evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xen builder & rke2 changes

Browse Source
This commit is contained in:
Evan Reichard 2025-03-10 20:47:42 -04:00
parent fe8f75514c
commit 35d27b7607
3 changed files with 62 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
flake.nix
View File

@ -12,7 +12,7 @@
outputs = { self, nixpkgs, disko, nixos-generators }: outputs = { self, nixpkgs, disko, nixos-generators }:
let let
mkSystem = { systemConfig, moduleConfig }: nixpkgs.lib.nixosSystem { mkSystem = { systemConfig ? { }, moduleConfig }: nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
disko.nixosModules.disko disko.nixosModules.disko
@ -44,81 +44,12 @@
}; };
}; };
# RKE2 Primary Server # Nix Builder
lin-va-kube1 = mkSystem { lin-va-nix-builder = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = { moduleConfig = {
hostName = "lin-va-kube1"; hostName = "lin-va-nix-builder";
mainDiskID = "/dev/xvda"; mainDiskID = "/dev/xvda";
enableXenGuest = true;
democraticConfig = {
apiKeyFile = ./_scratch/truenas-api;
sshKeyFile = ./_scratch/truenas-ssh;
};
networkConfig = {
interface = "enX0";
address = "10.0.50.50";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.50.254" ];
};
};
};
# RKE2 Primary Server
lin-va-rke1 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke1";
mainDiskID = "/dev/xvda";
democraticConfig = {
apiKeyFile = ./_scratch/truenas-api;
sshKeyFile = ./_scratch/truenas-ssh;
};
networkConfig = {
interface = "enX0";
address = "10.0.20.201";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
};
};
# RKE2 Second Server
lin-va-rke2 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke2";
mainDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBf55aaccc-688cfd0d";
dataDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBfd391256-6e368424";
serverAddr = "https://10.0.20.201:9345";
networkConfig = {
interface = "enp0s3";
address = "10.0.20.202";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
};
};
# RKE2 Third Server
lin-va-rke3 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke3";
mainDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBe9edacd5-ac4ed4fa";
dataDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBa1fc46d0-19380495";
serverAddr = "https://10.0.20.201:9345";
networkConfig = {
interface = "enp0s3";
address = "10.0.20.203";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
}; };
}; };
}; };

21
hosts/rke2-image.nix
View File

@ -31,10 +31,8 @@
"xen_blkfront" "xen_blkfront"
"xenfs" "xenfs"
# iSCSI & Multipath # iSCSI
"iscsi_tcp" "iscsi_tcp"
"dm_multipath"
"dm_round_robin"
]; ];
}; };
@ -64,6 +62,11 @@
# 51820 # Canal CNI with WireGuard IPv4 (if using encryption) # 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
# 51821 # Canal CNI with WireGuard IPv6 (if using encryption) # 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
]; ];
# Allow Multicast
extraCommands = ''
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
'';
}; };
}; };
@ -77,18 +80,6 @@
name = "iqn.2025.placeholder:initiator"; # Overridden @ Runtime name = "iqn.2025.placeholder:initiator"; # Overridden @ Runtime
}; };
# Enable Multipath
multipath = {
enable = true;
defaults = ''
defaults {
user_friendly_names yes
find_multipaths yes
}
'';
pathGroups = [ ];
};
# Cloud Init # Cloud Init
cloud-init = { cloud-init = {
enable = true; enable = true;

23
lib/common-system.nix
View File

@ -6,9 +6,15 @@
type = lib.types.str; type = lib.types.str;
description = "The node hostname"; description = "The node hostname";
}; };
enableXenGuest = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable Xen guest support";
};
}; };
config = { config = lib.mkMerge [
{
# Basic System # Basic System
system.stateVersion = "24.11"; system.stateVersion = "24.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
@ -39,5 +45,18 @@
]; ];
hashedPassword = null; hashedPassword = null;
}; };
}; }
(lib.mkIf config.enableXenGuest {
services.xe-guest-utilities.enable = true;
boot.initrd = {
availableKernelModules = [ "xen_blkfront" "xen_netfront" ];
kernelModules = [ "xen_netfront" "xen_blkfront" ];
supportedFilesystems = [ "ext4" "xenfs" ];
};
boot.kernelModules = [ "xen_netfront" "xen_blkfront" "xenfs" ];
})
];
} }