From 199c92ef53314bc1474cfad797118f9868a9a401 Mon Sep 17 00:00:00 2001 From: notohh Date: Thu, 19 Oct 2023 21:23:25 -0400 Subject: [PATCH] hosts: add tsuru --- hosts/README.md | 1 + hosts/default.nix | 20 +++++++++ hosts/tsuru/default.nix | 29 ++++++++++++ hosts/tsuru/hardware-configuration.nix | 27 +++++++++++ hosts/tsuru/home.nix | 14 ++++++ hosts/tsuru/services/default.nix | 4 ++ hosts/tsuru/services/forgejo-runners.nix | 57 ++++++++++++++++++++++++ 7 files changed, 152 insertions(+) create mode 100644 hosts/tsuru/default.nix create mode 100644 hosts/tsuru/hardware-configuration.nix create mode 100644 hosts/tsuru/home.nix create mode 100644 hosts/tsuru/services/default.nix create mode 100644 hosts/tsuru/services/forgejo-runners.nix diff --git a/hosts/README.md b/hosts/README.md index 5188a00..547125f 100644 --- a/hosts/README.md +++ b/hosts/README.md @@ -10,6 +10,7 @@ Name | Description `sakura` | main vm, hosting most internet connected services `sora` | hetzner vps `tsuki` | main machine running hyprland +`tsuru` | vm for ci/cd runners, and (potentially) a binary cache `yuki` | my old proxmox machine, now running pure nix `default` | defines `nixosConfigurations` `deploy` | defines deployment nodes for deploy-rs diff --git a/hosts/default.nix b/hosts/default.nix index 6674ace..d9ddef8 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -151,4 +151,24 @@ in { } ]; }; + tsuru = nixosSystem { + inherit system; + specialArgs = {inherit inputs;}; + modules = [ + ./tsuru + sopsModule + hmModule + { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.notoh = { + imports = [ + ./tsuru/home.nix + ]; + }; + }; + } + ]; + }; } diff --git a/hosts/tsuru/default.nix b/hosts/tsuru/default.nix new file mode 100644 index 0000000..69468b3 --- /dev/null +++ b/hosts/tsuru/default.nix @@ -0,0 +1,29 @@ +{...}: { + imports = [ + ./hardware-configuration.nix + ./services + ../../modules + ]; + + boot.loader = { + grub = { + enable = true; + configurationLimit = 5; + device = "/dev/sda"; + useOSProber = false; + }; + }; + + networking = { + hostName = "tsuru"; + }; + + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; + + users.users.notoh.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKwby2FLCKFZZlOLDRhsm9GckyYAuyk0mq28jRD02tdv tsuru'' + ]; +} diff --git a/hosts/tsuru/hardware-configuration.nix b/hosts/tsuru/hardware-configuration.nix new file mode 100644 index 0000000..e6d6259 --- /dev/null +++ b/hosts/tsuru/hardware-configuration.nix @@ -0,0 +1,27 @@ +{ + lib, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/625f557a-99a0-4e2d-9aef-f3aed7cea1c8"; + fsType = "ext4"; + }; + + swapDevices = [ + {device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35";} + ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/tsuru/home.nix b/hosts/tsuru/home.nix new file mode 100644 index 0000000..c7eafac --- /dev/null +++ b/hosts/tsuru/home.nix @@ -0,0 +1,14 @@ +{...}: { + imports = [ + ../../home + ]; + + systemd.user.startServices = "sd-switch"; + programs.home-manager.enable = true; + + home = { + username = "notoh"; + homeDirectory = "/home/notoh"; + stateVersion = "23.05"; + }; +} diff --git a/hosts/tsuru/services/default.nix b/hosts/tsuru/services/default.nix new file mode 100644 index 0000000..06ec57d --- /dev/null +++ b/hosts/tsuru/services/default.nix @@ -0,0 +1,4 @@ +_: { + imports = [ + ]; +} diff --git a/hosts/tsuru/services/forgejo-runners.nix b/hosts/tsuru/services/forgejo-runners.nix new file mode 100644 index 0000000..099f484 --- /dev/null +++ b/hosts/tsuru/services/forgejo-runners.nix @@ -0,0 +1,57 @@ +{ + pkgs, + config, + ... +}: { + sops.secrets.forgejo-runner-token = {}; + sops.secrets.basegbot-runner-token = {}; + services.gitea-actions-runner = { + package = pkgs.forgejo-actions-runner; + instances.snowflake = { + settings = { + container = { + network = "host"; + }; + }; + enable = true; + name = config.networking.hostName; + token = config.sops.secrets.forgejo-runner-token.path; + url = "https://git.flake.sh"; + labels = [ + "debian-latest:docker://node:18-bullseye" + "ubuntu-latest:docker://node:18-bullseye" + #"native:host" + ]; + hostPackages = with pkgs; [ + bash + curl + coreutils + wget + gitMinimal + ]; + }; + instances.basegbot = { + settings = { + container = { + network = "host"; + }; + }; + enable = true; + name = config.networking.hostName; + token = config.sops.secrets.basegbot-runner-token.path; + url = "https://git.flake.sh"; + labels = [ + "debian-latest:docker://node:18-bullseye" + "ubuntu-latest:docker://node:18-bullseye" + #"native:host" + ]; + hostPackages = with pkgs; [ + bash + curl + coreutils + wget + gitMinimal + ]; + }; + }; +}