depot/ops/nixos/bvm-nixosmgmt/default.nix

# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ depot, lib, pkgs, ... }:
{
  imports = [
    ../lib/bvm.nix
    ../../../nix/pkgs/rundeck-bin/module.nix
  ];

  # Networking!
  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
  boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
  networking = {
    hostName = "bvm-nixosmgmt";
    hostId = "49b0fbc7";

    interfaces.enp1s0 = {
      ipv4.addresses = [{ address = "10.100.0.200"; prefixLength = 23; }];
    };
    interfaces.enp6s0 = {
      ipv4.addresses = [{ address = "92.118.28.5"; prefixLength = 24; }];
      ipv6.addresses = [{ address = "2a09:a441::5"; prefixLength = 32; }];
    };
    defaultGateway = { address = "92.118.28.1"; interface = "enp6s0"; };
    defaultGateway6 = { address = "2a09:a441::1"; interface = "enp6s0"; };
  };
  my.ip.tailscale = "100.65.226.19";

  services.rundeck = {
    enable = true;
    user = "deployer";
    pathPackages = with pkgs; [
      depot.nix.pkgs.mercurial
      openssh
      nix
    ];
  };

  environment.etc."rundeck.nodes.yaml" = let
    content = builtins.mapAttrs (name: value: {
      nodename = name;
      hostname = value.config.my.rundeck.hostname;
      tags = lib.concatStringsSep "," value.config.my.rundeck.tags;
      username = "deployer";
      osFamily = "unix";
      osName = "Linux";
    }) (lib.filterAttrs
      (name: value: value.config.my.rundeck.expectedOnline)
      depot.ops.nixos.systemConfigs
    );
  in {
    text = builtins.toJSON content;
  };

  system.stateVersion = "21.05";
}
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>`
			`#`
			`# SPDX-License-Identifier: Apache-2.0`

add mercurial to rundeck path 2021-04-10 22:17:28 +00:00			`{ depot, lib, pkgs, ... }:`
bvm-nixosmgmt: condense down and abstract out 2021-03-28 12:26:11 +00:00			`{`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`imports = [`
bvm-nixosmgmt: condense down and abstract out 2021-03-28 12:26:11 +00:00			`../lib/bvm.nix`
bvm-nixosmgmt: add rundeck 2021-04-10 17:20:35 +00:00			`../../../nix/pkgs/rundeck-bin/module.nix`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`];`

			`# Networking!`
bvm-nixosmgmt: enable forwarding 2021-07-17 08:41:34 +00:00			`boot.kernel.sysctl."net.ipv4.ip_forward" = 1;`
			`boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`networking = {`
bvm-nixosmgmt: actually change the hostname 2021-03-28 02:04:41 +00:00			`hostName = "bvm-nixosmgmt";`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`hostId = "49b0fbc7";`

			`interfaces.enp1s0 = {`
			`ipv4.addresses = [{ address = "10.100.0.200"; prefixLength = 23; }];`
			`};`
bvm-nixosmgmt: allocate .5 2021-05-09 10:26:34 +00:00			`interfaces.enp6s0 = {`
			`ipv4.addresses = [{ address = "92.118.28.5"; prefixLength = 24; }];`
			`ipv6.addresses = [{ address = "2a09:a441::5"; prefixLength = 32; }];`
			`};`
			`defaultGateway = { address = "92.118.28.1"; interface = "enp6s0"; };`
			`defaultGateway6 = { address = "2a09:a441::1"; interface = "enp6s0"; };`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`};`
ops/nixos: init bvm-{twitterchiver,prosody,ipfs} 2021-03-28 13:10:27 +00:00			`my.ip.tailscale = "100.65.226.19";`
nixos-mgmt: init 2021-03-19 20:28:24 +00:00
add mercurial to rundeck path 2021-04-10 22:17:28 +00:00			`services.rundeck = {`
			`enable = true;`
			`user = "deployer";`
			`pathPackages = with pkgs; [`
			`depot.nix.pkgs.mercurial`
bvm-nixosmgmt: add openssh to path 2021-04-10 22:35:53 +00:00			`openssh`
bvm-nixosmgmt: add nix to rundeck 2021-04-10 23:12:24 +00:00			`nix`
add mercurial to rundeck path 2021-04-10 22:17:28 +00:00			`];`
			`};`
bvm-nixosmgmt: add rundeck 2021-04-10 17:20:35 +00:00
ops/nixos: set up things for generating rundeck nodes 2021-04-10 19:59:56 +00:00			`environment.etc."rundeck.nodes.yaml" = let`
			`content = builtins.mapAttrs (name: value: {`
			`nodename = name;`
ops/nixos: tidy up hostnames 2021-04-10 20:15:30 +00:00			`hostname = value.config.my.rundeck.hostname;`
ops/nixos: set up things for generating rundeck nodes 2021-04-10 19:59:56 +00:00			`tags = lib.concatStringsSep "," value.config.my.rundeck.tags;`
			`username = "deployer";`
			`osFamily = "unix";`
			`osName = "Linux";`
			`}) (lib.filterAttrs`
			`(name: value: value.config.my.rundeck.expectedOnline)`
			`depot.ops.nixos.systemConfigs`
			`);`
			`in {`
			`text = builtins.toJSON content;`
			`};`

nixos-mgmt: init 2021-03-19 20:28:24 +00:00			`system.stateVersion = "21.05";`
			`}`