From fbed2265ddc6e82abde9964333f992449e895fff Mon Sep 17 00:00:00 2001 From: Kaare Hoff Skovgaard Date: Tue, 8 Jul 2025 16:33:18 +0200 Subject: [PATCH] Begin getting unifi/openstack setup working Now I can create an instance, get NixOS on it, with working IPv6 connectivity --- nix/lib/dirs-in-path/default.nix | 10 ++++++++++ nix/modules/nixos/hetzner/default.nix | 2 +- nix/modules/nixos/infrastructure/default.nix | 1 + .../{ => infrastructure}/hetzner-instance/default.nix | 6 +++--- .../khs-openstack-instance/default.nix | 6 +++--- .../{ => infrastructure}/provisioning/default.nix | 8 ++++---- nix/modules/nixos/openstack/default.nix | 2 +- nix/modules/nixos/services/default.nix | 8 ++++++++ nix/modules/nixos/virtualisation/default.nix | 10 ++++++++++ .../nixos/{ => virtualisation}/qemu-guest/default.nix | 4 ++-- nix/packages/nixos-install/default.nix | 2 +- nix/packages/pre-provisioning/default.nix | 2 +- nix/systems/aarch64-linux/khs.codes/default.nix | 2 +- .../x86_64-linux/test.kaareskovgaard.net/default.nix | 2 +- 14 files changed, 47 insertions(+), 18 deletions(-) create mode 100644 nix/lib/dirs-in-path/default.nix create mode 100644 nix/modules/nixos/infrastructure/default.nix rename nix/modules/nixos/{ => infrastructure}/hetzner-instance/default.nix (97%) rename nix/modules/nixos/{ => infrastructure}/khs-openstack-instance/default.nix (97%) rename nix/modules/nixos/{ => infrastructure}/provisioning/default.nix (89%) create mode 100644 nix/modules/nixos/services/default.nix create mode 100644 nix/modules/nixos/virtualisation/default.nix rename nix/modules/nixos/{ => virtualisation}/qemu-guest/default.nix (70%) diff --git a/nix/lib/dirs-in-path/default.nix b/nix/lib/dirs-in-path/default.nix new file mode 100644 index 0000000..6e98d45 --- /dev/null +++ b/nix/lib/dirs-in-path/default.nix @@ -0,0 +1,10 @@ +{ lib, ... }: +{ + dirsInPath = + path: + let + files = builtins.readDir path; + dirs = lib.filterAttrs (name: kind: kind == "directory") files; + in + lib.lists.map (n: "${path}/${n}") (lib.attrNames dirs); +} diff --git a/nix/modules/nixos/hetzner/default.nix b/nix/modules/nixos/hetzner/default.nix index 8b4386d..a3c45cb 100644 --- a/nix/modules/nixos/hetzner/default.nix +++ b/nix/modules/nixos/hetzner/default.nix @@ -34,7 +34,7 @@ in boot.kernelParams = lib.mkIf (system == "aarch64-linux") [ "console=tty" ]; zramSwap.enable = lib.mkDefault true; khscodes.systemd-boot.enable = lib.mkDefault true; - khscodes.qemu-guest.enable = true; + khscodes.virtualisation.qemu-guest.enable = true; networking = { useDHCP = false; useNetworkd = false; diff --git a/nix/modules/nixos/infrastructure/default.nix b/nix/modules/nixos/infrastructure/default.nix new file mode 100644 index 0000000..c915eb0 --- /dev/null +++ b/nix/modules/nixos/infrastructure/default.nix @@ -0,0 +1 @@ +{ ... }: { } diff --git a/nix/modules/nixos/hetzner-instance/default.nix b/nix/modules/nixos/infrastructure/hetzner-instance/default.nix similarity index 97% rename from nix/modules/nixos/hetzner-instance/default.nix rename to nix/modules/nixos/infrastructure/hetzner-instance/default.nix index e9a1e72..27f9670 100644 --- a/nix/modules/nixos/hetzner-instance/default.nix +++ b/nix/modules/nixos/infrastructure/hetzner-instance/default.nix @@ -5,7 +5,7 @@ ... }: let - cfg = config.khscodes.hetzner-instance; + cfg = config.khscodes.infrastructure.hetzner-instance; fqdn = config.khscodes.fqdn; firewallTcpRules = lib.lists.map (p: { direction = "in"; @@ -47,7 +47,7 @@ let lib.strings.removePrefix "${builtins.head split}." fqdn; in { - options.khscodes.hetzner-instance = { + options.khscodes.infrastructure.hetzner-instance = { enable = lib.mkEnableOption "enables generating a opentofu config"; dnsNames = lib.mkOption { type = lib.types.listOf lib.types.str; @@ -210,7 +210,7 @@ in } ]; - khscodes.provisioning.pre = { + khscodes.infrastructure.provisioning.pre = { modules = modules; secretsSource = cfg.secretsSource; endpoints = [ diff --git a/nix/modules/nixos/khs-openstack-instance/default.nix b/nix/modules/nixos/infrastructure/khs-openstack-instance/default.nix similarity index 97% rename from nix/modules/nixos/khs-openstack-instance/default.nix rename to nix/modules/nixos/infrastructure/khs-openstack-instance/default.nix index 97ba09b..110b669 100644 --- a/nix/modules/nixos/khs-openstack-instance/default.nix +++ b/nix/modules/nixos/infrastructure/khs-openstack-instance/default.nix @@ -5,7 +5,7 @@ ... }: let - cfg = config.khscodes.khs-openstack-instance; + cfg = config.khscodes.infrastructure.khs-openstack-instance; fqdn = config.khscodes.fqdn; firewallTcpRules = lib.lists.flatten ( lib.lists.map (p: [ @@ -69,7 +69,7 @@ let lib.strings.removePrefix "${builtins.head split}." fqdn; in { - options.khscodes.khs-openstack-instance = { + options.khscodes.infrastructure.khs-openstack-instance = { enable = lib.mkEnableOption "enables generating a opentofu config for khs openstack instance"; dnsNames = lib.mkOption { type = lib.types.listOf lib.types.str; @@ -237,7 +237,7 @@ in } ]; - khscodes.provisioning = { + khscodes.infrastructure.provisioning = { pre = { modules = modules; secretsSource = cfg.secretsSource; diff --git a/nix/modules/nixos/provisioning/default.nix b/nix/modules/nixos/infrastructure/provisioning/default.nix similarity index 89% rename from nix/modules/nixos/provisioning/default.nix rename to nix/modules/nixos/infrastructure/provisioning/default.nix index ef3a437..afb8c28 100644 --- a/nix/modules/nixos/provisioning/default.nix +++ b/nix/modules/nixos/infrastructure/provisioning/default.nix @@ -6,7 +6,7 @@ ... }: let - cfg = config.khscodes.provisioning; + cfg = config.khscodes.infrastructure.provisioning; provisioning = { modules = lib.mkOption { type = lib.types.listOf lib.types.anything; @@ -37,7 +37,7 @@ let }; in { - options.khscodes.provisioning = { + options.khscodes.infrastructure.provisioning = { pre = provisioning; post = provisioning; preConfig = lib.mkOption { @@ -56,7 +56,7 @@ in }; config = { - khscodes.provisioning.preConfig = + khscodes.infrastructure.provisioning.preConfig = if lib.lists.length cfg.pre.modules > 0 then inputs.terranix.lib.terranixConfiguration { system = pkgs.hostPlatform.system; @@ -64,7 +64,7 @@ in } else null; - khscodes.provisioning.postConfig = + khscodes.infrastructure.provisioning.postConfig = if lib.lists.length cfg.post.modules > 0 then inputs.terranix.lib.terranixConfiguration { system = pkgs.hostPlatform.system; diff --git a/nix/modules/nixos/openstack/default.nix b/nix/modules/nixos/openstack/default.nix index d34d9f5..d372a03 100644 --- a/nix/modules/nixos/openstack/default.nix +++ b/nix/modules/nixos/openstack/default.nix @@ -22,6 +22,6 @@ in }; boot.loader.grub.efiSupport = false; boot.loader.timeout = 1; - khscodes.qemu-guest.enable = true; + khscodes.virtualisation.qemu-guest.enable = true; }; } diff --git a/nix/modules/nixos/services/default.nix b/nix/modules/nixos/services/default.nix new file mode 100644 index 0000000..0e9f32f --- /dev/null +++ b/nix/modules/nixos/services/default.nix @@ -0,0 +1,8 @@ +{ ... }: +{ } +# let +# modules = lib.khscodes.dirsInPath ./.; +# in +# { +# imports = lib.lists.map (d: import d args) modules; +# } diff --git a/nix/modules/nixos/virtualisation/default.nix b/nix/modules/nixos/virtualisation/default.nix new file mode 100644 index 0000000..7817ed4 --- /dev/null +++ b/nix/modules/nixos/virtualisation/default.nix @@ -0,0 +1,10 @@ +# TODO: Why is this needed just for this directory? +# In the other directories this will create the modules twice. +# Perhaps because there's only a single sub directory here? +args@{ lib, ... }: +let + modules = lib.khscodes.dirsInPath ./.; +in +{ + imports = lib.lists.map (d: import d args) modules; +} diff --git a/nix/modules/nixos/qemu-guest/default.nix b/nix/modules/nixos/virtualisation/qemu-guest/default.nix similarity index 70% rename from nix/modules/nixos/qemu-guest/default.nix rename to nix/modules/nixos/virtualisation/qemu-guest/default.nix index 5f906a0..a902f0e 100644 --- a/nix/modules/nixos/qemu-guest/default.nix +++ b/nix/modules/nixos/virtualisation/qemu-guest/default.nix @@ -5,10 +5,10 @@ ... }: let - cfg = config.khscodes.qemu-guest; + cfg = config.khscodes.virtualisation.qemu-guest; in { - options.khscodes.qemu-guest = { + options.khscodes.virtualisation.qemu-guest = { enable = lib.mkEnableOption "Configures machine with NixOS profile for qemu guest"; }; diff --git a/nix/packages/nixos-install/default.nix b/nix/packages/nixos-install/default.nix index 692f209..7edf965 100644 --- a/nix/packages/nixos-install/default.nix +++ b/nix/packages/nixos-install/default.nix @@ -15,7 +15,7 @@ pkgs.writeShellApplication { nix build --no-link '${inputs.self}#nixosConfigurations."'"$hostname"'".config.system.build.toplevel' # Allow overriding the host to connec tto, this is useful when testing and the DNS entries are stale with older IPs. host="''${2:-$1}" - baseAttr='${inputs.self}#nixosConfigurations."'"$hostname"'".config.khscodes.provisioning' + baseAttr='${inputs.self}#nixosConfigurations."'"$hostname"'".config.khscodes.infrastructure.provisioning' config="$(nix build --no-link --print-out-paths "''${baseAttr}.preConfig")" username="$(nix eval --raw "''${baseAttr}.preImageUsername")" if [[ "$config" == "null" ]]; then diff --git a/nix/packages/pre-provisioning/default.nix b/nix/packages/pre-provisioning/default.nix index bfb86a3..04232a1 100644 --- a/nix/packages/pre-provisioning/default.nix +++ b/nix/packages/pre-provisioning/default.nix @@ -15,7 +15,7 @@ pkgs.writeShellApplication { text = '' hostname="$1" cmd="''${2:-apply}" - baseAttr='${inputs.self}#nixosConfigurations."'"$hostname"'".config.khscodes.provisioning' + baseAttr='${inputs.self}#nixosConfigurations."'"$hostname"'".config.khscodes.infrastructue.provisioning' config="$(nix build --no-link --print-out-paths "''${baseAttr}.preConfig")" secretsSource="$(nix eval --raw "''${baseAttr}.pre.secretsSource")" endpoints="$(nix eval --json "''${baseAttr}.pre.endpoints")" diff --git a/nix/systems/aarch64-linux/khs.codes/default.nix b/nix/systems/aarch64-linux/khs.codes/default.nix index d4c65e4..0d8a456 100644 --- a/nix/systems/aarch64-linux/khs.codes/default.nix +++ b/nix/systems/aarch64-linux/khs.codes/default.nix @@ -4,7 +4,7 @@ }: { imports = [ "${inputs.self}/nix/profiles/hetzner-server.nix" ]; - khscodes.hetzner-instance = { + khscodes.infrastructure.hetzner-instance = { enable = true; mapRdns = true; server_type = "cax11"; diff --git a/nix/systems/x86_64-linux/test.kaareskovgaard.net/default.nix b/nix/systems/x86_64-linux/test.kaareskovgaard.net/default.nix index d27477f..ddfcb62 100644 --- a/nix/systems/x86_64-linux/test.kaareskovgaard.net/default.nix +++ b/nix/systems/x86_64-linux/test.kaareskovgaard.net/default.nix @@ -4,7 +4,7 @@ }: { imports = [ "${inputs.self}/nix/profiles/khs-openstack-server.nix" ]; - khscodes.khs-openstack-instance = { + khscodes.infrastructure.khs-openstack-instance = { enable = true; flavor = "m.medium"; secretsSource = "vault";