nixos-hypervisor/flake.nix

266 lines
7.6 KiB
Nix
Raw Normal View History

2024-09-09 10:48:56 +02:00
{
description = "A simple system flake using some Aux defaults";
2024-09-25 12:56:59 +02:00
nixConfig = {
extra-substituters = [
"https://nix-community.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
2024-09-09 10:48:56 +02:00
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
home-manager = {
url = "github:nix-community/home-manager/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
};
microvm.url = "github:astro/microvm.nix";
microvm.inputs.nixpkgs.follows = "nixpkgs";
2024-09-13 10:32:18 +02:00
authentik-nix.url = "github:nix-community/authentik-nix";
2024-09-09 10:48:56 +02:00
};
2024-09-09 14:30:03 +02:00
outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }:
2024-09-09 10:48:56 +02:00
let
2024-09-10 14:40:56 +02:00
system = "x86_64-linux";
username = "tbarnouin";
2024-09-13 10:32:18 +02:00
proxy_host = "192.168.1.40";
2024-09-09 10:48:56 +02:00
in
{
nixosConfigurations = {
2024-09-17 18:24:38 +02:00
nixmox-curiosity = nixpkgs.lib.nixosSystem {
2024-09-09 10:48:56 +02:00
inherit system;
modules = [
2024-09-17 18:24:38 +02:00
./hosts/nixmox-curiosity/configuration.nix
2024-09-09 10:48:56 +02:00
{
2024-09-17 18:24:38 +02:00
networking.hostName = "nixmox-curiosity";
2024-09-09 10:48:56 +02:00
}
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
2024-09-17 18:24:38 +02:00
home-manager.users.${username} = import ./hosts/nixmox-curiosity/home.nix;
2024-09-09 10:48:56 +02:00
}
microvm.nixosModules.host
{
2024-09-09 15:19:57 +02:00
microvm = {
2024-09-09 10:48:56 +02:00
autostart = [
"nginx"
2024-09-10 14:40:56 +02:00
"redis"
"grafana"
"authentik"
2024-09-09 10:48:56 +02:00
];
vms = {
2024-09-09 15:19:57 +02:00
nginx = {
2024-09-09 10:48:56 +02:00
flake = self;
updateFlake = "git+file:///etc/nixos";
};
2024-09-10 14:40:56 +02:00
redis = {
flake = self;
updateFlake = "git+file:///etc/nixos";
};
grafana = {
flake = self;
updateFlake = "git+file:///etc/nixos";
};
authentik = {
flake = self;
updateFlake = "git+file:///etc/nixos";
};
2024-09-09 10:48:56 +02:00
};
};
}
];
2024-09-09 15:19:57 +02:00
2024-09-09 10:48:56 +02:00
specialArgs = {
inherit inputs;
inherit username;
2024-09-17 14:48:19 +02:00
inherit proxy_host;
inherit system;
};
};
2024-09-17 18:24:38 +02:00
nixmox-perseverance = nixpkgs.lib.nixosSystem {
2024-09-17 14:48:19 +02:00
inherit system;
modules = [
2024-09-17 18:24:38 +02:00
./hosts/nixmox-perseverance/configuration.nix
2024-09-17 14:48:19 +02:00
{
2024-09-17 18:24:38 +02:00
networking.hostName = "nixmox-perseverance";
2024-09-17 14:48:19 +02:00
}
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
2024-09-17 18:24:38 +02:00
home-manager.users.${username} = import ./hosts/nixmox-perseverance/home.nix;
2024-09-17 14:48:19 +02:00
}
microvm.nixosModules.host
{
microvm = {
autostart = [
2024-09-24 16:05:59 +02:00
"netbox"
2024-09-17 14:48:19 +02:00
];
vms = {
2024-09-24 16:05:59 +02:00
netbox = {
2024-09-17 14:48:19 +02:00
flake = self;
updateFlake = "git+file:///etc/nixos";
};
};
};
}
];
specialArgs = {
inherit inputs;
inherit username;
2024-09-13 10:32:18 +02:00
inherit proxy_host;
2024-09-10 10:51:57 +02:00
inherit system;
2024-09-09 10:48:56 +02:00
};
};
nginx = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_nginx = {
enable = true;
};
services.vm = {
2024-09-10 14:40:56 +02:00
enable = true;
2024-09-09 10:48:56 +02:00
hostname = "nginx";
2024-09-13 11:21:49 +02:00
vm_ip = "192.168.1.40";
2024-09-10 14:40:56 +02:00
macAddr = "02:00:00:00:00:40";
};
}
];
};
2024-09-17 14:48:19 +02:00
jellyfin = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_jellyfin = {
enable = true;
};
services.vm = {
enable = true;
hostname = "jellyfin";
vm_ip = "192.168.1.42";
vm_cpu = 4;
vm_mem = 8192;
macAddr = "02:00:00:00:00:42";
};
}
];
};
2024-09-10 14:40:56 +02:00
redis = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_redis = {
enable = true;
};
services.vm = {
enable = true;
hostname = "redis";
vm_ip = "192.168.1.16";
macAddr = "02:00:00:00:00:16";
};
}
];
};
grafana = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_grafana = {
enable = true;
2024-09-13 11:21:49 +02:00
proxy_ip = "192.168.1.40";
2024-09-10 14:40:56 +02:00
};
services.vm = {
enable = true;
hostname = "grafana";
vm_ip = "192.168.1.20";
vm_cpu = 2;
vm_mem = 2048;
macAddr = "02:00:00:00:00:20";
};
}
];
};
2024-09-24 16:05:59 +02:00
netbox = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_netbox = {
enable = true;
};
services.vm = {
enable = true;
hostname = "netbox";
vm_ip = "192.168.1.45";
vm_cpu = 2;
vm_mem = 2048;
macAddr = "02:00:00:00:00:45";
};
}
];
};
2024-09-10 14:40:56 +02:00
authentik = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
inputs.authentik-nix.nixosModules.default
{
services.authentik = {
enable = true;
environmentFile = "/run/secrets/authentik/authentik-env";
settings = {
disable_startup_analytics = true;
avatars = "initials";
};
};
services.vm_authentik = {
enable = true;
};
}
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
2024-09-25 12:56:59 +02:00
microvm = {
volumes = [
{
mountPoint = "/media";
image = "/var/lib/microvms/authentik/media.img";
size = 2048;
}
];
};
2024-09-10 14:40:56 +02:00
services.vm = {
enable = true;
hostname = "authentik";
vm_ip = "192.168.1.25";
vm_cpu = 2;
vm_mem = 2048;
macAddr = "02:00:00:00:00:25";
2024-09-09 10:48:56 +02:00
};
}
];
};
};
};
}