SK-Development-Studios/Nixos-Configuration
2
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: SK-Development-Studios:7b7bcac73aa3c176605781ac912e85effaeb086b
Branches Tags
SK-Development-Studios:main
..
compare: SK-Development-Studios:741aa5da9c147e2f71b816449c23512aabae8aa5
Branches Tags
SK-Development-Studios:main

No commits in common. "7b7bcac73aa3c176605781ac912e85effaeb086b" and "741aa5da9c147e2f71b816449c23512aabae8aa5" have entirely different histories.
7b7bcac73a ... 741aa5da9c

7 changed files with 11 additions and 199 deletions
Download patch file Download diff file Expand all files Collapse all files

9
configurations/nixos/forgejo-runner-tofu/default.nix
View file

@ -30,8 +30,8 @@ in
]; ];
}; };
sops.secrets.forgejo-runners-token = { sops.secrets.forgejo-runners-token = {
# owner = "gitea-runner"; owner = "gitea-runner";
# group = "gitea-runner"; group = "gitea-runner";
mode = "0777"; mode = "0777";
}; };
services.gitea-actions-runner = { services.gitea-actions-runner = {
@ -41,10 +41,7 @@ in
enable = true; enable = true;
url = "https://git.skdevstudios.com"; url = "https://git.skdevstudios.com";
name = "nix"; name = "nix";
labels = [ labels = [ "native:host" ];
"native:host"
"nix"
];
tokenFile = config.sops.secrets.forgejo-runners-token.path; tokenFile = config.sops.secrets.forgejo-runners-token.path;
hostPackages = with pkgs; [ hostPackages = with pkgs; [
nix nix

42
flake.lock generated
View file

@ -353,8 +353,7 @@
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixos-unified": "nixos-unified", "nixos-unified": "nixos-unified",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"sops-nix": "sops-nix", "sops-nix": "sops-nix"
"terranix": "terranix"
} }
}, },
"sops-nix": { "sops-nix": {
@ -389,45 +388,6 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_2"
},
"locked": {
"lastModified": 1747080393,
"owner": "typedrat",
"repo": "terranix",
"rev": "61c3bfe7b3884a84e9411046d53970d8f969a9b6",
"type": "github"
},
"original": {
"owner": "typedrat",
"ref": "expose-config",
"repo": "terranix",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [

7
flake.nix
View file

@ -10,13 +10,6 @@
disko.url = "https://flakehub.com/f/nix-community/disko/1.12.0.tar.gz"; disko.url = "https://flakehub.com/f/nix-community/disko/1.12.0.tar.gz";
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
terranix = {
url = "github:typedrat/terranix/expose-config";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
};
};
nix-index-database.url = "github:nix-community/nix-index-database"; nix-index-database.url = "github:nix-community/nix-index-database";
nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
nixos-anywhere.url = "github:nix-community/nixos-anywhere/1.10.0"; nixos-anywhere.url = "github:nix-community/nixos-anywhere/1.10.0";

2
modules/flake/deploy.nix
View file

@ -53,7 +53,7 @@ in
autoRollback = false; autoRollback = false;
magicRollback = true; magicRollback = true;
user = "root"; user = "root";
remoteBuild = true; # remoteBuild = true;
nodes = lib.mapAttrs genNode deployableNodes; nodes = lib.mapAttrs genNode deployableNodes;
}; };
} }

35
modules/flake/terranix.nix
View file

@ -1,35 +0,0 @@
{
inputs,
...
}:
{
imports = [
inputs.terranix.flakeModule
];
perSystem =
{ pkgs, ... }:
let
package = pkgs.opentofu.withPlugins (p: [
p.external
p.local
p.null
p.tls
p.incus
]);
in
{
terranix = {
terranixConfigurations = {
tnix = {
terraformWrapper = {
inherit package;
};
workdir = "terraform";
modules = [
# ../terranix/default.nix
];
};
};
};
};
}

4
modules/flake/toplevel.nix
View file

@ -6,9 +6,7 @@
inputs.nixos-unified.flakeModules.default inputs.nixos-unified.flakeModules.default
inputs.nixos-unified.flakeModules.autoWire inputs.nixos-unified.flakeModules.autoWire
]; ];
perSystem = perSystem = { self', pkgs, ... }: {
{ self', pkgs, ... }:
{
# For 'nix fmt' # For 'nix fmt'
formatter = pkgs.nixpkgs-fmt; formatter = pkgs.nixpkgs-fmt;

101
modules/terranix/default.nix
View file

@ -1,101 +0,0 @@
{ config, lib, ... }:
{
terraform = {
cloud = {
hostname = "tofu.skdevstudios.com";
organization = "skdevs";
workspaces.name = "dev";
};
required_providers.incus = {
source = "lxc/incus";
version = "0.3.1";
};
};
variable = {
incus_token.type = "string";
};
provider = {
incus = {
generate_client_certificates = true;
accept_remote_certificate = true;
remote = {
default = true;
name = "tofu-prod";
scheme = "https";
address = "olympus.tailfc9f5.ts.net";
token = lib.tfRef "var.incus_token";
};
};
};
resource = {
incus_profile.d = {
name = "d";
config = {
"limits.cpu" = "2";
"security.nesting" = "true";
"boot.autostart" = "true";
"security.privileged" = "false";
"security.syscalls.intercept.mount" = "false";
};
device = [
{
name = "eth0";
type = "nic";
properties = {
network = "incusbr0";
};
}
{
name = "root";
type = "disk";
properties = {
pool = "default";
path = "/";
};
}
];
};
incus_instance.observer-tofu = {
name = "observer-tofu";
image = "images:nixos/25.05/amd64";
profiles = [ "\${incus_profile.d.name}" ];
config = {
"limits.cpu" = "1";
"limits.memory" = "1GiB";
};
device = [
{
name = "http";
type = "proxy";
properties = {
listen = "tcp:0.0.0.0:8889";
connect = "tcp:127.0.0.1:3001";
};
}
];
};
incus_instance.forgejo-runner-tofu = {
name = "forgejo-runner-tofu";
image = "images:nixos/25.05/amd64";
profiles = [ "\${incus_profile.d.name}" ];
config = {
"limits.cpu" = "6";
"limits.memory" = "8GiB";
};
};
incus_instance.base-tofu = {
name = "base-tofu";
image = "images:nixos/25.05/amd64";
profiles = [ "\${incus_profile.d.name}" ];
config = {
"limits.cpu" = "1";
"limits.memory" = "1GiB";
};
};
};
}