From f6dbe8ad1d96035cdabf9a22cebbf1f8c23eab6f Mon Sep 17 00:00:00 2001 From: Evan Reichard Date: Sat, 6 Sep 2025 09:47:27 -0400 Subject: [PATCH] mkopt systemd vs grub --- modules/nixos/services/rke2/default.nix | 6 ++--- modules/nixos/system/boot/default.nix | 25 +++++++++++++------ .../x86_64-linux/lin-cloud-kube1/default.nix | 8 +++++- systems/x86_64-vmware/lin-va-rke2/default.nix | 1 + 4 files changed, 29 insertions(+), 11 deletions(-) diff --git a/modules/nixos/services/rke2/default.nix b/modules/nixos/services/rke2/default.nix index 30e9e6b..51ae0cd 100644 --- a/modules/nixos/services/rke2/default.nix +++ b/modules/nixos/services/rke2/default.nix @@ -9,7 +9,7 @@ in options.${namespace}.services.rke2 = with types; { enable = lib.mkEnableOption "Enable RKE2"; disable = mkOpt (listOf str) [ ] "Disable services"; - openFirewall = mkBoolOpt true "Open firewall"; + openFirewall = mkBoolOpt false "Open firewall"; }; config = mkIf cfg.enable { @@ -32,8 +32,6 @@ in 7946 # memberlist ]; - environment.systemPackages = with pkgs; [ nfs-utils ]; - networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ # RKE2 Ports - https://docs.rke2.io/install/requirements#networking 8472 # Canal CNI with VXLAN @@ -49,5 +47,7 @@ in after = [ "cloud-final.service" ]; requires = [ "cloud-final.service" ]; }; + + environment.systemPackages = with pkgs; [ nfs-utils k9s ]; }; } diff --git a/modules/nixos/system/boot/default.nix b/modules/nixos/system/boot/default.nix index e64b7c5..3a1b464 100644 --- a/modules/nixos/system/boot/default.nix +++ b/modules/nixos/system/boot/default.nix @@ -1,18 +1,29 @@ { config, lib, namespace, ... }: let inherit (lib) mkIf mkDefault; + inherit (lib.${namespace}) mkBoolOpt; cfg = config.${namespace}.system.boot; in { options.${namespace}.system.boot = { enable = lib.mkEnableOption "Enable Boot"; - xenGuest = lib.mkEnableOption "Enable Xen Guest"; + enableGrub = mkBoolOpt true "Enable GRUB"; + enableSystemd = mkBoolOpt false "Enable systemd"; + + xenGuest = lib.mkEnableOption "Xen guest support"; showNotch = lib.mkEnableOption "Show macOS Notch"; silentBoot = lib.mkEnableOption "Silent Boot"; }; config = mkIf cfg.enable { + assertions = [ + { + assertion = !(cfg.enableGrub && cfg.enableSystemd); + message = "Cannot enable both GRUB and systemd-boot"; + } + ]; + services.xe-guest-utilities.enable = mkIf cfg.xenGuest true; boot = { @@ -33,13 +44,13 @@ in canTouchEfiVariables = false; }; - # systemd-boot = { - # enable = true; - # configurationLimit = 20; - # editor = false; - # }; + systemd-boot = mkIf cfg.enableSystemd { + enable = true; + configurationLimit = 20; + editor = false; + }; - grub = { + grub = mkIf cfg.enableGrub { enable = true; efiSupport = true; efiInstallAsRemovable = true; diff --git a/systems/x86_64-linux/lin-cloud-kube1/default.nix b/systems/x86_64-linux/lin-cloud-kube1/default.nix index 964081b..ebbe460 100755 --- a/systems/x86_64-linux/lin-cloud-kube1/default.nix +++ b/systems/x86_64-linux/lin-cloud-kube1/default.nix @@ -1,4 +1,4 @@ -{ namespace, config, lib, modulesPath, ... }: +{ namespace, config, pkgs, lib, modulesPath, ... }: let inherit (lib.${namespace}) enabled; @@ -58,4 +58,10 @@ in ]; }; }; + + environment.systemPackages = with pkgs; [ + btop + tmux + vim + ]; } diff --git a/systems/x86_64-vmware/lin-va-rke2/default.nix b/systems/x86_64-vmware/lin-va-rke2/default.nix index 00cd408..0421929 100755 --- a/systems/x86_64-vmware/lin-va-rke2/default.nix +++ b/systems/x86_64-vmware/lin-va-rke2/default.nix @@ -33,6 +33,7 @@ in cloud-init = enabled; rke2 = { enable = true; + openFirewall = true; disable = [ "rke2-ingress-nginx" ]; }; openiscsi = {