crans
/
nixos
mirror of https://gitlab.crans.org/nounous/nixos
19
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'refactor-host' into 'main' 

Draft: Refactor repo avec un fichier host

See merge request nounous/nixos!44
merge-requests/44/merge
lzebulon 2025-12-31 11:00:49 +01:00
parent 0922bbd0d6 e1fd5d8406
commit 902fe44d82
3 changed files with 203 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
flake.nix
View File

@ -19,12 +19,11 @@
};
outputs =
inputs@{
self,
nixpkgs,
flake-parts,
agenix,
...
inputs@{ self
, nixpkgs
, flake-parts
, agenix
, ...
}:
flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ inputs.treefmt-nix.flakeModule ];
@ -38,63 +37,30 @@
./modules
agenix.nixosModules.default
];
hosts = import ./hosts.nix;
in
{
apprentix = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/apprentix ] ++ baseModules;
};
jitsi = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/jitsi ] ++ baseModules;
};
livre = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/livre ] ++ baseModules;
};
neo = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/neo ] ++ baseModules;
};
nextcloud = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/nextcloud ] ++ baseModules;
};
periodique = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/periodique ] ++ baseModules;
};
redite = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/redite ] ++ baseModules;
};
reverseproxy = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/reverseproxy ] ++ baseModules;
};
thot = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/physiques/thot ] ++ baseModules;
};
two = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/two ] ++ baseModules;
};
vaultwarden = nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/vaultwarden ] ++ baseModules;
};
};
# Physiques
(mapAttrs
(name: value:
nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/physiques/${name} ] ++ baseModules;
}
)
# Filtre que c'est bien une machine Nixos
(filterAttrs (n: v: !(attrByPath [ "is_debian" ] false v)) hosts.physiques)
) //
# VMs
(mapAttrs
(name: value:
nixosSystem {
specialArgs = inputs;
modules = [ ./hosts/vm/${name} ] ++ baseModules;
}
)
# Filtre que c'est bien une machine Nixos
(filterAttrs (n: v: !(attrByPath [ "is_debian" ] false v)) hosts.vms)
);
};
perSystem =

167
hosts.nix 100644
View File

@ -0,0 +1,167 @@
let
adm = 10;
srv = n: 4;
srv-nat = 2;
san = 3;
adh = 42;
in
{
physiques ={
# cephirot = {
# name = "cephirot";
# id = 3;
# vlans = [
# adm
# san
# ];
# serveur_type = ["san"];
# description = ''
# Un serveur avec peut etre un jour ceph
# '';
# public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
# };
thot = {
name = "thot";
id = 14;
vlans = [
adm
san
];
serveur_type = ["backup"];
description = ''
Serveur de backup du Crans, actuellement en SQ39
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
};
vms = {
romanesco = {
name = "romanesco";
is_debian = true;
id = 145;
vlans = [
adm
(adh "185.230.78.252")
(srv "185.230.79.5")
];
description = ''
DNS récursif
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
neo = {
name = "neo";
id = 145;
vlans = [
adm
# pas besoin de spécifier l'ipv6 car elle est construite depuis l'id
(srv "180.230.79.5")
];
description = ''
Matrix du crans, heberge également le bridge IRC <-> Matrix
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
nextcloud = {
id = 146;
vlans = [
adm
san
srv-nat
];
description = ''
NextCloud du Crans
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
apprentix = {
id = 150;
vlans = [
adm
];
description = ''
VM NixOs apprentie
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
jitsi = {
id = 163;
vlans = [
adm
(srv "185.230.79.15")
];
description = ''
Jitsi du crans
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
livre = {
id = 140;
vlans = [
adm
srv-nat
];
description = ''
Stirling PDF
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
periodique = {
id = 118;
vlans = [
adm
srv-nat
];
description = ''
Client matrix web (element)
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
redite = {
id = 139;
vlans = [
adm
srv-nat
];
description = ''
Redite
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
reverseproxy = {
id = 151;
vlans = [
adm
srv-nat
(srv "185.230.79.42")
];
description = ''
NextCloud du Crans
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
two = {
id = 135;
vlans = [
adm
srv-nat
];
description = ''
Une vm de test
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
vaultwarden = {
id = 159;
vlans = [
adm
srv-nat
];
description = ''
Vaultwarden
'';
public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO";
};
};
}

8
variables.nix 100644
View File

@ -0,0 +1,8 @@
let
machines = import ./hosts.nix;
in
{
dns-recursif = machines.vms.romanesco.id;
}