From cf49edab5c9c12c177ae2d1bc32b3646ed87acb9 Mon Sep 17 00:00:00 2001 From: Michael Thomson Date: Tue, 24 Feb 2026 09:27:08 -0500 Subject: [PATCH] update: new urls, and 1 master 1 agent --- README.md | 6 +-- hosts/larry/configuration.nix | 1 + hosts/larry/hardware-configuration.nix | 50 +++++++++++----------- hosts/patrick/configuration.nix | 1 + hosts/patrick/hardware-configuration.nix | 50 +++++++++++----------- hosts/spongebob/configuration.nix | 5 +++ hosts/spongebob/hardware-configuration.nix | 9 ++-- modules/k3s.nix | 25 ++++++++--- modules/tailscale.nix | 12 ++++++ redeploy.sh | 8 ++-- 10 files changed, 99 insertions(+), 68 deletions(-) create mode 100644 modules/tailscale.nix diff --git a/README.md b/README.md index 2040ee8..c8aac49 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ ```sh cd -nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.2.100 +nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/patrick/hardware-configuration.nix --flake .#patrick root@192.168.18.100 -nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.2.101 +nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/spongebob/hardware-configuration.nix --flake .#spongebob root@192.168.18.101 -nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.2.42 +nix run github:nix-community/nixos-anywhere -- --build-on-remote --generate-hardware-config nixos-generate-config ./hosts/larry/hardware-configuration.nix --flake .#larry root@192.168.18.102 ``` diff --git a/hosts/larry/configuration.nix b/hosts/larry/configuration.nix index 834beb8..a569dee 100644 --- a/hosts/larry/configuration.nix +++ b/hosts/larry/configuration.nix @@ -12,6 +12,7 @@ ../../modules/k3s.nix ../../modules/nfs.nix ../../modules/longhorn.nix + ../../modules/tailscale.nix ../../modules/nvidia.nix ]; } diff --git a/hosts/larry/hardware-configuration.nix b/hosts/larry/hardware-configuration.nix index 0500ed5..8fc2b9c 100644 --- a/hosts/larry/hardware-configuration.nix +++ b/hosts/larry/hardware-configuration.nix @@ -1,25 +1,25 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/patrick/configuration.nix b/hosts/patrick/configuration.nix index 3b7a3c8..b4abc89 100644 --- a/hosts/patrick/configuration.nix +++ b/hosts/patrick/configuration.nix @@ -12,6 +12,7 @@ ../../modules/k3s.nix ../../modules/nfs.nix ../../modules/longhorn.nix + ../../modules/tailscale.nix ]; k3s = { diff --git a/hosts/patrick/hardware-configuration.nix b/hosts/patrick/hardware-configuration.nix index 0500ed5..e7a99f9 100644 --- a/hosts/patrick/hardware-configuration.nix +++ b/hosts/patrick/hardware-configuration.nix @@ -1,25 +1,25 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/spongebob/configuration.nix b/hosts/spongebob/configuration.nix index 8f5a849..e553d7f 100644 --- a/hosts/spongebob/configuration.nix +++ b/hosts/spongebob/configuration.nix @@ -12,5 +12,10 @@ ../../modules/k3s.nix ../../modules/nfs.nix ../../modules/longhorn.nix + ../../modules/tailscale.nix ]; + + k3s = { + role = "agent"; + }; } diff --git a/hosts/spongebob/hardware-configuration.nix b/hosts/spongebob/hardware-configuration.nix index e18719a..e7a99f9 100644 --- a/hosts/spongebob/hardware-configuration.nix +++ b/hosts/spongebob/hardware-configuration.nix @@ -8,9 +8,9 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; + boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -18,9 +18,8 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp38s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/modules/k3s.nix b/modules/k3s.nix index 75843d9..0d91384 100644 --- a/modules/k3s.nix +++ b/modules/k3s.nix @@ -13,13 +13,20 @@ in { default = false; description = "Initialize cluster when set to true"; }; + role = mkOption { + type = types.str; + default = "server"; + }; }; config = { services = { k3s = { enable = true; - role = "server"; + role = + if cfg.init + then "server" + else cfg.role; clusterInit = cfg.init; serverAddr = if cfg.init @@ -29,11 +36,17 @@ in { if cfg.init then "" else meta.k3sToken; - disable = ["traefik" "servicelb" "local-storage"]; - extraFlags = [ - "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*" - "--write-kubeconfig-mode \"0644\"" - ]; + disable = + if cfg.init + then ["traefik" "servicelb" "local-storage"] + else []; + extraFlags = + if cfg.init + then [ + "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*" + "--write-kubeconfig-mode \"0644\"" + ] + else []; }; }; }; diff --git a/modules/tailscale.nix b/modules/tailscale.nix new file mode 100644 index 0000000..7dd84c3 --- /dev/null +++ b/modules/tailscale.nix @@ -0,0 +1,12 @@ +{ + config, + pkgs, + ... +}: { + services.tailscale = { + enable = true; + useRoutingFeatures = "server"; + extraSetFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ]; + extraUpFlags = [ "--advertise-exit-node" "--advertise-routes=10.0.0.0/8,192.168.18.0/24" ]; + }; +} diff --git a/redeploy.sh b/redeploy.sh index e7ef6a3..487391f 100755 --- a/redeploy.sh +++ b/redeploy.sh @@ -4,12 +4,12 @@ set -euo pipefail SSH_USER="root" declare -A HOSTS=( - ["patrick"]="192.168.2.100" - ["spongebob"]="192.168.2.101" - ["larry"]="192.168.2.42" + ["spongebob"]="192.168.18.101" ) -for HOSTNAME in "${!HOSTS[@]}"; do +ORDER=("spongebob") + +for HOSTNAME in "${ORDER[@]}"; do IP="${HOSTS[$HOSTNAME]}" echo "========================================"