fediversity/meta
13
3
Fork 4
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request 'Add architecture-docs/NixOps4-based-installation-process.md' (#13) from roberth/meta:nixops4-based-install into main

Browse source 
Reviewed-on: Fediversity/meta#13
This commit is contained in:
Koen de Jonge 2024-09-16 16:31:20 +02:00
commit 65c86b1091
1 changed files with 69 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

69
architecture-docs/NixOps4-based-installation-process.md Normal file
View file

@ -0,0 +1,69 @@
---
status: draft
---
# NixOps4-based Installation Process
This documents explains how NixOps4 could be leveraged to provide a smooth installation experience for a simple, monolithic deployment.
It does not go into detail about the way Nix Panel hooks into this, or whether Nix Panel manages the same NixOps4 deployment that also contains the infrastructure; a single NixOps4 deployment could provide a nice simplification in the early stages of the project.
## Components
Required for the setup steps in this document:
- `nixops4`: generic deployment tool using Nix
- `landscaper.iso`: installation image that bootstraps a completely new and independent Fedi cluster - a NixOS installer with a handful of extra definitions (@roberth: easy)
- `nixops4-modules-ssh-keypair`: NixOps4 resource provider that generates keys
- `nixops4-pxe-nbp`: NixOps4 resource provider that inserts an NBP image into a (local) PXE server configuration
- `nixops4-modules-ssh`: A module that calls `ssh` using `nixops4-resources-local`
- `nixops4-resources-local`: A module that can create files and call commands locally (prototyped)
- `nixops4-modules-nixos`: A module that calls `nixos-rebuild switch --target-host` or implements similar functionality
Expected needs:
- `nixops4-resources-proxmox`
- A resource provider that talks to a DNS server's API
## Steps
### 1. `landscaper` setup
1. connect your first server into the network
2. boot `landscaper.iso` from a usb stick, and install NixOS onto this server we'll call `landscaper`
`landscaper.iso` is a slightly customized NixOS installer that includes the `landscaper` NixOS module
in the default config that it generates
- mvp: copy and import the landscaper module by hand into the normal NixOS live system
The `landscaper` module contains
- nixops4 (mvp and initial setup)
- a nixops4 service (if/when nix-panel is capable of managing the infra)
- a tftp server
The NixOS installer puts the template NixOps4 expression in `/root/fediversity-network`
### 2. Add a proxmox host
1. - add a MAC address and IP address to the `proxmoxMACs` option (or similar)
- this automatically declares resources that will set up the new server
- `installation_host_key`: a temporary SSH host key pair
- `installation_pxe_nbp`: an entry in `landscaper`'s PXE server, referring to/including a kernel and initrd that run disko and performs a NixOS installation on the server disk(s)
- `ssh_host_public_key`: a resource that waits for SSH to come up, logs in to replace the host key and sends the returns the new public key as its resource output
- `nixos`: a resource that `nix copy`-es a NixOS toplevel, then updates the system profile and activates it
- unknown: built-in services like Nix-panel, perhaps depending on the number of `proxmoxMACs`
2. `nixops apply`
- this starts to create resources,
- up to the point that `ssh_host_public_key` waits for the server to boot
3. turn on the server
4. wait for `nixops apply` to complete
## Notes
Unknown: add to step 2 or step 3 (new), depending on the amount of shared infra:
- resources for certain objects in the proxmox api
- this creates nixpanel, and shared infrastructure