diff --git a/flake.nix b/flake.nix index 21246f7..b12f89f 100644 --- a/flake.nix +++ b/flake.nix @@ -2,30 +2,22 @@ description = "flake to deploy and manage cccb k8s cluster"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; - nixpkgs-k8s.url = "github:NixOS/nixpkgs/771c08bfa8c7da5ab251a1d0d56fb01948f45473"; # kubernetes 1.34.3 + nixpkgs-k8s.url = "github:NixOS/nixpkgs/c05d8d4121d466c8a57b81130ba8ae7551d4f769"; # kubernetes 1.34.2 flake-utils.url = "github:numtide/flake-utils"; agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; - # k8nix = { - # url = "gitlab:luxzeitlos/k8nix/develop"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; }; outputs = - inputs@{ + { self, nixpkgs, nixpkgs-k8s, flake-utils, agenix, - # k8nix, }: - { - nixosConfigurations = (import ./nixosConfigurations.nix inputs); - } - // flake-utils.lib.eachDefaultSystem ( + flake-utils.lib.eachDefaultSystem ( system: let pkgs = import nixpkgs { inherit system; }; @@ -37,15 +29,55 @@ packages = with pkgs; [ agenix.packages.${system}.default gnumake - pkgs-k8s.kubectl + kubectl + kubernetes-helm cfssl # debugging age - etcd_3_6 + etcd openssl ]; }; + # Dell R630 + nixosConfigurations."kaede" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + agenix.nixosModules.default + { environment.systemPackages = [ agenix.packages.${system}.default ]; } + { + age.secrets = { + #etcd-root-crt = { + # file = ./secrets/etcd-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + #k8s-root-crt = { + # file = ./secrets/k8s-root-crt.age; + # mode = "444"; + # owner = "root"; + # group = "root"; + #}; + }; + } + ./configuration.nix + { + virtualisation = { + useEFIBoot = true; + libvirtd.enable = true; + }; + } + + #./services/etcd.nix + #./services/k8s.nix + #./services/k8s-apiserver.nix + #./services/k8s-controller-manager.nix + #./services/k8s-kubelet.nix + #./services/k8s-proxy.nix + #./services/k8s-scheduler.nix + ]; + }; } ); } diff --git a/hosts/kaede/default.nix b/hosts/kaede/default.nix index 78cffc1..6362e27 100644 --- a/hosts/kaede/default.nix +++ b/hosts/kaede/default.nix @@ -5,12 +5,9 @@ useEFIBoot = true; libvirtd = { enable = true; - nss.enableGuest = true; - startDelay = 1; - onShutdown = "shutdown"; }; + rootDevice = "/dev/disk/by-label/nixos"; + mountHostNixStore = true; }; - #rootDevice = "/dev/disk/by-label/nixos"; - #mountHostNixStore = true; } diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix deleted file mode 100644 index 0c2b375..0000000 --- a/nixosConfigurations.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ nixpkgs, agenix, ... }: - -let - system = "x86_64-linux"; - baseModules = [ - agenix.nixosModules.default - { environment.systemPackages = [ agenix.packages.${system}.default ]; } - { - age.secrets = { - #etcd-root-crt = { - # file = ./secrets/etcd-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - #k8s-root-crt = { - # file = ./secrets/k8s-root-crt.age; - # mode = "444"; - # owner = "root"; - # group = "root"; - #}; - }; - } - ]; - mkSystem = - extraModules: - nixpkgs.lib.nixosSystem { - inherit system; - modules = baseModules ++ extraModules; - }; - mkControlPlaneNode = - extraModules: - mkSystem [ - #./services/etcd.nix - #./services/k8s.nix - #./services/k8s-apiserver.nix - #./services/k8s-controller-manager.nix - #./services/k8s-kubelet.nix - #./services/k8s-proxy.nix - #./services/k8s-scheduler.nix - ] - ++ extraModules; - mkWorkerNode = - extraModules: - mkSystem [ - #./services/k8s.nix - #./services/k8s-kubelet.nix - #./services/k8s-proxy.nix - ] - ++ extraModules; -in -{ - "k8s" = mkSystem [ - # ./hosts/kaede/default,nix - ]; - "master-01" = mkControlPlaneNode [ ]; - "master-02" = mkControlPlaneNode [ ]; - "master-03" = mkControlPlaneNode [ ]; - "worker-01" = mkWorkerNode [ ]; - "worker-02" = mkWorkerNode [ ]; - "worker-03" = mkWorkerNode [ ]; - "worker-04" = mkWorkerNode [ ]; - "worker-05" = mkWorkerNode [ ]; -}