From 756d4347fd8af25cfa7e2c6e44e6a25d8df1fae0 Mon Sep 17 00:00:00 2001 From: "Ricardo (XenGi) Band" Date: Sun, 28 Sep 2025 16:54:40 +0200 Subject: [PATCH 1/2] move system config to seperate file --- flake.nix | 54 +++++++------------------------ nixosConfigurations.nix | 71 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 43 deletions(-) create mode 100644 nixosConfigurations.nix diff --git a/flake.nix b/flake.nix index 28d064d..75af120 100644 --- a/flake.nix +++ b/flake.nix @@ -8,16 +8,24 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + # k8nix = { + # url = "gitlab:luxzeitlos/k8nix/develop"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; }; outputs = - { + inputs@{ self, nixpkgs, nixpkgs-k8s, flake-utils, agenix, + # k8nix, }: - flake-utils.lib.eachDefaultSystem ( + { + nixosConfigurations = (import ./nixosConfigurations.nix inputs); + } + // flake-utils.lib.eachDefaultSystem ( system: let pkgs = import nixpkgs { inherit system; }; @@ -29,8 +37,7 @@ packages = with pkgs; [ agenix.packages.${system}.default gnumake - kubectl - kubernetes-helm + pkgs-k8s.kubectl cfssl # debugging @@ -39,45 +46,6 @@ openssl ]; }; - # Dell R630 - nixosConfigurations."k8s" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - agenix.nixosModules.default - { environment.systemPackages = [ agenix.packages.${system}.default ]; } - { - age.secrets = { - #etcd-root-crt = { - # file = ./secrets/etcd-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - #k8s-root-crt = { - # file = ./secrets/k8s-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - }; - } - ./configuration.nix - { - virtualisation = { - useEFIBoot = true; - libvirtd.enable = true; - }; - } - - #./services/etcd.nix - #./services/k8s.nix - #./services/k8s-apiserver.nix - #./services/k8s-controller-manager.nix - #./services/k8s-kubelet.nix - #./services/k8s-proxy.nix - #./services/k8s-scheduler.nix - ]; - }; } ); } diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix new file mode 100644 index 0000000..9c272eb --- /dev/null +++ b/nixosConfigurations.nix @@ -0,0 +1,71 @@ +{ nixpkgs, agenix, ... }: + +let + system = "x86_64-linux"; + baseModules = [ + agenix.nixosModules.default + { environment.systemPackages = [ agenix.packages.${system}.default ]; } + { + age.secrets = { + #etcd-root-crt = { + # file = ./secrets/etcd-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + #k8s-root-crt = { + # file = ./secrets/k8s-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + }; + } + ./common.nix + ]; + mkSystem = + extraModules: + nixpkgs.lib.nixosSystem { + inherit system; + modules = baseModules ++ extraModules; + }; + mkControlPlaneNode = + extraModules: + mkSystem [ + #./services/etcd.nix + #./services/k8s.nix + #./services/k8s-apiserver.nix + #./services/k8s-controller-manager.nix + #./services/k8s-kubelet.nix + #./services/k8s-proxy.nix + #./services/k8s-scheduler.nix + ] + ++ extraModules; + mkWorkerNode = + extraModules: + mkSystem [ + #./services/k8s.nix + #./services/k8s-kubelet.nix + #./services/k8s-proxy.nix + ] + ++ extraModules; +in +{ + "k8s" = mkSystem [ + ./configuration.nix + { + virtualisation = { + useEFIBoot = true; + libvirtd.enable = true; + }; + } + ]; + "master-01" = mkControlPlaneNode []; + "master-02" = mkControlPlaneNode []; + "master-03" = mkControlPlaneNode []; + "worker-01" = mkWorkerNode []; + "worker-02" = mkWorkerNode []; + "worker-03" = mkWorkerNode []; + "worker-04" = mkWorkerNode []; + "worker-05" = mkWorkerNode []; +} From ddd3a2096d23b5b5f1bcb03a57d4261f57a282f1 Mon Sep 17 00:00:00 2001 From: "Ricardo (XenGi) Band" Date: Mon, 29 Dec 2025 16:50:01 +0100 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=94=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- flake.nix | 16 ++++++++-------- nixosConfigurations.nix | 26 +++++++++++++++----------- 2 files changed, 23 insertions(+), 19 deletions(-) diff --git a/flake.nix b/flake.nix index 75af120..21246f7 100644 --- a/flake.nix +++ b/flake.nix @@ -1,17 +1,17 @@ { description = "flake to deploy and manage cccb k8s cluster"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; - nixpkgs-k8s.url = "github:NixOS/nixpkgs/4acc7f1d238d2b4f5d86bc65ca9b703d802e6e02"; # kubernetes 1.33.4 + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; + nixpkgs-k8s.url = "github:NixOS/nixpkgs/771c08bfa8c7da5ab251a1d0d56fb01948f45473"; # kubernetes 1.34.3 flake-utils.url = "github:numtide/flake-utils"; agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; - # k8nix = { - # url = "gitlab:luxzeitlos/k8nix/develop"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; + # k8nix = { + # url = "gitlab:luxzeitlos/k8nix/develop"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; }; outputs = inputs@{ @@ -20,7 +20,7 @@ nixpkgs-k8s, flake-utils, agenix, - # k8nix, + # k8nix, }: { nixosConfigurations = (import ./nixosConfigurations.nix inputs); @@ -42,7 +42,7 @@ # debugging age - etcd + etcd_3_6 openssl ]; }; diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix index 9c272eb..90767ed 100644 --- a/nixosConfigurations.nix +++ b/nixosConfigurations.nix @@ -21,7 +21,6 @@ let #}; }; } - ./common.nix ]; mkSystem = extraModules: @@ -52,20 +51,25 @@ let in { "k8s" = mkSystem [ - ./configuration.nix + # ./configuration.nix { virtualisation = { useEFIBoot = true; - libvirtd.enable = true; + libvirtd = { + enable = true; + nss.enableGuest = true; + startDelay = 1; + onShutdown = "shutdown"; + }; }; } ]; - "master-01" = mkControlPlaneNode []; - "master-02" = mkControlPlaneNode []; - "master-03" = mkControlPlaneNode []; - "worker-01" = mkWorkerNode []; - "worker-02" = mkWorkerNode []; - "worker-03" = mkWorkerNode []; - "worker-04" = mkWorkerNode []; - "worker-05" = mkWorkerNode []; + "master-01" = mkControlPlaneNode [ ]; + "master-02" = mkControlPlaneNode [ ]; + "master-03" = mkControlPlaneNode [ ]; + "worker-01" = mkWorkerNode [ ]; + "worker-02" = mkWorkerNode [ ]; + "worker-03" = mkWorkerNode [ ]; + "worker-04" = mkWorkerNode [ ]; + "worker-05" = mkWorkerNode [ ]; }