From 830f33f7c4c9502cad1a5cdb00b8a0dd6a895980 Mon Sep 17 00:00:00 2001 From: Jakub Skokan Date: Thu, 2 Aug 2018 12:52:11 +0200 Subject: [PATCH] Initial commit --- lib/vpsadminos/local.nix | 26 +++++++++++++ lib/vpsadminos/pinned.nix | 40 ++++++++++++++++++++ machines/vosa/configuration.nix | 44 ++++++++++++++++++++++ machines/vosa/hardware-configuration.nix | 18 +++++++++ network-libvirt.nix | 7 ++++ network.nix | 21 +++++++++++ pinned/default.nix | 47 ++++++++++++++++++++++++ pinned/nixpkgs-vpsfreecz.json | 7 ++++ pinned/pin_nixpkgs_vpsfree | 2 + pinned/pin_vpsadminos | 2 + pinned/vpsadminos.json | 7 ++++ 11 files changed, 221 insertions(+) create mode 100644 lib/vpsadminos/local.nix create mode 100644 lib/vpsadminos/pinned.nix create mode 100644 machines/vosa/configuration.nix create mode 100644 machines/vosa/hardware-configuration.nix create mode 100644 network-libvirt.nix create mode 100644 network.nix create mode 100644 pinned/default.nix create mode 100644 pinned/nixpkgs-vpsfreecz.json create mode 100755 pinned/pin_nixpkgs_vpsfree create mode 100755 pinned/pin_vpsadminos create mode 100644 pinned/vpsadminos.json diff --git a/lib/vpsadminos/local.nix b/lib/vpsadminos/local.nix new file mode 100644 index 0000000..4e4e8f7 --- /dev/null +++ b/lib/vpsadminos/local.nix @@ -0,0 +1,26 @@ +let + nixpkgsPath = "/home/aither/workspace/vpsadmin/nixpkgs"; + vpsadminosPath = "/home/aither/workspace/vpsadmin/vpsadminos"; + +in +{ + vpsadminos = {configuration, modules ? []}: + let + # this is fed into scopedImport so vpsadminos sees correct everywhere + overrides = { + __nixPath = [ + { prefix = "nixpkgs"; path = nixpkgsPath; } + { prefix = "vpsadminos"; path = vpsadminosPath; } + ] ++ builtins.nixPath; + import = fn: scopedImport overrides fn; + scopedImport = attrs: fn: scopedImport (overrides // attrs) fn; + builtins = builtins // overrides; + }; + in + builtins.scopedImport overrides (vpsadminosPath + "/os/") { + nixpkgs = nixpkgsPath; + system = "x86_64-linux"; + extraModules = modules; + inherit configuration; + }; +} diff --git a/lib/vpsadminos/pinned.nix b/lib/vpsadminos/pinned.nix new file mode 100644 index 0000000..33e2db4 --- /dev/null +++ b/lib/vpsadminos/pinned.nix @@ -0,0 +1,40 @@ +let + pkgs = import {}; + +in +{ + vpsadminos_spec = builtins.fromJSON (builtins.readFile ./pinned/vpsadminos.json); + vpsadminosGit = builtins.trace vpsadminos_spec pkgs.fetchgit { + inherit (vpsadminos_spec) url rev sha256; + leaveDotGit = true; + }; + + nixpkgsVpsFree_spec = builtins.fromJSON (builtins.readFile ./pinned/nixpkgs-vpsfreecz.json); + + nixpkgsVpsFreeGit = pkgs.fetchgit { + inherit (nixpkgsVpsFree_spec) url rev sha256; + leaveDotGit = true; + }; + + nixpkgsVpsFree = import nixpkgsVpsFreeGit {}; + + vpsadminos = {configuration, modules ? []}: + let + # this is fed into scopedImport so vpsadminos sees correct everywhere + overrides = { + __nixPath = [ + { prefix = "nixpkgs"; path = nixpkgsVpsFree.path; } + { prefix = "vpsadminos"; path = vpsadminosGit; } + ] ++ builtins.nixPath; + import = fn: scopedImport overrides fn; + scopedImport = attrs: fn: scopedImport (overrides // attrs) fn; + builtins = builtins // overrides; + }; + in + builtins.scopedImport overrides (vpsadminosGit + "/os/") { + nixpkgs = nixpkgsVpsFree.path; + system = "x86_64-linux"; + extraModules = modules; + inherit configuration; + }; +} diff --git a/machines/vosa/configuration.nix b/machines/vosa/configuration.nix new file mode 100644 index 0000000..381eaa6 --- /dev/null +++ b/machines/vosa/configuration.nix @@ -0,0 +1,44 @@ +{ config, pkgs, ... }: + +{ + imports = [ + + ./hardware-configuration.nix + ]; + + #deployment.targetHost = "192.168.2.106"; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + networking.hostName = "vosa"; # Define your hostname. + networking.dhcp = true; + networking.dhcpd = true; + networking.lxcbr = true; + networking.nat = true; + + i18n = { + consoleFont = "Lat2-Terminus16"; + consoleKeyMap = "us"; + defaultLocale = "en_US.UTF-8"; + }; + + time.timeZone = "Europe/Prague"; + + environment.systemPackages = with pkgs; [ + git + htop + nano + vim + wget + ]; + + services.openssh.enable = true; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWNChi95oRKXtSGdXtbthvXgWXk4y7uqpKVSIfqPq5GzI/S5WmAGe73Tc6o7aBzby09xpmLI/i41+jzQdSfxrGoCFRvpV+2W221jcdWyF/ojXiUciX2dQGS1gsKVcYNjLmqUrN/fNgY5XjuB10VU3nCenmRGGPep1Sx8CYi61lf5Qxb0AF71ylNJ8/rEXjkXad1vi7zTFteEWj3MmOoK1Fau4ykr6o4v2lSRWEvIxY9S+AFwNVqBtCC210ks1XYInaYuPnz0mdRmoOQIATLdBvIyHuWW5y8M9K+aplkLrUBI8abbrLcGze3lRusx4S3w2V4Pvgt9+DtpRM+kyC5gBhUxO8rY7+pBiIWP0WF87Xs5XfUe+nlhnbp23A/rAppvT6NnpvY10bvWTnKbnBlSyGWPUlYLVdqRwshLNSIKr2YByWorzNtnP63rTe5E8gHnpMs3+4f1Rdz0xgSx8kNZ0vAi7w2moFsjwQzc94Uzy52SkYkGgFYpkystXP05GKyB4N0nStoU25KmdX8dsSYGzF0WERy8KWx0tr1Hv/YONWek7IIHDZin5cTyhkbyktenlAyLJ5uj9Oty4MgKPsE3+GrMdczVTBf5ThhSuvyrZo2CqjTSBc6j7mEyEAAHqM6JNVyPRqhDYmtaK0iLTJCAyqnzQyLD9gxEBuTj/o+3rcw== aither@orion" + ]; + + system.nixos.stateVersion = "18.03"; +} diff --git a/machines/vosa/hardware-configuration.nix b/machines/vosa/hardware-configuration.nix new file mode 100644 index 0000000..3ecccc1 --- /dev/null +++ b/machines/vosa/hardware-configuration.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: + +{ + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "ahci" "sd_mod" "sr_mod" ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.kernelParams = [ "root=/dev/sda1" "nolive" ]; + boot.initrd.kernelModules = [ "ext4" ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/41c4fbd1-7080-47b5-84c2-1f0b5694f0a5"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 6; +} diff --git a/network-libvirt.nix b/network-libvirt.nix new file mode 100644 index 0000000..f1ad96b --- /dev/null +++ b/network-libvirt.nix @@ -0,0 +1,7 @@ +{ + vosa = + { config, lib, pkgs, ... }: + { + deployment.targetHost = "192.168.2.106"; + }; +} diff --git a/network.nix b/network.nix new file mode 100644 index 0000000..49070ca --- /dev/null +++ b/network.nix @@ -0,0 +1,21 @@ +let + #pinned = import ./lib/vpsadminos/pinned.nix; + pinned = import ./lib/vpsadminos/local.nix; +in +{ + network.description = "testish infrastructure"; + + vosa = + #{ config, pkgs, lib, ...}: + let + osCfg = (pinned.vpsadminos { configuration = ./machines/vosa/configuration.nix; }).config; + nixopsCfg = { + deployment.targetHost = "192.168.2.106"; + environment.checkConfigurationOptions = true; + }; + in + osCfg // nixopsCfg; + + # vosa = + # (pinned.vpsadminos { configuration = ./machines/vosa/configuration.nix; }).config; +} diff --git a/pinned/default.nix b/pinned/default.nix new file mode 100644 index 0000000..00b90f4 --- /dev/null +++ b/pinned/default.nix @@ -0,0 +1,47 @@ +{ lib, pkgs, ... }: +with builtins; +rec { + + vpsadminos_spec = builtins.fromJSON (builtins.readFile ./pinned/vpsadminos.json); + vpsadminosGit = trace vpsadminos_spec pkgs.fetchgit { + inherit (vpsadminos_spec) url rev sha256; + leaveDotGit = true; + }; + # if you need to build directly from git for testing + # - uses filterSource to get rid of .git and a custom filter to exclude possible disk images + /* + vpsadminosGit = builtins.filterSource (p: t: + lib.cleanSourceFilter p t + && (!lib.hasSuffix "img" (baseNameOf p)) + && (baseNameOf p != "local.nix") + ) ../../git/vpsadminos; + */ + + nixpkgsVpsFree_spec = builtins.fromJSON (builtins.readFile ./pinned/nixpkgs-vpsfreecz.json); + + nixpkgsVpsFreeGit = pkgs.fetchgit { + inherit (nixpkgsVpsFree_spec) url rev sha256; + leaveDotGit = true; + }; + + nixpkgsVpsFree = import nixpkgsVpsFreeGit {}; + + vpsadminos = {modules ? []}: + let + # this is fed into scopedImport so vpsadminos sees correct everywhere + overrides = { + __nixPath = [ { prefix = "nixpkgs"; path = nixpkgsVpsFree.path; } ] ++ builtins.nixPath; + import = fn: scopedImport overrides fn; + scopedImport = attrs: fn: scopedImport (overrides // attrs) fn; + builtins = builtins // overrides; + }; + in + builtins.scopedImport overrides (vpsadminosGit + "/os/") { + nixpkgs = nixpkgsVpsFree.path; + system = "x86_64-linux"; + extraModules = modules; + vpsadmin = vpsadminGit; + }; + + vpsadminosBuild = {modules ? []}: (vpsadminos { inherit modules; }).config.system.build; +} diff --git a/pinned/nixpkgs-vpsfreecz.json b/pinned/nixpkgs-vpsfreecz.json new file mode 100644 index 0000000..05be749 --- /dev/null +++ b/pinned/nixpkgs-vpsfreecz.json @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/vpsfreecz/nixpkgs", + "rev": "f33f79e01a14b9698637ce26c72ff92a6a2057ba", + "date": "2018-07-14T19:32:30+02:00", + "sha256": "0yv3zl6dmw8frgdblscyckxqxfgh44n0s5j9f3h7hbm704yn0g76", + "fetchSubmodules": true +} diff --git a/pinned/pin_nixpkgs_vpsfree b/pinned/pin_nixpkgs_vpsfree new file mode 100755 index 0000000..e84b6b4 --- /dev/null +++ b/pinned/pin_nixpkgs_vpsfree @@ -0,0 +1,2 @@ +nix-prefetch-git --leave-dotGit https://github.com/vpsfreecz/nixpkgs $1 > nixpkgs-vpsfreecz.json +cat nixpkgs-vpsfreecz.json diff --git a/pinned/pin_vpsadminos b/pinned/pin_vpsadminos new file mode 100755 index 0000000..6febfb5 --- /dev/null +++ b/pinned/pin_vpsadminos @@ -0,0 +1,2 @@ +nix-prefetch-git --leave-dotGit https://github.com/vpsfreecz/vpsadminos $1 > vpsadminos.json +cat vpsadminos.json diff --git a/pinned/vpsadminos.json b/pinned/vpsadminos.json new file mode 100644 index 0000000..2c0be0b --- /dev/null +++ b/pinned/vpsadminos.json @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/vpsfreecz/vpsadminos", + "rev": "5de1aee04cb5a88887a4e6db582ef9cd6f3542aa", + "date": "2018-08-02T02:36:34+02:00", + "sha256": "0mbc4c5958ny9l8wfk2nv5jai0a3dxd37nnfkrhjj0i1hlgljg47", + "fetchSubmodules": true +}