mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-22 21:18:44 +08:00
devices.srv1.node2: init
This commit is contained in:
parent
992970e9bc
commit
aad3164e11
@ -11,6 +11,7 @@ keys: # cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age
|
||||
- &pi3b age1yjgswvexp0x0de0sw4u6hamruzeluxccmx2enxazl6pwhhsr2s9qlxdemq
|
||||
- &srv1-node0 age1nzetyehldf3gl6pr6mu5d2cv387p8wjqn6wfpll7a3sl8us6n38s0ds633
|
||||
- &srv1-node1 age1wj33xt8nj7rhnsenepsf6k3lmq5vk4wn84jwr55qy9cwu05xn5cspg3h7t
|
||||
- &srv1-node2 age16e7ykphshal6qhwfvat698hl48s8yr0jvzh27ecdyfh5uk7t9u6s753jgy
|
||||
creation_rules:
|
||||
- path_regex: devices/pc/.*$
|
||||
key_groups:
|
||||
@ -67,3 +68,8 @@ creation_rules:
|
||||
- age:
|
||||
- *chn
|
||||
- *srv1-node1
|
||||
- path_regex: devices/srv1/node2/.*$
|
||||
key_groups:
|
||||
- age:
|
||||
- *chn
|
||||
- *srv1-node2
|
||||
|
55
devices/srv1/node2/default.nix
Normal file
55
devices/srv1/node2/default.nix
Normal file
@ -0,0 +1,55 @@
|
||||
inputs:
|
||||
{
|
||||
config =
|
||||
{
|
||||
nixos =
|
||||
{
|
||||
system =
|
||||
{
|
||||
nixpkgs.march = "broadwell";
|
||||
networking.networkd.static.eno2 =
|
||||
{ ip = "192.168.178.3"; mask = 24; gateway = "192.168.178.1"; dns = "192.168.178.1"; };
|
||||
cluster.nodeType = "worker";
|
||||
initrd.sshd.enable = true;
|
||||
nix.remote.slave.enable = true;
|
||||
};
|
||||
services.beesd.instances.root = { device = "/"; hashTableSizeMB = 256; threads = 4; };
|
||||
packages.packages._packages = [(inputs.pkgs.runCommand "master-system" {}
|
||||
''
|
||||
mkdir -p $out/share
|
||||
ln -s ${inputs.topInputs.self.nixosConfigurations.srv1-node0.config.system.build.toplevel} \
|
||||
$out/share/master-system
|
||||
'')];
|
||||
};
|
||||
specialisation =
|
||||
{
|
||||
no-share-home.configuration =
|
||||
{
|
||||
nixos =
|
||||
{
|
||||
services.slurm.enable = inputs.lib.mkForce false;
|
||||
system.cluster.nodeType = inputs.lib.mkForce "master";
|
||||
};
|
||||
system.nixos.tags = [ "no-share-home" ];
|
||||
};
|
||||
};
|
||||
fileSystems = inputs.lib.mkIf (inputs.config.nixos.system.cluster.nodeType == "worker")
|
||||
{
|
||||
"/home" =
|
||||
{
|
||||
device = "192.168.178.1:/home";
|
||||
fsType = "nfs";
|
||||
neededForBoot = true;
|
||||
};
|
||||
};
|
||||
boot.initrd.network.enable = true;
|
||||
boot.initrd.systemd.network.networks."10-eno2" = inputs.config.systemd.network.networks."10-eno2";
|
||||
boot.initrd.systemd.extraBin =
|
||||
{
|
||||
"ifconfig" = "${inputs.pkgs.nettools}/bin/ifconfig";
|
||||
"mount.nfs" = "${inputs.pkgs.nfs-utils}/bin/mount.nfs";
|
||||
"mount.nfs4" = "${inputs.pkgs.nfs-utils}/bin/mount.nfs4";
|
||||
};
|
||||
services.rpcbind.enable = true;
|
||||
};
|
||||
}
|
30
devices/srv1/node2/secrets/default.yaml
Normal file
30
devices/srv1/node2/secrets/default.yaml
Normal file
@ -0,0 +1,30 @@
|
||||
hello: ENC[AES256_GCM,data:/WGwXDnQio1BwD/zPoURTjVzTasWICOA7CBsgT5DbYIkKLt5DxzogeYWpiqjVg==,iv:BY82U/y9V8PYtn3Bre+nabGBcVgFbppIQZb7GhgY62I=,tag:JFqrezoWNJ8ZACCKQ43n5g==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3WlJNWmp2VUxpcXR3NE92
|
||||
TnNuLzg0SVZKdmt1cEVZU2FodXZPdmt6Rm5rClhrbDh3SzFlMU9LVFpEZDFLUGZZ
|
||||
d2RBTVNCamNBWFVEVW9FMjYxcUE4Rm8KLS0tIHBwYjlMU2tnUTZweDBYcmZXUC9l
|
||||
OWFUeE9xdldpTUQ3cDFENjU4YUVwSkUKp7yZGpvKMSm6rvsoPbcaqVznL3wzGEXB
|
||||
OGzrmgY083Gyjb5P/0wPY0ShGMWfWQW6vGchoqVuwr4oHKT3APcrIg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age16e7ykphshal6qhwfvat698hl48s8yr0jvzh27ecdyfh5uk7t9u6s753jgy
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWRjBjdGFEMjR6QnQ0a3Nz
|
||||
c2lmVWE0bFh3amRULytZOVhYS3dkL2JmRVhVClVQalh1WjJqcWcxT3ZXMWduN3Nl
|
||||
UzdFNXNQUmtaaTVIVVFVYXkyZEFPUncKLS0tIExrTDA0OEJzQklQOHNJZzBJdzJP
|
||||
MVU1UW9lWFJnSTE2aC9ZL0huYURUK3MK5U4cLWRMm+FFo8ATE/OoAcHzYHFMpOtV
|
||||
Q5kbq5PDMdp4qvoM3T4kLsB34oU55HjFvac0pilOhNRrz4xRMQgvoQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-09-20T05:30:52Z"
|
||||
mac: ENC[AES256_GCM,data:nSrkKUo4yB57aetzdJ1sjSKcm5STQ6jfMhvY4/tXft2P9zRYigSP4PkZj7z+knxcIx9sFdA86h8X45oUjxaAa5xDJpgmvC/EEKxm5rZtVTxYYYdy40W72qThVuKUasWpYrrGZbZEbTu3Dad1yfJTilwofRtxoo1Nmj5lMvw+HRo=,iv:UvBSF5GLEj+hTZksrIV3Ow+HQ/xjqwCUuwqkdz8g0Qg=,tag:U5wJPhmeevB2i2GBgMGBFQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
24
devices/srv1/node2/secrets/munge.key
Normal file
24
devices/srv1/node2/secrets/munge.key
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:04fSLZEkne1LqLZNYpy1tFlKTVUgQNuX9L3cL66FVHD+LqGAyWJGlAnduY+fQMZdDhbBdeEnJKXjyQ2jdDCttuqbPRiJQChtD7ztf+oiP877N143iSY2G245aCjIrAzmFORkGZaQT7nD5oxgCPiLqJzkNPzgjN4HIDsVoYz6jtw=,iv:gTbiJmdXN/62/t53ddfDrYlNLe3AoujT4G03eFQXyZs=,tag:eAYfhXPERqsVKFSkcm+Abw==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBb3JtVi92M2JUc3dKVzRt\na1kzNU8ycE1LTmdVZVNFNDNJZmpsTEdCK3hZCjNXajNpcGxXMDJxRjhPMmhFd2la\nZy8xUFZNZXhiVHFtbG9xVmJ3Q2d0NE0KLS0tIDlNWEJqcSsvQTFzc2FxL2F2bVVs\neS9UenMrYXNKbGJVTnZzN3VscWlrRk0K24RHbcTz56GV6AbQt7Yy9+1NClMpQFtk\nf/NO2RYuS0ciHwkJQEw7M48iJuwTSiv1pflXXkNvkl6/I7wPgS/eXw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age16e7ykphshal6qhwfvat698hl48s8yr0jvzh27ecdyfh5uk7t9u6s753jgy",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSjFQbWd4SUhoOExTdnFk\nd3dVVytZaDAyc1F2eUowdmY0azFKbWJ2Z2pZCnhYQWJtVXVjTTRvTlI4SlVyVHh1\nZlBZTlFheVNKdzN5a0RHM3RkTDhzQncKLS0tIFlpbjRUSzdzS3ZuMW8welNRODdR\nWis0ajQrdUNqVWcwMWF4bVlUaWsrc00KfL/zF2RiAanljrNhRT99i2jPvLySMWXx\nEyzYRuTH8ZGXsX4T2VAPjreBt1ahJ/EgBWmCLibEVK62zWfdquAZKg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2024-09-20T05:31:41Z",
|
||||
"mac": "ENC[AES256_GCM,data:7kp2KNU4O1yuBdu7cxzg8BytPWiP8hQ0/mWVKPPn4BXjFleyo8KzLC3XZn9Ovt2fHWiF/4hMreOPIDW1W+8n/DedLa2G+zkHiQDVBCyiLJ+FCELvNPdDwR37RvOJ0Oo3RtQaSK2xBhNwS2Qs1G7DemEGFrWXrZ/SeCG5H6bI4X4=,iv:zGG9jcC3McICjeYZd1aGud+VaUhLXg3J/demAqM4vUM=,tag:RINzMA36WfaTRuEy0cTQKQ==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.9.0"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user