update various

This commit is contained in:
Evan Reichard 2025-03-12 20:06:03 -04:00
parent 29070dd277
commit 528fcce2d3
7 changed files with 206 additions and 7 deletions

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
.DS_Store
_scratch
result

150
bootstrap.sh Executable file
View File

@ -0,0 +1,150 @@
#!/bin/sh
function cmd_image() {
local usage="Usage: $0 image --name <image-name>"
local name=""
local remote=false
while [[ $# -gt 0 ]]; do
case "$1" in
--name)
name="$2"
shift 2
;;
--remote)
remote=true
shift
;;
*)
echo "$usage"
exit 1
;;
esac
done
if [ -z "$name" ]; then
echo "$usage"
exit 1
fi
# Validate Config Exists
if ! nix eval --json --impure \
--experimental-features "nix-command flakes" \
".#packages.x86_64-linux" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS Generator Config '$name' not found"
exit 1
fi
build_args=(".#packages.x86_64-linux.$name")
if [ "$remote" = true ]; then
build_args+=("-j0")
fi
if ! nix build "${build_args[@]}"; then
echo "Error: Image build failed"
exit 1
fi
echo "Successfully built image: $name"
}
function cmd_install() {
local usage="Usage: $0 install --name <system-name>"
local name=""
while [[ $# -gt 0 ]]; do
case "$1" in
--name)
name="$2"
shift 2
;;
*)
echo "$usage"
exit 1
;;
esac
done
if [ -z "$name" ]; then
echo "$usage"
exit 1
fi
# Validate Config Exists
if ! nix eval --json --impure \
--experimental-features "nix-command flakes" \
".#nixosConfigurations" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS configuration '$name' not found"
exit 1
fi
# Validate mainDiskID Exists
if ! disk_id=$(nix eval --raw --impure \
--experimental-features "nix-command flakes" \
".#nixosConfigurations.$name.config.mainDiskID" 2>/dev/null); then
echo "Error: mainDiskID not defined for configuration '$name'"
exit 1
fi
# Validate Disk Exists
if [ ! -e "$disk_id" ]; then
echo "Error: Disk $disk_id not found on system"
exit 1
fi
# Prompt Format
read -p "This will format disk $disk_id. Continue? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Cancelled"
exit 1
fi
echo "Formatting disk: $disk_id"
# Format Disk
if ! sudo nix \
--experimental-features "nix-command flakes" \
run github:nix-community/disko -- \
--mode disko \
--flake "/etc/nixos#$name"; then
echo "Error: Disk formatting failed"
exit 1
fi
# Install NixOS
echo "Installing $name to disk: $disk_id"
if ! sudo nixos-install --flake "/etc/nixos#$name"; then
echo "Error: NixOS installation failed"
exit 1
fi
echo "Successfully installed $name to disk: $disk_id"
# Prompt Reboot
read -p "Reboot? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Complete - Not Rebooting"
exit 0
fi
# Reboot
echo "Operation Complete - Rebooting"
sudo reboot
}
case "$1" in
image)
shift
cmd_image "$@"
;;
install)
shift
cmd_install "$@"
;;
*)
echo "Usage: $0 {image|install} --name <name>"
exit 1
;;
esac

View File

@ -24,7 +24,9 @@
};
in
{
# NixOS Generators
packages.x86_64-linux = {
# RKE2
rke2-image = nixos-generators.nixosGenerate {
system = "x86_64-linux";
format = "vmware";
@ -34,6 +36,7 @@
};
};
# NixOS Configurations
nixosConfigurations = {
# LLaMA C++ Server
lin-va-llama1 = mkSystem {
@ -51,6 +54,12 @@
hostName = "lin-va-nix-builder";
mainDiskID = "/dev/xvda";
enableXenGuest = true;
network = {
interface = "enX0";
address = "10.0.50.130";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.50.254" ];
};
};
};
};

View File

@ -2,4 +2,4 @@
sshCommand = "ssh -i ~/Keys/work"
[user]
email = evan@prophet.security
email = evan@prophetsecurity.ai

View File

@ -4,8 +4,7 @@
# User Authorized Keys
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8P84lWL/p13ZBFNwITm/dLWWL8s9pVmdOImM5gaJAiTLY+DheUvG6YsveB2/5STseiJ34g7Na9TW1mtTLL8zDqPvj3NbprQiYlLJKMbCk6dtfdD4nLMHl8B48e1h699XiZDp2/c+jJb0MkLOFrps+FbPqt7pFt1Pj29tFy8BCg0LGndu6KO+HqYS+aM5tp5hZESo1RReiJ8aHsu5X7wW46brN4gfyyu+8X4etSZAB9raWqlln9NKK7G6as6X+uPypvSjYGSTC8TSePV1iTPwOxPk2+1xBsK7EBLg3jNrrYaiXLnZvBOOhm11JmHzqEJ6386FfQO+0r4iDVxmvi+ojw== rsa-key-20141114"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGGGpRpDQRstoqnCAQioSnh6PZRzNQL7lGJHksIkcoF evanreichard@Evans-MacBook-Pro.local"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
];
hashedPassword = null;
};

View File

@ -140,7 +140,7 @@
# User Authorized Keys
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8P84lWL/p13ZBFNwITm/dLWWL8s9pVmdOImM5gaJAiTLY+DheUvG6YsveB2/5STseiJ34g7Na9TW1mtTLL8zDqPvj3NbprQiYlLJKMbCk6dtfdD4nLMHl8B48e1h699XiZDp2/c+jJb0MkLOFrps+FbPqt7pFt1Pj29tFy8BCg0LGndu6KO+HqYS+aM5tp5hZESo1RReiJ8aHsu5X7wW46brN4gfyyu+8X4etSZAB9raWqlln9NKK7G6as6X+uPypvSjYGSTC8TSePV1iTPwOxPk2+1xBsK7EBLg3jNrrYaiXLnZvBOOhm11JmHzqEJ6386FfQO+0r4iDVxmvi+ojw== rsa-key-20141114"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
];
hashedPassword = null;
};
@ -148,7 +148,6 @@
# Add Symlinks Expected by Democratic
system.activationScripts = {
iscsi-initiator = ''
# Democratic CSI Requirements
mkdir -p /usr/bin
ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm
ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid

View File

@ -1,6 +1,6 @@
{ config, lib, ... }:
{
# Node Nix Config
# NixOS Config
options = {
hostName = lib.mkOption {
type = lib.types.str;
@ -11,6 +11,35 @@
default = false;
description = "Whether to enable Xen guest support";
};
network = lib.mkOption {
type = lib.types.submodule {
options = {
interface = lib.mkOption {
type = lib.types.str;
description = "Network interface name";
example = "enp0s3";
};
address = lib.mkOption {
type = lib.types.str;
description = "Static IP address";
example = "10.0.20.200";
};
defaultGateway = lib.mkOption {
type = lib.types.str;
description = "Default gateway IP";
example = "10.0.20.254";
};
nameservers = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "List of DNS servers";
example = [ "10.0.20.254" "8.8.8.8" ];
default = [ "8.8.8.8" "8.8.4.4" ];
};
};
};
default = null;
description = "Network configuration";
};
};
config = lib.mkMerge [
@ -41,12 +70,24 @@
# User Authorized Keys
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8P84lWL/p13ZBFNwITm/dLWWL8s9pVmdOImM5gaJAiTLY+DheUvG6YsveB2/5STseiJ34g7Na9TW1mtTLL8zDqPvj3NbprQiYlLJKMbCk6dtfdD4nLMHl8B48e1h699XiZDp2/c+jJb0MkLOFrps+FbPqt7pFt1Pj29tFy8BCg0LGndu6KO+HqYS+aM5tp5hZESo1RReiJ8aHsu5X7wW46brN4gfyyu+8X4etSZAB9raWqlln9NKK7G6as6X+uPypvSjYGSTC8TSePV1iTPwOxPk2+1xBsK7EBLg3jNrrYaiXLnZvBOOhm11JmHzqEJ6386FfQO+0r4iDVxmvi+ojw== rsa-key-20141114"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
];
hashedPassword = null;
};
}
# Network Configuration
(lib.mkIf (config.network != null) {
networking = {
inherit (config.network) defaultGateway nameservers;
interfaces.${config.network.interface}.ipv4.addresses = [{
inherit (config.network) address;
prefixLength = 24;
}];
};
})
# Xen Guest
(lib.mkIf config.enableXenGuest {
services.xe-guest-utilities.enable = true;