feature: Rename serverinfra folder.

2024-07-27 12:57:02 -04:00 · 2024-07-27 12:57:02 -04:00 · eb1dc99389
commit eb1dc99389
parent 3941e10c2f
11 changed files with 0 additions and 0 deletions
--- a/serverinfra/kitteh-node-1/agent.nix
+++ b/serverinfra/kitteh-node-1/agent.nix
@ -0,0 +1,10 @@
+let 
+  pkgs = import <nixpkgs> {};
+in {
+  imports = [
+    ../commons.agent.nix
+  ];
+
+  networking.hostName = "kitteh-node-1-k3s-agent";
+  environment.variables.NIX_BUILD_ID = "kitteh-node-1/agent";
+}
--- a/serverinfra/kitteh-node-1/server.nix
+++ b/serverinfra/kitteh-node-1/server.nix
@ -0,0 +1,75 @@
+# Because this behaves as cluster init, all the "commons.server.nix" seperation
+# isn't in here. However, normal commons is. Just fyi.
+
+let 
+  pkgs = import <nixpkgs> {};
+  k3s_token = (import ../secrets.nix).services.k3s.token;
+in {
+  imports = [
+    ../commons.nix
+  ];
+
+  networking.hostName = "kitteh-node-1-k3s-server";
+  environment.variables.NIX_BUILD_ID = "kitteh-node-1/server";
+
+  systemd.services.k3s = {
+    enable = true;
+    description = "KittehCluster's modified k3s service";
+
+    # From L324: https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/cluster/k3s/builder.nix
+    path = with pkgs; [
+      kmod
+      socat
+      iptables
+      iproute2
+      ipset
+      bridge-utils
+      ethtool
+      util-linux
+      conntrack-tools
+      runc
+      bash
+    ];
+
+    serviceConfig = {
+      Type = "simple";
+      ExecStart = pkgs.writeShellScript "k3s-hack" ''
+        rm -rf /tmp/k3shack
+
+        # Manually recreate the symlinks. Don't @ me.
+        mkdir /tmp/k3shack
+
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/containerd
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/crictl
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/ctr
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-agent
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-certificate
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-completion
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-etcd-snapshot
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-secrets-encrypt
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-server
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s-token
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/kubectl
+        ln -s ${pkgs.k3s}/bin/.k3s-wrapped /tmp/k3shack/k3s
+
+        export PATH=/tmp/k3shack:$PATH
+        k3s server --cluster-init --token ${k3s_token} --disable servicelb
+      '';
+    };
+  };
+
+  # K3s settings
+  networking.firewall = {
+    enable = true;
+    
+    allowedTCPPorts = [
+      6443
+      2379
+      2380
+    ];
+
+    allowedUDPPorts = [
+      8472
+    ];
+  };
+}