kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity
Fediversity/infra
History
Exact
Kiara Grouwstra aa2901f1bd
docs: sectarian purge of non-historical references to nixops4
2025-04-14 17:00:08 +02:00
..
common allow accessing test vms from fedi201, closes #286 (#297) 2025-04-09 16:58:50 +02:00
machines allow accessing test vms from fedi201, closes #286 (#297) 2025-04-09 16:58:50 +02:00
test-machines A bunch more test machines 2025-04-02 15:06:17 +02:00
architecture.pdf Move the Proxmox architecture document to infra/ 2024-11-27 12:20:33 +01:00
flake-part.nix peertube: test03 -> test05 (#306) 2025-04-14 08:26:28 +02:00
machines.md Generate list of machines from config 2025-02-27 16:45:11 +01:00
machines.md.sh Make ShellCheck happy 2025-02-27 16:45:11 +01:00
makeInstallerIso.nix makeInstaller -> makeInstallerIso 2025-02-21 20:24:40 +01:00
old-deployment-readme.md Get rid of the deployment/ directory 2025-02-25 11:57:20 +01:00
proxmox-provision.sh Support specifying disk size 2025-02-27 16:45:11 +01:00
proxmox-remove.sh Report errors in subprocesses 2025-02-27 11:35:55 +01:00
README.md docs: sectarian purge of non-historical references to nixops4 2025-04-14 17:00:08 +02:00

README.md

Infra

This directory contains the definition of the VMs that host our infrastructure.

Provisioning VMs with an initial configuration

NOTE[Niols]: This is very manual and clunky.

  1. Choose names for your VMs. It is recommended to choose fediXXX, with XXX above 100. For instance, fedi117.

  2. Add a basic configuration for the machine. These typically go in infra/machines/<name>/default.nix. You can look at other fediXXX VMs to find inspiration. You probably do not need a nixos.module option at this point.

  3. Add a file for each of those VM's public keys, eg.

    touch keys/systems/fedi117.pub

    Those files need to exist during provisioning, but their content matters only when updating the machines' configuration.

    FIXME: Remove this step by making the provisioning script not fail with the public key does not exist yet.

  4. Run the provisioning script:

    sh infra/proxmox-provision.sh fedi117

    The script can take several ids at the same time. It requires some authentication options and provides several more. See --help.

  5. (Optional) Add a DNS entry for the machine; for instance fedi117.abundos.eu A 95.215.187.117.

  6. Grab the public host keys for the machines in question, and add it to the repository. For instance:

    ssh fedi117.abundos.eu 'sudo cat /etc/ssh/ssh_host_ed25519_key.pub' > keys/systems/fedi117.pub

    FIXME: Make the provisioning script do that for us.

  7. Regenerate the list of machines:

    sh infra/machines.md.sh

    Commit it with the machine's configuration, public key, etc.

  8. At this point, the machine contains a very basic configuration that contains just enough for it to boot and be reachable. Go on to the next section to update the machine and put an actual configuration.

    FIXME: Figure out why the full configuration isn't on the machine at this point and fix it.

Updating existing VM configurations

Their configuration can be updated:

tofu apply

Removing an existing VM

See infra/proxmox-remove.sh --help.

TODO

  • does it know the key?
  • can it access the key?
  • place in credentials, maybe like nixops
  • secrets
  • test deployed application
  • ssh keys
  • other infra (incl import)
  • TF for users
  • deploy deployment (#76)
  • handle infra state (#169)
  • handle user state (#169)
  • provision VMs (#116)