s-proxy.nix + ] + ++ extraModules; +in +{ + "k8s" = mkSystem [ + ./configuration.nix + { + virtualisation = { + useEFIBoot = true; + libvirtd.enable = true; + }; + } + ]; + "master-01" = mkControlPlaneNode []; + "master-02" = mkControlPlaneNode []; + "master-03" = mkControlPlaneNode []; + "worker-01" = mkWorkerNode []; + "worker-02" = mkWorkerNode []; + "worker-03" = mkWorkerNode []; + "worker-04" = mkWorkerNode []; + "worker-05" = mkWorkerNode []; +}