feat: NixOS | use LUKS and proper hostname for k3s domain

feat: NixOS | move cluster config to /master fix: update all stuff for office network feat: PiHole | set up DHCP server chore: Cloudflare | delete api token secret chore: remove external-dns annotations from ingressed services fix: PiHole | turn off liveness checks due to host ip fix: GiteaActions | use encrypted storage for runner fix: ElasticSearch | use encrypted volumes for storage fix: Pihole | static mac addresses all caps feat: NixOS | manual network configuration fix: NixOS | k3s cluster init point to static ip with tls-san chore: Postgres | move certificate resources into own file + reduce volume size fix: Pihole | add ingress class name sec: NixOS | remove token from git
2024-10-19 13:15:36 +05:00
parent 38e5e53fd9
commit 0d4f700b89
19 changed files with 280 additions and 191 deletions
--- a/nixos/master/flake.nix
+++ b/nixos/master/flake.nix
@@ -0,0 +1,35 @@
+{
+  description = "Homelab NixOS Flake";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
+    # Disko
+    disko.url = "github:nix-community/disko";
+    disko.inputs.nixpkgs.follows = "nixpkgs";
+  };
+
+  outputs = { self, nixpkgs, disko, ... }@inputs: let
+    nodes = [
+      "homelab-0"
+      "homelab-1"
+      "homelab-2"
+    ];
+  in {
+    nixosConfigurations = builtins.listToAttrs (map (name: {
+	    name = name;
+	    value = nixpkgs.lib.nixosSystem {
+     	    specialArgs = {
+            meta = { hostname = name; };
+          };
+          system = "x86_64-linux";
+          modules = [
+              # Modules
+	            disko.nixosModules.disko
+	            ./hardware-configuration.nix
+	            ./disko-config.nix
+	            ./configuration.nix
+	          ];
+        };
+    }) nodes);
+  };
+}