xavier/nixos-infra
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: xavier/nixos-infra:0ad90d81d616b3be33b184cf4e90201f1509d589
Branches Tags
xavier/nixos-infra:main
..
compare: xavier/nixos-infra:d960f1d85e4a82c0da258eb78b945eb23c516041
Branches Tags
xavier/nixos-infra:main

3 Commits
0ad90d81d6 .. d960f1d85e

Author SHA1 Message Date
xavier d960f1d85e Merge branch 'main' of ssh://gitea.prod.lagraula.fr:2222/xavier/nixos-infra 2026-04-30 23:00:45 +02:00
xavier fa89794207 Typo in README.md. 2026-04-30 22:07:40 +02:00
xavier 2001379577 Initial scripts for a LXC container and for a reverse proxy improved. Not yet ready to test. 2026-04-29 21:52:32 +02:00
4 changed files with 9 additions and 20 deletions
Expand all files Collapse all files
README.md
-1
View File
@@ -4,7 +4,6 @@
--- ---
---
## **📌 Contexte et Objectifs** ## **📌 Contexte et Objectifs**
nixos-infra/hosts/servers/rp01/configuration.nix
+1 -1
View File
@@ -11,7 +11,7 @@
# Configuration réseau (IPv4 + IPv6) # Configuration réseau (IPv4 + IPv6)
networking.hostName = "rp01"; networking.hostName = "rp01";
networking.interfaces.eth0.ipv4.addresses = [ networking.interfaces.eth0.ipv4.addresses = [
{ address = "192.168.1.100"; prefixLength = 24; } { address = "10.40.0.199"; prefixLength = 24; }
]; ];
# networking.interfaces.eth0.ipv6.addresses = [ # networking.interfaces.eth0.ipv6.addresses = [
# { address = "2001:db8::1"; prefixLength = 64; } # { address = "2001:db8::1"; prefixLength = 64; }
nixos-infra/modules/machine-types/lxc.nix
-13
View File
@@ -41,19 +41,6 @@
boot.kernelModules = [ ]; # TODO : review the disabling of all kernelModules in a container boot.kernelModules = [ ]; # TODO : review the disabling of all kernelModules in a container
powerManagement.enable = false; powerManagement.enable = false;
# Enable SSH for deployment
# TODO : maybe move this to a module shared by all machines
services.openssh = {
enable = true;
openFirewall = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = true;
# TODO : confirm that SSH//PermitEmptyPasswords is not actually needed.
# PermitEmptyPasswords = "yes";
};
};
# Limiter les ressources si nécessaire # Limiter les ressources si nécessaire
# TODO : review the need to limit ZFS pools in the LXC container configuration, in my ZFSless context # TODO : review the need to limit ZFS pools in the LXC container configuration, in my ZFSless context
boot.zfs.extraPools = [ ]; boot.zfs.extraPools = [ ];
nixos-infra/scripts/initial-configuration.nix
+8 -5
View File
@@ -1,17 +1,17 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Activer SSH pour le déploiement # Install Git, curl, and other required tools
environment.systemPackages = with pkgs; [ git curl ];
# Enable unsecured SSH for initial deployment
services.openssh = { services.openssh = {
enable = true; enable = true;
permitRootLogin = "yes"; permitRootLogin = "yes";
passwordAuthentication = true; passwordAuthentication = true;
}; };
# Installer Git, curl, et les outils nécessaires # Deployment script
environment.systemPackages = with pkgs; [ git curl ];
# Ajouter le script de déploiement
system.activationScripts.setup-deploy = '' system.activationScripts.setup-deploy = ''
#!${pkgs.bash}/bin/bash #!${pkgs.bash}/bin/bash
set -euo pipefail set -euo pipefail
@@ -26,4 +26,7 @@
git clone https://gitea.lagraula.fr/xavier/nixos-infra.git /etc/nixos-infra git clone https://gitea.lagraula.fr/xavier/nixos-infra.git /etc/nixos-infra
fi fi
''; '';
system.stateVersion = "25.11";
} }