import hetzner configuration from srvos

2023-01-01 17:04:38 +01:00 · 2023-01-01 17:04:38 +01:00 · 04190ab820
commit 04190ab820
parent be63c3a072
7 changed files with 18 additions and 79 deletions
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@ -12,9 +12,7 @@
 {
  imports = [
    ../roles/common.nix
-    ../roles/hetzner/amd.nix
-    ../roles/hetzner/network.nix
-    ../roles/raid.nix
+    ../roles/zfs-raid.nix
    ../roles/builder
    ../roles/remote-builder/aarch64-nixos-community.nix
  ];
@ -30,7 +28,7 @@
  # Emulate armv7 until we have proper builders
  boot.binfmt.emulatedSystems = [ "armv7l-linux" ];

-  networking.nix-community.ipv6.address = "2a01:4f8:13b:2ceb::1";
+  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:13b:2ceb::1/64";

  system.stateVersion = "20.03";
 }
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@ -3,9 +3,7 @@
 {
  imports = [
    ../roles/common.nix
-    ../roles/hetzner/amd.nix
-    ../roles/hetzner/network.nix
-    ../roles/raid.nix
+    ../roles/zfs-raid.nix
    ../roles/remote-builder/aarch64-build04.nix
  ];

@ -19,10 +17,9 @@

  networking.hostName = "build02";
  networking.hostId = "af9ccc71";
-  networking.useDHCP = false;
  networking.nameservers = [ "1.1.1.1" "1.0.0.1" ];

-  networking.nix-community.ipv6.address = "2a01:4f9:4a:2b02::1";
+  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:4a:2b02::1/64";

  system.stateVersion = "20.09";
 }
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@ -11,10 +11,8 @@
  # $ nixos-enter
  imports = [
    ../roles/common.nix
-    ../roles/hetzner/amd.nix
-    ../roles/hetzner/network.nix
    ../roles/hercules-ci
-    ../roles/raid.nix
+    ../roles/zfs-raid.nix
    ../roles/remote-builder/aarch64-build04.nix

    ../services/hound
@ -27,7 +25,7 @@
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;

-  networking.nix-community.ipv6.address = "2a01:4f9:3a:3b16::1";
+  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3a:3b16::1/64";

  networking.hostName = "build03";
  networking.hostId = "8daf74c0";
--- a/flake.lock
+++ b/flake.lock
@ -255,11 +255,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1672348966,
-        "narHash": "sha256-72Ejzcyx47eMrzGYW9deVbirB8JpPRU0UpoBpFW03PA=",
+        "lastModified": 1672603492,
+        "narHash": "sha256-2ihfON0EhEeL8yO8IbnD38QUAC+NmpLKQw2y6Y4+47E=",
        "owner": "numtide",
        "repo": "srvos",
-        "rev": "0b3a8aa5d6d54684161bc1752933fc1dc2445aef",
+        "rev": "791e64c72c6c1b878654ff36bc95d64ae6b4b41e",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -64,7 +64,7 @@
              inputs.sops-nix.nixosModules.sops
              inputs.srvos.nixosModules.server

-              inputs.srvos.nixosModules.telegraf
+              inputs.srvos.nixosModules.mixins-telegraf
              { networking.firewall.allowedTCPPorts = [ 9273 ]; }
            ];
          in
@ -75,6 +75,7 @@
                common
                ++ [
                  ./build01/configuration.nix
+                  inputs.srvos.nixosModules.hardware-hetzner-online-amd
                ];
            };

@ -92,7 +93,8 @@
                      ;
                  })
                  ./build02/configuration.nix
-                  inputs.srvos.nixosModules.nginx
+                  inputs.srvos.nixosModules.mixins-nginx
+                  inputs.srvos.nixosModules.hardware-hetzner-online-amd
                ];
            };

@ -105,7 +107,8 @@
                    inherit (inputs) nur-update;
                  })
                  ./build03/configuration.nix
-                  inputs.srvos.nixosModules.nginx
+                  inputs.srvos.nixosModules.mixins-nginx
+                  inputs.srvos.nixosModules.hardware-hetzner-online-amd
                ];
            };

--- a/roles/hetzner/network.nix
+++ b/roles/hetzner/network.nix
@ -1,43 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.networking.nix-community;
-in
-{
-  options = {
-    networking.nix-community.ipv6.address = mkOption {
-      type = types.str;
-    };
-
-    networking.nix-community.ipv6.cidr = mkOption {
-      type = types.str;
-      default = "64";
-    };
-
-    networking.nix-community.ipv6.gateway = mkOption {
-      type = types.str;
-      default = "fe80::1";
-    };
-  };
-
-  config = {
-    networking.usePredictableInterfaceNames = false;
-    networking.dhcpcd.enable = false;
-    # Don't take down the network for too long, this will use `systemctl
-    # restart` rather than stopping it with `systemctl stop` followed by a
-    # delayed `systemctl start`
-    systemd.services.systemd-networkd.stopIfChanged = true;
-
-    systemd.network = {
-      enable = true;
-      networks."ethernet".extraConfig = ''
-        [Match]
-        Type = ether
-        [Network]
-        DHCP = ipv4
-        Address = ${cfg.ipv6.address}/${cfg.ipv6.cidr}
-        Gateway = ${cfg.ipv6.gateway}
-      '';
-    };
-  };
-}
--- a/roles/hetzner/amd.nix
+++ b/roles/hetzner/amd.nix
@ -1,21 +1,7 @@
-{ modulesPath, ... }:
-
 {
-  imports = [
-    "${modulesPath}/installer/scan/not-detected.nix"
-  ];
-
-  boot.initrd.availableKernelModules = [
-    "xhci_pci"
-    "ahci"
-    # SATA ssd (only build01)
-    "sd_mod"
-    # NVME
-    "nvme"
-  ];
-  boot.kernelModules = [
-    "kvm-amd"
-  ];
+  # for mdraid 1.1
+  boot.loader.grub.extraConfig = "insmod mdraid1x";
+  services.telegraf.extraConfig.inputs.mdstat = { };

  fileSystems."/" = {
    device = "zroot/root/nixos";