tjo-cloud/ingress
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: cloudinit nix cofig

Browse source
This commit is contained in:
Tine 2024-08-25 00:15:57 +02:00
parent 303601de94
commit 207d47ab5e
Signed by: mentos1386
SSH key fingerprint: SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
2 changed files with 42 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
configuration.nix
View file

@ -31,11 +31,23 @@ in
services.cloud-init = {
enable = true;
network.enable = true;
settings = {
settings = lib.mkOptionDefault {
datasource = {
NoCloud = { };
ConfigDrive = { };
};
cloud_init_modules = [
[
"write-files"
"always"
]
];
cloud_config_modules = [
[
"runcmd"
"always"
]
];
system_info = {
default_user = {
name = "nixos";
@ -64,8 +76,14 @@ in
# TAILSCALE
services.tailscale = {
enable = true;
authKeyFile = "/run/secrets/tailscale.com/authkey";
extraUpFlags = [
"--ssh"
"--accept-routes"
];
};
systemd.services.qemu-guest-agent.enable = false;
systemd.services.qemu-guest-agent.after = [ "tailscaled-autoconnect.service" ];
systemd.services.qemu-guest-agent.requires = [ "tailscaled-autoconnect.service" ];
# FIREWALL
networking.useNetworkd = true;

53
terraform/node.tf
View file

@ -1,14 +1,9 @@
locals {
nodes_with_names = {
for k, v in var.nodes : k => merge(v, {
id = 700 + index(keys(var.nodes), k)
hostname = "${v.name}.ingress.tjo.cloud"
hash = sha1(v.name)
})
}
nodes = {
for k, v in local.nodes_with_names : k => merge(v, {
mac_address = "AA:BB:07:00:${format("%v:%v", substr(v.hash, 0, 2), substr(v.hash, 2, 2))}"
for k, v in var.nodes : k => merge(v, {
id = 700 + index(keys(var.nodes), k)
hash = sha1(v.name)
mac_address = "AA:BB:07:00:${format("%v:%v", substr(sha1(v.name), 0, 2), substr(sha1(v.name), 2, 2))}"
})
}
@ -55,22 +50,6 @@ resource "proxmox_virtual_environment_file" "ingress" {
}
}
resource "proxmox_virtual_environment_file" "metadata" {
for_each = local.nodes
node_name = each.value.host
content_type = "snippets"
datastore_id = var.common_storage
source_raw {
data = <<-EOF
hostname: ${each.value.hostname}
id: ${each.value.id}
EOF
file_name = "${each.value.hostname}.metadata.yaml"
}
}
resource "proxmox_virtual_environment_file" "userdata" {
for_each = local.nodes
@ -85,11 +64,24 @@ resource "proxmox_virtual_environment_file" "userdata" {
%{for key in var.ssh_keys~}
- ${key}
%{endfor}
write_files:
- path: /run/secrets/tailscale.com/authkey
content: ${var.tailscale_apikey}
permissions: '0400'
owner: root:root
- path: /etc/nixos/configuration.nix
content: |
{ config, pkgs, ... }:
{
system.stateVersion = "23.11";
networking.hostName = "${each.value.name}";
networking.domain = "ingress.tjo.cloud";
}
runcmd:
- /run/current-system/sw/bin/tailscale up --accept-routes --ssh --authkey ${tailscale_tailnet_key.ingress.key}
- systemctl enable --now qemu-guest-agent
- systemctl start tailscaled-autoconnect.service
- nixos-rebuild switch
EOF
file_name = "${each.value.hostname}.userconfig.yaml"
file_name = "${each.value.name}.ingress.tjo.cloud.userconfig.yaml"
}
}
@ -97,7 +89,7 @@ resource "proxmox_virtual_environment_vm" "nodes" {
for_each = local.nodes
vm_id = each.value.id
name = each.value.hostname
name = "${each.value.name}.ingress.tjo.cloud"
node_name = each.value.host
description = "Node ${each.value.name} for ingress.tjo.cloud."
@ -110,7 +102,7 @@ resource "proxmox_virtual_environment_vm" "nodes" {
timeout_stop_vm = 60
timeout_shutdown_vm = 60
timeout_reboot = 60
timeout_create = 120
timeout_create = 600
cpu {
cores = each.value.cores
@ -155,6 +147,5 @@ resource "proxmox_virtual_environment_vm" "nodes" {
interface = "sata0"
datastore_id = each.value.storage
user_data_file_id = proxmox_virtual_environment_file.userdata[each.key].id
meta_data_file_id = proxmox_virtual_environment_file.metadata[each.key].id
}
}