diff --git a/flake.nix b/flake.nix index dd094c2..a65fa86 100644 --- a/flake.nix +++ b/flake.nix @@ -13,9 +13,9 @@ outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }: let - hostName = "nixos-hypervisor"; - system = "x86_64-linux"; - username = "tbarnouin"; + hostName = "nixos-hypervisor"; + system = "x86_64-linux"; + username = "tbarnouin"; in { nixosConfigurations = { @@ -37,12 +37,32 @@ microvm = { autostart = [ "nginx" + "jellyfin" + "redis" + "grafana" + "authentik" ]; vms = { nginx = { flake = self; updateFlake = "git+file:///etc/nixos"; }; + jellyfin = { + flake = self; + updateFlake = "git+file:///etc/nixos"; + }; + redis = { + flake = self; + updateFlake = "git+file:///etc/nixos"; + }; + grafana = { + flake = self; + updateFlake = "git+file:///etc/nixos"; + }; + authentik = { + flake = self; + updateFlake = "git+file:///etc/nixos"; + }; }; }; } @@ -66,10 +86,104 @@ enable = true; }; services.vm = { - enable = true; + enable = true; hostname = "nginx"; - vm_ip = "192.168.122.40"; - macAddr = "02:00:00:00:00:40"; + vm_ip = "192.168.122.40"; + macAddr = "02:00:00:00:00:40"; + }; + } + ]; + }; + redis = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + microvm.nixosModules.microvm + "${inputs.self}/systems" + "${inputs.self}/services" + { + services.vm_redis = { + enable = true; + }; + services.vm = { + enable = true; + hostname = "redis"; + vm_ip = "192.168.1.16"; + macAddr = "02:00:00:00:00:16"; + }; + } + ]; + }; + jellyfin = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + microvm.nixosModules.microvm + "${inputs.self}/systems" + "${inputs.self}/services" + { + services.vm_jellyfin = { + enable = true; + }; + services.vm = { + enable = true; + hostname = "jellyfin"; + vm_ip = "192.168.1.42"; + vm_cpu = 6; + vm_mem = 8192; + macAddr = "02:00:00:00:00:42"; + }; + } + ]; + }; + grafana = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + microvm.nixosModules.microvm + "${inputs.self}/systems" + "${inputs.self}/services" + { + services.vm_grafana = { + enable = true; + proxy_ip = "${proxy_host}"; + }; + services.vm = { + enable = true; + hostname = "grafana"; + vm_ip = "192.168.1.20"; + vm_cpu = 2; + vm_mem = 2048; + macAddr = "02:00:00:00:00:20"; + }; + } + ]; + }; + authentik = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + inputs.authentik-nix.nixosModules.default + { + services.authentik = { + enable = true; + environmentFile = "/run/secrets/authentik/authentik-env"; + settings = { + disable_startup_analytics = true; + avatars = "initials"; + }; + }; + services.vm_authentik = { + enable = true; + }; + } + microvm.nixosModules.microvm + "${inputs.self}/systems" + "${inputs.self}/services" + { + services.vm = { + enable = true; + hostname = "authentik"; + vm_ip = "192.168.1.25"; + vm_cpu = 2; + vm_mem = 2048; + macAddr = "02:00:00:00:00:25"; }; } ];