From cfe20fe39bd2006a9bd13ee44ce927ed9ce91287 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Krop=C3=A1=C4=8Dek?= Date: Fri, 10 Jan 2025 23:11:21 +0100 Subject: [PATCH] added some nodes --- .envrc | 1 + flake.nix | 24 +++++++++-- hosts/node0/default.nix | 22 ++++++++++ hosts/node1/default.nix | 22 ++++++++++ hosts/node2/default.nix | 22 ++++++++++ lib.nix | 13 +++++- nixosModules/networking/default.nix | 4 ++ nixosModules/services/default.nix | 1 + nixosModules/services/k3s/default.nix | 58 +++++++++++++++++++++++++++ 9 files changed, 163 insertions(+), 4 deletions(-) create mode 100644 .envrc create mode 100644 hosts/node0/default.nix create mode 100644 hosts/node1/default.nix create mode 100644 hosts/node2/default.nix create mode 100644 nixosModules/services/k3s/default.nix diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/flake.nix b/flake.nix index e048442..d865005 100644 --- a/flake.nix +++ b/flake.nix @@ -31,13 +31,31 @@ bootstrap = kclib.mkHost { name = "bootstrap"; }; - etcd0 = kclib.mkHost { - name = "etcd0"; - }; hydra = kclib.mkHost { name = "hydra"; }; + node0 = kclib.mkHost { + name = "node0"; + }; + node1 = kclib.mkHost { + name = "node1"; + }; + node2 = kclib.mkHost { + name = "node2"; + }; }; formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; + devShells.x86_64-linux.default = + let + pkgs = import nixpkgs { + system = "x86_64-linux"; + allowUnfree = true; + }; + in + pkgs.mkShellNoCC { + packages = with pkgs; [ + cfssl + ]; + }; }; } diff --git a/hosts/node0/default.nix b/hosts/node0/default.nix new file mode 100644 index 0000000..aa4c27c --- /dev/null +++ b/hosts/node0/default.nix @@ -0,0 +1,22 @@ +{ ... }: +{ + kropcloud = + let + serverIp = "192.168.1.170"; + in + { + services = { + k3s = { + enable = true; + isMaster = true; + }; + }; + networking = { + ipv4 = { + address = serverIp; + prefixLength = 24; + defaultGateway = "192.168.1.1"; + }; + }; + }; +} diff --git a/hosts/node1/default.nix b/hosts/node1/default.nix new file mode 100644 index 0000000..6d37b63 --- /dev/null +++ b/hosts/node1/default.nix @@ -0,0 +1,22 @@ +{ ... }: +{ + kropcloud = + let + serverIp = "192.168.1.171"; + in + { + services = { + k3s = { + enable = true; + master = "node0"; + }; + }; + networking = { + ipv4 = { + address = serverIp; + prefixLength = 24; + defaultGateway = "192.168.1.1"; + }; + }; + }; +} diff --git a/hosts/node2/default.nix b/hosts/node2/default.nix new file mode 100644 index 0000000..f4119f1 --- /dev/null +++ b/hosts/node2/default.nix @@ -0,0 +1,22 @@ +{ ... }: +{ + kropcloud = + let + serverIp = "192.168.1.172"; + in + { + services = { + k3s = { + enable = true; + master = "node0"; + }; + }; + networking = { + ipv4 = { + address = serverIp; + prefixLength = 24; + defaultGateway = "192.168.1.1"; + }; + }; + }; +} diff --git a/lib.nix b/lib.nix index 8c55d24..3a31c0a 100644 --- a/lib.nix +++ b/lib.nix @@ -6,12 +6,13 @@ { name, arch ? "x86_64-linux", + config_name ? name, }: inputs.nixpkgs.lib.nixosSystem { system = arch; modules = [ ./hosts/base - ./hosts/${name} + ./hosts/${config_name} ./nixosModules ( { ... }: @@ -28,4 +29,14 @@ inherit inputs; }; }; + # TODO: this will actually be nice, so I can see IPs in main flake.nix, + # but also dont have three directories with only default.nix in it + # mkK3Snode = { + # name_prefix, + # id, + # ip + # }: mkHost { + # name = "${name_prefix}-${id}"; + # config_name = "k3snode"; + # }; } diff --git a/nixosModules/networking/default.nix b/nixosModules/networking/default.nix index aa1878c..d52c704 100644 --- a/nixosModules/networking/default.nix +++ b/nixosModules/networking/default.nix @@ -49,6 +49,10 @@ in } ]; + services.avahi = { + enable = true; + }; + networking = { nftables.enable = true; firewall = { diff --git a/nixosModules/services/default.nix b/nixosModules/services/default.nix index edad497..5a9d92d 100644 --- a/nixosModules/services/default.nix +++ b/nixosModules/services/default.nix @@ -4,5 +4,6 @@ ./ssh ./tailscale ./hydra + ./k3s ]; } diff --git a/nixosModules/services/k3s/default.nix b/nixosModules/services/k3s/default.nix new file mode 100644 index 0000000..ff242bf --- /dev/null +++ b/nixosModules/services/k3s/default.nix @@ -0,0 +1,58 @@ +{ + config, + lib, + ... +}: +let + cfg = config.kropcloud.services.k3s; +in +{ + options.kropcloud.services.k3s = { + enable = lib.mkEnableOption "Whence to enable k3s service."; + isMaster = lib.mkEnableOption "Whence to configure k3s as master."; + master = lib.mkOption { + type = with lib.types; nullOr str; + default = null; + example = "node0"; + description = "The master node to connect to"; + }; + }; + config = lib.mkIf cfg.enable { + + assertions = [ + { + assertion = (!cfg.isMaster && cfg.master == null); + message = '' + You need to provide a valid value for `master` in `kropcloud.services.k3s` + when `isMaster` is not set. + ''; + } + ]; + + age.secrets.k3stoken.file = ../../secrets/k3stoken.age; + + services.k3s = { + enable = true; + role = "server"; + tokenFile = config.age.secrets.k3stoken.path; + extraFlags = toString ( + [ + "--write-kubeconfig-mode \"0644\"" + "--cluster-init" + "--disable servicelb" + "--disable traefik" + "--disable local-storage" + ] + ++ ( + if cfg.isMaster && cfg.master != null then + [ ] + else + [ + "--server https://${cfg.master}:6443" + ] + ) + ); + clusterInit = cfg.isMaster; + }; + }; +}