update: new urls, and 1 master 1 agent

2026-03-21 19:17:23 +00:00 · 2026-02-24 09:27:08 -05:00
parent b68b96e5c7
commit cf49edab5c
10 changed files with 99 additions and 68 deletions
--- a/README.md
+++ b/README.md
@@ -5,9 +5,9 @@
 ```sh
 cd <path to flake>

-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.2.100
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.18.100

-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.2.101
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.18.101

-nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.2.42
+nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.18.102
 ```
--- a/hosts/larry/configuration.nix
+++ b/hosts/larry/configuration.nix
@@ -12,6 +12,7 @@
    ../../modules/k3s.nix
    ../../modules/nfs.nix
    ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
    ../../modules/nvidia.nix
  ];
 }
--- a/hosts/larry/hardware-configuration.nix
+++ b/hosts/larry/hardware-configuration.nix
@@ -1,25 +1,25 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/hosts/patrick/configuration.nix
+++ b/hosts/patrick/configuration.nix
@@ -12,6 +12,7 @@
    ../../modules/k3s.nix
    ../../modules/nfs.nix
    ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
  ];

  k3s = {
--- a/hosts/patrick/hardware-configuration.nix
+++ b/hosts/patrick/hardware-configuration.nix
@@ -1,25 +1,25 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/hosts/spongebob/configuration.nix
+++ b/hosts/spongebob/configuration.nix
@@ -12,5 +12,10 @@
    ../../modules/k3s.nix
    ../../modules/nfs.nix
    ../../modules/longhorn.nix
+    ../../modules/tailscale.nix
  ];
+
+  k3s = {
+    role = "agent";
+  };
 }
--- a/hosts/spongebob/hardware-configuration.nix
+++ b/hosts/spongebob/hardware-configuration.nix
@@ -8,9 +8,9 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
+  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -18,9 +18,8 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/modules/k3s.nix
+++ b/modules/k3s.nix
@@ -13,13 +13,20 @@ in {
      default = false;
      description = "Initialize cluster when set to true";
    };
+    role = mkOption {
+      type = types.str;
+      default = "server";
+    };
  };

  config = {
    services = {
      k3s = {
        enable = true;
-        role = "server";
+        role =
+          if cfg.init
+          then "server"
+          else cfg.role;
        clusterInit = cfg.init;
        serverAddr =
          if cfg.init
@@ -29,11 +36,17 @@ in {
          if cfg.init
          then ""
          else meta.k3sToken;
-        disable = ["traefik" "servicelb" "local-storage"];
-        extraFlags = [
-          "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*"
-          "--write-kubeconfig-mode \"0644\""
-        ];
+        disable =
+          if cfg.init
+          then ["traefik" "servicelb" "local-storage"]
+          else [];
+        extraFlags =
+          if cfg.init
+          then [
+            "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*"
+            "--write-kubeconfig-mode \"0644\""
+          ]
+          else [];
      };
    };
  };
--- a/modules/tailscale.nix
+++ b/modules/tailscale.nix
@@ -0,0 +1,12 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "server";
+    extraSetFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ];
+    extraUpFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ];
+  };
+}
--- a/redeploy.sh
+++ b/redeploy.sh
@@ -4,12 +4,12 @@ set -euo pipefail
 SSH_USER="root"

 declare -A HOSTS=(
-  ["patrick"]="192.168.2.100"
-  ["spongebob"]="192.168.2.101"
-  ["larry"]="192.168.2.42"
+  ["spongebob"]="192.168.18.101"
 )

-for HOSTNAME in "${!HOSTS[@]}"; do
+ORDER=("spongebob")
+
+for HOSTNAME in "${ORDER[@]}"; do
  IP="${HOSTS[$HOSTNAME]}"

  echo "========================================"