From b5929e08341b2cca60260aa9f9d18eebd7f31907 Mon Sep 17 00:00:00 2001 From: Nick Date: Thu, 4 Dec 2025 23:24:00 -0600 Subject: [PATCH] test: setting up opencloud and microvms --- modules/config/instances/config/caddy.nix | 4 +-- .../config/instances/config/firefly-iii.nix | 2 +- modules/nixos/default.nix | 4 +-- .../nixos/services/caddy/caddy0/default.nix | 33 +++++++++++++++++++ .../nixos/services/caddy/caddy1/default.nix | 20 +++++++++++ modules/nixos/services/caddy/default.nix | 23 ++++--------- systems/ceres/config/networking.nix | 6 ++-- systems/eris/config/networking.nix | 22 ++++++------- 8 files changed, 79 insertions(+), 35 deletions(-) create mode 100755 modules/nixos/services/caddy/caddy0/default.nix create mode 100755 modules/nixos/services/caddy/caddy1/default.nix diff --git a/modules/config/instances/config/caddy.nix b/modules/config/instances/config/caddy.nix index 003f42b..c46e6af 100755 --- a/modules/config/instances/config/caddy.nix +++ b/modules/config/instances/config/caddy.nix @@ -16,7 +16,7 @@ in ports = { port0 = 80; port1 = 443; - port2 = 8443; - port3 = 8445; # Opencloud + port2 = 8080; + port3 = 8443; }; } diff --git a/modules/config/instances/config/firefly-iii.nix b/modules/config/instances/config/firefly-iii.nix index acb8721..2b0cc44 100755 --- a/modules/config/instances/config/firefly-iii.nix +++ b/modules/config/instances/config/firefly-iii.nix @@ -32,7 +32,7 @@ in ]; subdomain = subdomain; ports = { - port0 = 8080; + port0 = 8084; port1 = 8081; }; interface = { diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 283afdb..7a5dbef 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -45,7 +45,7 @@ in imports = builtins.attrValues { inherit (modules) acme - caddy + caddy0 comfyui firefly-iii forgejo @@ -71,7 +71,7 @@ in imports = builtins.attrValues { inherit (modules) acme - caddy + caddy1 impermanence microvm opencloud0 diff --git a/modules/nixos/services/caddy/caddy0/default.nix b/modules/nixos/services/caddy/caddy0/default.nix new file mode 100755 index 0000000..8d7e8b9 --- /dev/null +++ b/modules/nixos/services/caddy/caddy0/default.nix @@ -0,0 +1,33 @@ +{ flake, ... }: +let + inherit (flake.config.services) instances; + inherit (flake.config.machines.devices) eris; + opencloud = instances.opencloud0; + service = instances.caddy; +in +{ + services.caddy = { + enable = true; + virtualHosts = { + "${opencloud.domains.url0}" = { + extraConfig = '' + reverse_proxy ${eris.ip.address0}:${builtins.toString service.ports.port1} { + transport http { + tls + tls_insecure_skip_verify + } + } + ''; + }; + }; + }; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + service.ports.port1 + ]; + }; + }; +} diff --git a/modules/nixos/services/caddy/caddy1/default.nix b/modules/nixos/services/caddy/caddy1/default.nix new file mode 100755 index 0000000..0cff934 --- /dev/null +++ b/modules/nixos/services/caddy/caddy1/default.nix @@ -0,0 +1,20 @@ +{ flake, ... }: +let + inherit (flake.config.services) instances; + + service = instances.caddy; +in +{ + services.caddy = { + enable = true; + }; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + service.ports.port1 + ]; + }; + }; +} diff --git a/modules/nixos/services/caddy/default.nix b/modules/nixos/services/caddy/default.nix index 0cff934..da65bd2 100755 --- a/modules/nixos/services/caddy/default.nix +++ b/modules/nixos/services/caddy/default.nix @@ -1,20 +1,11 @@ -{ flake, ... }: let - inherit (flake.config.services) instances; - - service = instances.caddy; + importList = + let + content = builtins.readDir ./.; + dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content); + in + map (name: ./. + "/${name}") dirContent; in { - services.caddy = { - enable = true; - }; - - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - service.ports.port1 - ]; - }; - }; + imports = importList; } diff --git a/systems/ceres/config/networking.nix b/systems/ceres/config/networking.nix index b32c7b8..c9c3cf8 100755 --- a/systems/ceres/config/networking.nix +++ b/systems/ceres/config/networking.nix @@ -18,10 +18,11 @@ in Kind = "bridge"; }; }; + networks = { "20-lan" = { matchConfig.Name = [ - "enp3s0" + "enp10s0" "vm-*" ]; networkConfig = { @@ -31,7 +32,7 @@ in "30-br-vms" = { matchConfig.Name = "br-vms"; networkConfig = { - Address = "192.168.50.245/24"; + Address = "192.168.50.240/24"; Gateway = "192.168.50.1"; DNS = [ "192.168.50.1" ]; }; @@ -39,6 +40,7 @@ in }; }; }; + networking = { hostName = ceres.name; networkmanager.enable = false; diff --git a/systems/eris/config/networking.nix b/systems/eris/config/networking.nix index 8ebe526..79dde5b 100755 --- a/systems/eris/config/networking.nix +++ b/systems/eris/config/networking.nix @@ -1,5 +1,4 @@ { - lib, flake, ... }: @@ -7,9 +6,7 @@ let inherit (flake.config.machines.devices) eris; in { - microvm.host.enable = true; - systemd.network = { enable = true; netdevs."10-br-vms" = { @@ -18,13 +15,15 @@ in Kind = "bridge"; }; }; - networks = { - "20-lan" = { - matchConfig.Name = [ - "enp10s0" - "vm-*" - ]; + "20-enp3s0" = { + matchConfig.Name = "enp3s0"; + networkConfig = { + Bridge = "br-vms"; + }; + }; + "20-vm" = { + matchConfig.Name = "vm-*"; networkConfig = { Bridge = "br-vms"; }; @@ -40,12 +39,11 @@ in }; }; }; - networking = { hostName = eris.name; - networkmanager.enable = true; + networkmanager.enable = false; nftables.enable = true; - useDHCP = lib.mkDefault true; + useDHCP = false; firewall = { enable = true; allowedTCPPorts = [