arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity

Compare commits

base: arch:dba86d8a6f0047305afff1b17d69fbb750166ac6
Branches Tags
arch:trunk
arch:woodpecker-ci
..
compare: arch:959bf8253cc7793a6efbc6dec2d513a035986c76
Branches Tags
arch:trunk
arch:woodpecker-ci

3 commits
dba86d8a6f ... 959bf8253c

Author SHA1 Message Date
Gabriel Simmer 959bf8253c
Add oracle cloud based ARM runner for forge
All checks were successful
Lint / lint (push) Successful in 7s
Details
2023-07-15 22:54:03 +01:00
Gabriel Simmer 1ddd8a336c
Remove used join token from nas configuration 2023-07-15 22:53:47 +01:00
Gabriel Simmer 0d1dec22ce
Remove ipad and vm dev configurations 2023-07-15 22:53:30 +01:00
8 changed files with 71 additions and 166 deletions
Show stats Expand all files Collapse all files

46
krops/dev-vm/configuration.nix
View file

@ -1,46 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware
];
boot.cleanTmpDir = true;
zramSwap.enable = true;
networking.hostName = "ipad-dev";
networking.domain = "gmem.ca";
environment.systemPackages = with pkgs; [
vim
wget
git
htop
tailscale
];
users.users.gsimmer = {
isNormalUser = true;
home = "/home/gsimmer";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICCc6k8tl2ahB3HtjpGK403Wkk+nQKgIhSgdBXxmXdsEAAAABHNzaDo="
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMO7u+6hBN3XJfRFZCxADyLJfI8zGO2pj9AxkF0FecSR8GFuzP77wyUzmHosQcxe/P/N1TeNdfIDCatogqft9w4="
];
};
virtualisation = {
docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
services.openssh.enable = true;
services.tailscale.enable = true;
system.stateVersion = "22.11";
}

14
krops/dev-vm/hardware.nix
View file

@ -1,14 +0,0 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
fileSystems."/boot" = { device = "/dev/disk/by-uuid/4D96-3CE6"; fsType = "vfat"; };
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
}

70
krops/ipad-dev/configuration.nix
View file

@ -1,70 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware.nix
<home-manager/nixos>
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
boot.cleanTmpDir = true;
zramSwap.enable = true;
networking.hostName = "ipad-dev";
networking.domain = "gmem.ca";
environment.systemPackages = with pkgs; [
vim
wget
git
htop
tailscale
home-manager
];
programs.zsh.enable = true;
programs.fish.enable = true;
environment.shells = with pkgs; [ zsh fish ];
users.users = {
gsimmer = {
shell = pkgs.fish;
isNormalUser = true;
home = "/home/gsimmer";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICCc6k8tl2ahB3HtjpGK403Wkk+nQKgIhSgdBXxmXdsEAAAABHNzaDo="
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMO7u+6hBN3XJfRFZCxADyLJfI8zGO2pj9AxkF0FecSR8GFuzP77wyUzmHosQcxe/P/N1TeNdfIDCatogqft9w4="
];
};
root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr"
];
};
home-manager.users.gsimmer = { pkgs, ... }: {
home.packages = with pkgs; [ kubectl kubernetes-helm teleport ];
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
programs.git = {
userName = "Gabriel Simmer";
userEmail = "git@gmem.ca";
};
programs.bash.enable = false;
home.stateVersion = "22.11";
};
virtualisation = {
docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
services.openssh.enable = true;
services.tailscale.enable = true;
system.stateVersion = "22.11";
}

8
krops/ipad-dev/flake.nix
View file

@ -1,8 +0,0 @@
{
outputs = { self, nixpkgs }: {
nixosConfigurations.ipad-dev = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [ ./configuration.nix ];
};
};
}

34
krops/krops.nix
View file

@ -5,28 +5,16 @@ let
lib = import "${krops}/lib";
pkgs = import "${krops}/pkgs" {};
dev-vm-source = lib.evalSource [
oracle-gitea-runner-source = lib.evalSource [
{
nixpkgs.git = {
ref = "origin/nixos-22.11";
ref = "0a4f20e1867ebb798ba5ed51b9db52a09ba6623d";
url = https://github.com/NixOS/nixpkgs;
shallow = true;
};
nixos-config.file = toString ./dev-vm/configuration.nix;
hardware.file = toString ./dev-vm/hardware.nix;
}
];
ipad-dev-source = lib.evalSource [
{
nixpkgs.git = {
ref = "origin/nixos-22.11";
url = https://github.com/NixOS/nixpkgs;
};
home-manager.git = {
ref = "origin/release-22.11";
url = https://github.com/nix-community/home-manager;
};
nixos-config.file = toString ./ipad-dev/configuration.nix;
"hardware.nix".file = toString ./ipad-dev/hardware.nix;
nixos-config.file = toString ./oracle-gitea-runner/configuration.nix;
"hardware.nix".file = toString ./oracle-gitea-runner/hardware.nix;
}
];
@ -69,13 +57,9 @@ let
];
in {
dev-vm = pkgs.krops.writeDeploy "dev-vm" {
source = dev-vm-source;
target = "root@192.168.50.126";
};
ipad-dev = pkgs.krops.writeDeploy "ipad-dev" {
source = ipad-dev-source;
target = "root@143.47.234.244";
oracle-gitea-runner = pkgs.krops.writeDeploy "oracle-gitea-runner" {
source = oracle-gitea-runner-source;
target = "root@130.162.169.74";
};
nas = pkgs.krops.writeDeploy "nas" {
source = nas-source;

2
krops/nas/configuration.nix
View file

@ -164,7 +164,7 @@
"debian-latest:docker://node:18-bullseye"
];
url = "https://vancouver.scorpion-ghost.ts.net/git";
token = "umdEZsMnkLDeoOUl9ND2bfbA4RtLDEYnX0W0Sdx6";
token = "";
};
};
};

58
krops/oracle-gitea-runner/configuration.nix Normal file
View file

@ -0,0 +1,58 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware.nix
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
networking.hostName = "gitea-arm-runner";
networking.domain = "gmem.ca";
environment.systemPackages = with pkgs; [
vim
wget
git
htop
tailscale
];
services.gitea-actions-runner = {
instances = {
oracle-arm = {
name = "oracle-arm";
enable = true;
labels = [
"debian-latest-arm:docker://node:18-bullseye"
"arm:host"
];
url = "https://vancouver.scorpion-ghost.ts.net/git";
token = "";
};
};
};
programs.zsh.enable = true;
programs.fish.enable = true;
environment.shells = with pkgs; [ zsh fish ];
users.users = {
root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr"
];
};
virtualisation = {
docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
services.openssh.enable = true;
services.tailscale.enable = true;
system.stateVersion = "23.05";
}

5
krops/ipad-dev/hardware.nix → krops/oracle-gitea-runner/hardware.nix
View file

@ -1,14 +1,15 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
fileSystems."/boot" = { device = "/dev/disk/by-uuid/4D96-3CE6"; fsType = "vfat"; };
fileSystems."/boot/efi" = { device = "/dev/disk/by-uuid/CC2E-AEC0"; fsType = "vfat"; };
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
fileSystems."/" = { device = "/dev/mapper/ocivolume-root"; fsType = "xfs"; };
}