Merge branch 'master' of gitlab.com:pazpi/nix

2024-09-11 21:41:56 +02:00 · 2024-09-11 21:41:56 +02:00 · 797411f44a
commit 797411f44a
parent cbb0f773b9 dcac67e097
16 changed files with 262 additions and 132 deletions
--- a/hosts/base-lxc.nix
+++ b/hosts/base-lxc.nix
@ -0,0 +1,30 @@
+# Starting image for LXC containers on Proxmox
+
+{ config, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/virtualisation/proxmox-lxc.nix")
+  ];
+
+  users = {
+    users.root = {
+      hashedPassword = "$6$gir1YD6tNdC9xAj0$zLr1yt/ea9PvwygjHfQVnPmeCd1.2zrAKWiN80duidwOkZF6hwm06ta6J3O9uw6F3uUHC0N7iiKYhCgXXR.Q7/";
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
+      ];
+    };
+  };
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # Auto update
+  system.autoUpgrade.enable = true;
+
+  # Auto delete old generations
+  nix.gc.automatic = true;
+  nix.gc.options = "--delete-older-than 2d";
+
+  system.stateVersion = "24.05";
+
+}
--- a/hosts/caddy/default.nix
+++ b/hosts/caddy/default.nix
@ -0,0 +1,69 @@
+{ config
+, pkgs
+, lib
+, ...
+}:
+let
+  tailscaleMagicDNS = "neon-dory.ts.net";
+in
+{
+
+  age.secrets = {
+    tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
+  };
+
+  my = {
+    utils.commons.enable = true;
+
+    services.media-mgr = {
+      proxy = {
+        enable = true;
+        domain = "tegola.pro";
+        host = "arr.internal";
+      };
+    };
+
+    monitoring = {
+      prometheus = {
+        proxy = {
+          domain = "tegola.pro";
+          host = "metrics.internal";
+        };
+      };
+    };
+
+    networking = {
+      tailscale = {
+        enable = true;
+        magicDNSDomain = tailscaleMagicDNS;
+        authKeyFile = config.age.secrets.tailscale-authKey.path;
+      };
+
+      caddy.enable = true;
+    };
+
+    virtualisation = {
+      proxmox.enable = true;
+    };
+  };
+
+  time.timeZone = "Europe/Rome";
+
+  # Extra packages
+  environment.systemPackages = with pkgs; [ ];
+
+  services = {
+    openssh.enable = true;
+
+    prometheus.exporters = {
+      node = {
+        enable = true;
+        enabledCollectors = [ "systemd" ];
+      };
+    };
+  };
+
+  networking.nameservers = [ "192.168.1.2" ];
+
+  system.stateVersion = "24.05";
+}
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -1,10 +1,9 @@
-{
-  nixpkgs,
-  nixos-hardware,
-  agenix,
-  home-manager,
-  lix-module,
-  ...
+{ nixpkgs
+, nixos-hardware
+, agenix
+, home-manager
+, lix-module
+, ...
 }:
 let
  agenixOverlay = final: prev: { agenix = agenix.packages.${prev.system}.default; };
@ -49,6 +48,16 @@ in
    # specialArgs = { };
  };

+  baseLXC = nixpkgs.lib.nixosSystem {
+    pkgs = pkgs "x86_64-linux";
+    modules = [
+      myModule
+      proxmoxModule
+      ./base-lxc.nix
+      agenix.nixosModules.default
+    ];
+  };
+
  arr = nixpkgs.lib.nixosSystem {
    pkgs = pkgs "x86_64-linux";
    modules = [
@ -60,6 +69,17 @@ in
    # specialArgs = { };
  };

+  caddy = nixpkgs.lib.nixosSystem {
+    pkgs = pkgs "x86_64-linux";
+    modules = [
+      myModule
+      proxmoxModule
+      ./caddy
+      agenix.nixosModules.default
+    ];
+    # specialArgs = { };
+  };
+
  metrics = nixpkgs.lib.nixosSystem {
    pkgs = pkgs "x86_64-linux";
    modules = [
--- a/hosts/metrics/default.nix
+++ b/hosts/metrics/default.nix
@ -1,8 +1,7 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
+{ config
+, pkgs
+, lib
+, ...
 }:
 let
  tailscaleMagicDNS = "neon-dory.ts.net";
@ -18,20 +17,20 @@ in

    services.media-mgr = {
      exportMetrics.enable = true;
-      proxy = {
-        enable = true;
-        domain = "tegola.pro";
-        host = "arr.internal";
-      };
+      # proxy = {
+      #   enable = true;
+      #   domain = "tegola.pro";
+      #   host = "arr.internal";
+      # };
    };

    monitoring = {
      prometheus = {
        enable = true;
-        proxy = {
-          domain = "tegola.pro";
-          host = "metrics.internal";
-        };
+        # proxy = {
+        #   domain = "tegola.pro";
+        #   host = "metrics.internal";
+        # };
      };
    };

@ -42,7 +41,7 @@ in
        authKeyFile = config.age.secrets.tailscale-authKey.path;
      };

-      caddy.enable = true;
+      # caddy.enable = true;
    };

    virtualisation = {
@ -60,11 +59,17 @@ in

    prometheus.scrapeConfigs = [
      {
-        job_name = "metrics-host";
+        job_name = "host-metrics";
        static_configs = [
          { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }
        ];
      }
+      {
+        job_name = "host-caddy";
+        static_configs = [
+          { targets = [ "caddy.internal:${toString config.services.prometheus.exporters.node.port}" ]; }
+        ];
+      }
    ];

    prometheus.exporters = {
@ -75,7 +80,7 @@ in
    };
  };

-  networking.nameservers = [ "192.168.1.2" ];
+  # networking.nameservers = [ "192.168.1.2" ];

  system.stateVersion = "24.05";
 }