diff --git a/flake.lock b/flake.lock index 53978de..3dcccb7 100644 --- a/flake.lock +++ b/flake.lock @@ -45,11 +45,11 @@ ] }, "locked": { - "lastModified": 1674865926, - "narHash": "sha256-FRskwhhhwXetHEbtfRNheybR+jAja0ifaYAGP/k5jPU=", + "lastModified": 1675382955, + "narHash": "sha256-vPzJOkGPPYY0pMsR6sV6MoCguyQ9oblgI2nXnWCw4oI=", "ref": "refs/heads/main", - "rev": "2b4b8f5e9a086d5d398cb9d10cf5bb3689ee3dd3", - "revCount": 56, + "rev": "12d73549e3797cbaf115e2786d06ede272fffae4", + "revCount": 59, "type": "git", "url": "https://git.asonix.dog/asonix/nixos-aarch64-images" }, @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1674641431, - "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", + "lastModified": 1675183161, + "narHash": "sha256-Zq8sNgAxDckpn7tJo7V1afRSk2eoVbu3OjI1QklGLNg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", + "rev": "e1e1b192c1a5aab2960bf0a0bd53a2e8124fa18e", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1674352297, - "narHash": "sha256-OkAnJPrauEcUCrst4/3DKoQfUn2gXKuU6CFvhtMrLgg=", + "lastModified": 1675265860, + "narHash": "sha256-PZNqc4ZnTRT34NsHJYbXn+Yhghh56l8HEXn39SMpGNc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "918b760070bb8f48cb511300fcd7e02e13058a2e", + "rev": "a3a1400571e3b9ccc270c2e8d36194cf05aab6ce", "type": "github" }, "original": { @@ -106,11 +106,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1674546403, - "narHash": "sha256-vkyNv0xzXuEnu9v52TUtRugNmQWIti8c2RhYnbLG71w=", + "lastModified": 1675288837, + "narHash": "sha256-76s8TLENa4PzWDeuIpEF78gqeUrXi6rEJJaKEAaJsXw=", "owner": "Mic92", "repo": "sops-nix", - "rev": "b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c", + "rev": "a81ce6c961480b3b93498507074000c589bd9d60", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b914308..f1d13b4 100644 --- a/flake.nix +++ b/flake.nix @@ -39,7 +39,53 @@ ] ++ extraModules; }; - makeK3sConfig = { hostname, enableK3s ? true, unlockMounts ? true, mountVolumes ? true, selfIp, serverIp ? null }: + makeGenericK3sConfig = { hostname, enableK3s ? true, selfIp, serverIp ? null, extraModules ? [ ] }: + with image-builder.packages.aarch64-linux.modules; + makeConfig { + inherit hostname; + + extraModules = [ + (if serverIp == null + then + k3sModule.server { enable = enableK3s; } + else + k3sModule.agent { + inherit serverIp; + enable = enableK3s; + }) + ({ config, pkgs, ... }: + { + services.lvm.enable = true; + + networking = { + interfaces.end0.ipv4.addresses = [ + { + address = selfIp; + prefixLength = 24; + } + ]; + defaultGateway = "192.168.20.1"; + nameservers = [ "192.168.20.21" "192.168.20.1" ]; + }; + + environment.systemPackages = with pkgs; [ + nfs-utils + ]; + }) + ] ++ extraModules; + }; + + makeRock64K3sConfig = { hostname, enableK3s ? true, selfIp, serverIp }: + with image-builder.packages.aarch64-linux.modules; + makeGenericK3sConfig { + inherit hostname enableK3s selfIp serverIp; + + extraModules = [ + rock64 + ]; + }; + + makeSoQuartzK3sConfig = { hostname, enableK3s ? true, unlockMounts ? true, mountVolumes ? true, selfIp, serverIp ? null }: with image-builder.packages.aarch64-linux.modules; let device = "/dev/mapper/cryptdrive1"; @@ -47,8 +93,10 @@ "@k3s-config" ]; in - makeConfig { - inherit hostname; + makeGenericK3sConfig { + inherit hostname selfIp serverIp; + + enableK3s = unlockMounts && mountVolumes && enableK3s; extraModules = [ soquartz-blade @@ -61,14 +109,6 @@ (subvolumesModule { inherit device subvolumes; }) else { }) - (if serverIp == null - then - k3sModule.server { enable = unlockMounts && mountVolumes && enableK3s; } - else - k3sModule.agent { - inherit serverIp; - enable = enableK3s; - }) ({ config, pkgs, ... }: let keyFilePath = config.sops.secrets.k3sKeyFile.path; @@ -110,19 +150,6 @@ ''; in { - services.lvm.enable = true; - - networking = { - interfaces.end0.ipv4.addresses = [ - { - address = selfIp; - prefixLength = 24; - } - ]; - defaultGateway = "192.168.20.1"; - nameservers = [ "192.168.20.21" "192.168.20.1" ]; - }; - sops.secrets.k3sKeyFile = { format = "binary"; sopsFile = ./secrets/k3sKeyFile.bin; @@ -130,7 +157,6 @@ environment.systemPackages = with pkgs; [ (writeShellScriptBin "prepare-nvme" prepareNvme) - nfs-utils ]; environment.etc.crypttab = { @@ -326,12 +352,12 @@ primaryIp = "192.168.20.26"; }; - k3s1 = makeK3sConfig { + k3s1 = makeSoQuartzK3sConfig { hostname = "k3s1"; selfIp = "192.168.20.120"; }; - k3s2 = makeK3sConfig { + k3s2 = makeSoQuartzK3sConfig { hostname = "k3s2"; selfIp = "192.168.20.121"; serverIp = "192.168.20.120"; @@ -339,6 +365,12 @@ mountVolumes = false; enableK3s = false; }; + + k3s-rock1 = makeRock64K3sConfig { + hostname = "k3s-rock1"; + selfIp = "192.168.20.20"; + serverIp = "129.168.20.120"; + }; }; deploy.nodes.nextcloud2 = deployer { @@ -350,5 +382,10 @@ hostname = "192.168.20.120"; configuration = self.nixosConfigurations.k3s1; }; + + deploy.nodes.k3s-rock1 = deployer { + hostname = "192.168.20.20"; + configuration = self.nixosConfigurations.k3s-rock1; + }; }; }