| .. | ||
| common | ||
| fedi200 | ||
| fedi300 | ||
| vm02116 | ||
| vm02179 | ||
| vm02186 | ||
| vm02187 | ||
| architecture.pdf | ||
| flake-part.nix | ||
| makeInstallerIso.nix | ||
| proxmox-provision.sh | ||
| proxmox-remove.sh | ||
| README.md | ||
Infra
This directory contains the definition of the VMs that host our infrastructure.
Provisioning VMs with an initial configuration
NOTE[Niols]: This is very manual and clunky. Two things will happen. In the near future, I will improve the provisioning script to make this a bit less clunky. In the far future, NixOps4 will be able to communicate with Proxmox directly and everything will become much cleaner.
-
Choose an id and name for your VMs. It is recommended to choose the first free id above 100. As for the name, it is recommended to choose
fedi<id>. For instance,fedi117with id117. -
Add a basic configuration for the machine. These typically go in
infra/<name>/default.nix. You can look at otherfedi<id>VMs to find inspiration. You probably do not need anixos.moduleoption at this point. -
Add the machine to a deployment. This takes place in
infra/flake-parts.nix. Please remember to also update the table at the end of this file.FIXME: Generate the table automatically (Fediversity/Fediversity#89)
-
Add a file for each of those VM's public keys, eg.
touch keys/systems/fedi117.pubThose files need to exist during provisioning, but their content matters only when updating the machines' configuration.
FIXME: Remove this step by making the provisioning script not fail with the public key does not exist yet.
-
Run the provisioning script:
sh infra/proxmox-provision.sh 117The script can take several ids at the same time. It requires some authentication options and provides several more. See
--help. -
(Optional) Add a DNS entry for the machine; for instance
fedi117.abundos.eu A 95.215.187.117. -
Grab the public host keys for the machines in question, and add it to the repository. For instance:
ssh fedi117.abundos.eu 'sudo cat /etc/ssh/ssh_host_ed25519_key.pub' > keys/systems/fedi117.pubFIXME: Make the provisioning script do that for us.
-
Commit the machine's configuration, public key, etc.
-
At this point, the machine contains a very basic configuration that contains just enough for it to boot and be reachable. Go on to the next section to update the machine and put an actual configuration.
FIXME: Figure out why the full configuration isn't on the machine at this point and fix it.
Updating existing VM configurations
Their configuration can be updated via NixOps4. Run
nixops4 deployments list
to see the available deployments. This should be done from the root of the repository, otherwise NixOps4 will fail with something like:
nixops4 error: evaluation: error:
… while calling the 'getFlake' builtin
error: path '/nix/store/05nn7krhvi8wkcyl6bsysznlv60g5rrf-source/flake.nix' does not exist, evaluation: error:
… while calling the 'getFlake' builtin
error: path '/nix/store/05nn7krhvi8wkcyl6bsysznlv60g5rrf-source/flake.nix' does not exist
Then, given a deployment (eg. git), run
nixops4 apply <deployment>
Alternatively, to run the default deployment, run
nixops4 apply
Removing an existing VM
See infra/proxmox-remove.sh --help.
Deployments
- default
- Contains everything
git- Machines hosting our Git infrastructure, eg. Forgejo and its actions runners
web- Machines hosting our online content, eg. the website or the wiki
other- Machines without a specific purpose
hans- Testing machines for Hans's work
Machines
These machines are hosted on the Procolix Proxmox instance, to which non-Procolix members of the project do not have access. They host our stable infrastructure.
Machine Proxmox Description Deployment
vm02116 Procolix Forgejo git
vm02179 Procolix unused other
vm02186 Procolix unused other
vm02187 Procolix Wiki web
fedi200 Fediversity Testing machine for Hans hans
fedi300 Fediversity Forgejo actions runner git