forked from Fediversity/Fediversity
Document semi-automated provisioning of VMs
This commit is contained in:
parent
46d20a76bc
commit
b90fc3300a
GPG key ID:
35DB9EC8886E1CB8
1 changed files with 58 additions and 1 deletions
|
|
@ -2,7 +2,64 @@
|
|||
|
||||
This directory contains the definition of the VMs that host our infrastructure.
|
||||
|
||||
## NixOps4
|
||||
## Provisioning VMs with an initial configuration
|
||||
|
||||
NOTE[Niols]: This is very manual and clunky. Two things will happen. In the near
|
||||
future, I will improve the provisioning script to make this a bit less clunky.
|
||||
In the far future, NixOps4 will be able to communicate with Proxmox directly and
|
||||
everything will become much cleaner.
|
||||
|
||||
1. Choose an id and name for your VMs. It is recommended to choose the first
|
||||
free id above 100. As for the name, it is recommended to choose `fedi<id>`.
|
||||
For instance, `fedi117` with id `117`.
|
||||
|
||||
2. Add a basic configuration for the machine. These typically go in
|
||||
`infra/<name>/default.nix`. You can look at other `fedi<id>` VMs to find
|
||||
inspiration. You probably do not need a `nixos.module` option at this point.
|
||||
|
||||
3. Add the machine to a deployment. This takes place in `infra/flake-parts.nix`.
|
||||
Please remember to also update the table at the end of this file.
|
||||
|
||||
FIXME: Generate the table automatically (https://git.fediversity.eu/Fediversity/Fediversity/issues/89)
|
||||
|
||||
2. Add a file for each of those VM's public keys, eg.
|
||||
```
|
||||
touch keys/systems/fedi117.pub
|
||||
```
|
||||
Those files need to exist during provisioning, but their content matters only
|
||||
when updating the machines' configuration.
|
||||
|
||||
FIXME: Remove this step by making the provisioning script not fail with the
|
||||
public key does not exist yet.
|
||||
|
||||
3. Run the provisioning script:
|
||||
```
|
||||
sh infra/proxmox-provision.sh 117
|
||||
```
|
||||
The script can take several ids at the same time. It requires some
|
||||
authentication options and provides several more. See `--help`.
|
||||
|
||||
4. (Optional) Add a DNS entry for the machine; for instance `fedi117.abundos.eu
|
||||
A 95.215.187.117`.
|
||||
|
||||
5. Grab the public host keys for the machines in question, and add it to the
|
||||
repository. For instance:
|
||||
```
|
||||
ssh fedi117.abundos.eu 'sudo cat /etc/ssh/ssh_host_ed25519_key.pub' > keys/systems/fedi117.pub
|
||||
```
|
||||
|
||||
FIXME: Make the provisioning script do that for us.
|
||||
|
||||
7. Commit the machine's configuration, public key, etc.
|
||||
|
||||
8. At this point, the machine contains a very basic configuration that contains
|
||||
just enough for it to boot and be reachable. Go on to the next section to
|
||||
update the machine and put an actual configuration.
|
||||
|
||||
FIXME: Figure out why the full configuration isn't on the machine at this
|
||||
point and fix it.
|
||||
|
||||
## Updating existing VM configurations
|
||||
|
||||
Their configuration can be updated via NixOps4. Run
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue