From 62eea1bf8aad7dabf1a1d4db4f15f8f180e7f81e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Mon, 18 Nov 2024 11:55:50 +0100 Subject: [PATCH] Add Wiki machine to `web` deployment --- infra/README.org | 5 +++-- infra/flake-part.nix | 25 +++++++++++++++++++++++++ infra/vm02187/configuration.nix | 13 +++++++------ 3 files changed, 35 insertions(+), 8 deletions(-) diff --git a/infra/README.org b/infra/README.org index 8004f32..c50af47 100644 --- a/infra/README.org +++ b/infra/README.org @@ -7,7 +7,7 @@ Their configuration can be updated via NixOps4. Run nixops4 deployments list #+end_src -to see the available deployments. Given a deployment (eg. ~actions-runners~), run +to see the available deployments. Given a deployment (eg. ~git~), run #+begin_src sh nixops4 apply @@ -17,6 +17,7 @@ nixops4 apply - ~git~ :: Machines hosting our Git infrastructure, eg. Forgejo and its actions runners +- ~web~ :: Machines hosting our online content, eg. the website or the wiki * Procolix machines @@ -29,4 +30,4 @@ infrastructure. | vm02116 | Forgejo | ~git~ | | vm02179 | Forgejo actions runner | ~git~ | | vm02186 | Forgejo actions runner | ~git~ | -| vm02187 | Wiki | /none/ | +| vm02187 | Wiki | ~web~ | diff --git a/infra/flake-part.nix b/infra/flake-part.nix index 148f76f..857848a 100644 --- a/infra/flake-part.nix +++ b/infra/flake-part.nix @@ -62,4 +62,29 @@ }; }; }; + + nixops4Deployments.web = + { providers, ... }: + { + providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local; + + resources = { + vm02187 = { + type = providers.local.exec; + imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; + ssh = { + host = "185.206.232.187"; + opts = ""; + hostPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN24ZfdQNklKkIqfMg/+0vqENuDcy6fhT6SfAq01ae83"; + }; + nixpkgs = inputs.nixpkgs; + nixos.module = { + imports = [ + ./vm02187/configuration.nix + ./vm02187/hardware-configuration.nix + ]; + }; + }; + }; + }; } diff --git a/infra/vm02187/configuration.nix b/infra/vm02187/configuration.nix index 0c5a6d2..1d73482 100644 --- a/infra/vm02187/configuration.nix +++ b/infra/vm02187/configuration.nix @@ -195,7 +195,13 @@ i18n.defaultLocale = "en_US.UTF-8"; # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.root.hashedPassword = "$y$j9T$WXvLAUqArJJusuC017FCW0$.rfMOeyx/BsClkJFi5hLcynrSk.njWmfiB6Uy.9th3A"; + users.users.root = { + hashedPassword = "$y$j9T$WXvLAUqArJJusuC017FCW0$.rfMOeyx/BsClkJFi5hLcynrSk.njWmfiB6Uy.9th3A"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEElREJN0AC7lbp+5X204pQ5r030IbgCllsIxyU3iiKY" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJg5TlS1NGCRZwMjDgBkXeFUXqooqRlM8fJdBAQ4buPg" + ]; + }; users.users.procolix = { isNormalUser = true; @@ -233,11 +239,6 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - system.copySystemConfiguration = true; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave