caperren/nixos-configs
1
0
Fork 0
mirror of https://github.com/caperren/nixos-configs.git synced 2025-12-31 03:24:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: caperren:a3837016aecd8efce411f83a967af85d1c0acca0
Branches Tags
caperren:main caperren:working-branch caperren:cluster-config caperren:sops-testing
..
compare: caperren:cluster-config
Branches Tags
caperren:working-branch caperren:main caperren:cluster-config caperren:sops-testing

12 Commits
a3837016ae ... cluster-co

Author SHA1 Message Date
Corwin Perren
5741ad3201 Added saleae logic analyzer udev rules 2025-12-14 22:37:46 -08:00
Corwin Perren
0124960481 Added saleae logic analyzer 2025-12-14 21:58:34 -08:00
Corwin Perren
3ccb462ae4 Remove lingering comment 2025-12-13 16:36:13 -08:00
Corwin Perren
4b886de443 Merge pull request #24 from caperren/working-branch 
Remove home-manager ssh config for now due to bad default permissions
 2025-12-13 16:35:03 -08:00
Corwin Perren
6d8ec5e01c Remove home-manager ssh config for now 2025-12-13 16:34:13 -08:00
Corwin Perren
4dd1207568 Merge pull request #23 from caperren/sops-testing 
sops-nix functional, and providing encrypted token for test cluster
 2025-12-13 16:22:29 -08:00
Corwin Perren
1fe9c9c9cf Secondaries need to inherit secondary config 2025-12-13 15:56:29 -08:00
Corwin Perren
d72c3d4e56 Re-enable secondaries 2025-12-13 15:28:48 -08:00
Corwin Perren
307cf5108c Re-enable nix rebuild service for cluster 2025-12-13 15:23:24 -08:00
Corwin Perren
b110daed58 Re-enable primary server 2025-12-13 15:09:38 -08:00
Corwin Perren
180d6cf1b0 Reset cluster for change to sops-nix managed token 2025-12-13 15:06:11 -08:00
Corwin Perren
b3fd29faef Fixed home manager inputs, and got sops-nix working for all current hosts 2025-12-13 14:54:15 -08:00
9 changed files with 44 additions and 15 deletions
Expand all files Collapse all files

6
.sops.yaml
View File

@@ -16,6 +16,12 @@ keys:
- &cap_clust_08 age1vujvq5rdzppkkdhkwyhnl6xhuvm8s5yf2wc8ke05m8jwrdwsdf0qfx5w4r - &cap_clust_08 age1vujvq5rdzppkkdhkwyhnl6xhuvm8s5yf2wc8ke05m8jwrdwsdf0qfx5w4r
- &cap_clust_09 age1uyuudfya8etgztlt6hlssr9hkstyyhg65wdq3pj9rud2czzkaqqssg7yvp - &cap_clust_09 age1uyuudfya8etgztlt6hlssr9hkstyyhg65wdq3pj9rud2czzkaqqssg7yvp
creation_rules: creation_rules:
- path_regex: users/caperren/secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *caperren
- *cap_slim7
- *cap_nr200p
- path_regex: secrets/default.yaml$ - path_regex: secrets/default.yaml$
key_groups: key_groups:
- age: - age:

16
flake.nix
View File

@@ -28,6 +28,7 @@
{ {
nixosConfigurations.cap-clust-01 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-01 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-01/configuration.nix ./hosts/cap-clust-01/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -36,6 +37,7 @@
}; };
nixosConfigurations.cap-clust-02 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-02 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-02/configuration.nix ./hosts/cap-clust-02/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -44,6 +46,7 @@
}; };
nixosConfigurations.cap-clust-03 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-03 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-03/configuration.nix ./hosts/cap-clust-03/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -52,6 +55,7 @@
}; };
nixosConfigurations.cap-clust-04 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-04 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-04/configuration.nix ./hosts/cap-clust-04/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -60,6 +64,7 @@
}; };
nixosConfigurations.cap-clust-05 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-05 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-05/configuration.nix ./hosts/cap-clust-05/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -68,6 +73,7 @@
}; };
nixosConfigurations.cap-clust-06 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-06 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-06/configuration.nix ./hosts/cap-clust-06/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -76,6 +82,7 @@
}; };
nixosConfigurations.cap-clust-07 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-07 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-07/configuration.nix ./hosts/cap-clust-07/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -84,6 +91,7 @@
}; };
nixosConfigurations.cap-clust-08 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-08 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-08/configuration.nix ./hosts/cap-clust-08/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -92,6 +100,7 @@
}; };
nixosConfigurations.cap-clust-09 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-clust-09 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-clust-09/configuration.nix ./hosts/cap-clust-09/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -101,9 +110,7 @@
nixosConfigurations.cap-slim7 = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-slim7 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { inherit inputs; };
inherit inputs;
};
modules = [ modules = [
./hosts/cap-slim7/configuration.nix ./hosts/cap-slim7/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
@@ -114,10 +121,11 @@
nixosConfigurations.cap-nr200p = nixpkgs.lib.nixosSystem { nixosConfigurations.cap-nr200p = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/cap-nr200p/configuration.nix ./hosts/cap-nr200p/configuration.nix
sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
sops-nix.nixosModules.sops
]; ];
}; };
}; };

2
hosts/cap-clust-01/configuration.nix
View File

@@ -11,7 +11,5 @@
../../modules/application-groups/k3s-primary.nix ../../modules/application-groups/k3s-primary.nix
]; ];
# sops.secrets.k3s_token.sopsFile = ../../secrets/cluster.yaml;
networking.hostName = "cap-clust-01"; networking.hostName = "cap-clust-01";
} }

2
hosts/cap-clust-03/configuration.nix
View File

@@ -8,7 +8,7 @@
../../modules/host-groups/cluster.nix ../../modules/host-groups/cluster.nix
# Application Groups # Application Groups
../../modules/application-groups/k3s-primary.nix ../../modules/application-groups/k3s-secondary.nix
]; ];
networking.hostName = "cap-clust-03"; networking.hostName = "cap-clust-03";

4
modules/application-groups/k3s-secondary.nix
View File

@@ -1,9 +1,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
sops.secrets.k3s_token.sopsFile = ../../secrets/cluster.yaml;
services.k3s = { services.k3s = {
enable = true; enable = true;
role = "server"; # Or "agent" for worker only nodes role = "server"; # Or "agent" for worker only nodes
token = "forinitialtestingonly"; tokenFile = config.sops.secrets.k3s_token.path;
serverAddr = "https://cap-clust-01:6443"; serverAddr = "https://cap-clust-01:6443";
}; };
} }

11
modules/application-groups/pcb-design.nix
View File

@@ -3,6 +3,17 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
kicad kicad
pcb2gcode pcb2gcode
saleae-logic-2
]; ];
services.udev.extraRules = ''
# Saleae Logic Analyzers
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="0925", ATTR{idProduct}=="3881", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="21a9", ATTR{idProduct}=="1001", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="21a9", ATTR{idProduct}=="1003", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="21a9", ATTR{idProduct}=="1004", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="21a9", ATTR{idProduct}=="1005", MODE="0666"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="21a9", ATTR{idProduct}=="1006", MODE="0666"
'';
} }

4
modules/host-groups/cluster.nix
View File

@@ -8,7 +8,7 @@
# System Configuration # System Configuration
../system/cpu-amd.nix ../system/cpu-amd.nix
../system/fonts.nix ../system/fonts.nix
# ../system/git-auto-rebuild.nix ../system/git-auto-rebuild.nix
../system/gpu-amd.nix ../system/gpu-amd.nix
../system/home-manager-settings.nix ../system/home-manager-settings.nix
../system/internationalization.nix ../system/internationalization.nix
@@ -21,8 +21,6 @@
../application-groups/system-utilities-cluster.nix ../application-groups/system-utilities-cluster.nix
]; ];
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
time.timeZone = "America/Los_Angeles"; time.timeZone = "America/Los_Angeles";
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default

10
modules/system/home-manager-settings.nix
View File

@@ -1,5 +1,11 @@
{ inputs, ... }: { inputs, ... }:
{ {
home-manager.useGlobalPkgs = true; home-manager = {
home-manager.backupFileExtension = "bkp"; useGlobalPkgs = true;
backupFileExtension = "bkp";
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
];
};
} }