From 09a17c4d30b1b0adb3fc8b07bde7acef13750314 Mon Sep 17 00:00:00 2001 From: chris Date: Tue, 21 Oct 2025 14:17:34 +0000 Subject: [PATCH] . --- clan.nix | 127 +++++++++++++++++++++++++++++++++++++++++++++++------ flake.lock | 24 +++++----- 2 files changed, 125 insertions(+), 26 deletions(-) diff --git a/clan.nix b/clan.nix index 2f4d463..611a4d1 100644 --- a/clan.nix +++ b/clan.nix @@ -11,28 +11,24 @@ description = "Management node 1"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:management" "criticallity:critical" "" ]; - # deploy.targetHost = "root@192.168.1.223"; }; c1 = { name = "compute-1"; description = "Compute node 1"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; - # deploy.targetHost = "root@192.168.1.224"; }; c2 = { name = "compute-2"; description = "Compute node 2"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; - # deploy.targetHost = "root@192.168.1.225"; }; c3 = { name = "compute-3"; description = "Compute node 3"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; - # deploy.targetHost = "root@192.168.1.226"; }; }; @@ -59,6 +55,28 @@ roles.peer.tags.all = { }; }; + # certificates = { + # module = { + # name = "certificates"; + # input = "clan-core"; + # }; + + # roles.ca = { + # settings = { + # tlds = [ "amarth.local" "amarth.cloud" ]; + # acmeEmail = "info@amarth.cloud"; + # }; + + # machines.m1 = {}; + # }; + + # roles.default = { + # settings.acmeEmail = "info@amarth.cloud"; + + # tags.all = {}; + # }; + # }; + zitadel = { module = { name = "zitadel"; @@ -66,10 +84,11 @@ }; roles.controller = { - machines."m1" = {}; + machines.m1 = {}; settings = { hostName = "auth.amarth.cloud"; displayName = "Amarth"; + emergencyAccessPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICE+TFkjJ8p8fMOddvg/waKAjKJ6DRvvouj1MdXc1Taj"; }; }; }; @@ -80,10 +99,77 @@ input = "amarth-services"; }; - roles.server.machines."c1" = {}; + roles.server.machines.c1 = { + settings = { + crossplane = { + enable = true; - roles.agent.machines."c2" = {}; - roles.agent.machines."c3" = {}; + resources.composite = [ + ./resources/composite/app/definition.yml + ./resources/composite/app/function.yml + ./resources/composite/app/composite.yml + + { + apiVersion = "example.crossplane.io/v1"; + kind = "App"; + metadata = { namespace = "default"; name = "example-app"; }; + spec.image = "nginx"; + } + + # { + # apiVersion = "v1"; + # kind = "CompositeResourceDefinition"; + # metadata.name = "container.resources.amarth.cloud"; + + # spec = { + # scope = "Namespaced"; + # group = "resources.amarth.cloud"; + # names = { kind = "Container"; plural = "containers"; }; + + # versions = [ + # { + # name = "v1"; + # served = true; + # referenceable = true; + + # schema.openAPIV3Schema = { + # type = "object"; + # properties = { + # spec = { + # type = "object"; + # properties.image = { type = "string"; description = "OCI container image"; }; + # required = [ "image" ]; + # }; + + # status = { + # type = "object"; + # properties = { + # replicas = { type = "integer"; description = "How many instances of the image to spin up"; }; + # address = { type = "string"; description = "The app's IP address"; }; + # }; + # }; + # }; + # }; + # } + # ]; + # }; + # } + + # { + # apiVersion = "pkg.crossplane.io/v1"; + # kind = "Function"; + # metadata.name = "crossplane-contrib-function-patch-and-transform"; + # spec.package = "xpkg.crossplane.io/crossplane-contrib/function-patch-and-transform:v0.8.2"; + # } + + + ]; + }; + }; + }; + + roles.agent.machines.c2 = {}; + roles.agent.machines.c3 = {}; }; customer-portal = { @@ -92,7 +178,7 @@ input = "amarth-services"; }; - roles.server.machines."m1" = {}; + roles.server.machines.m1 = {}; }; }; @@ -100,14 +186,27 @@ # machines/jon/configuration.nix will be automatically imported. # See: https://docs.clan.lol/guides/more-machines/#automatic-registration machines = { - # m1 = { config, pkgs, ... }: { - # environment.systemPackages = [ pkgs.asciinema ]; - - # nixpkgs.hostPlatform = "x86_64-linux"; - # }; m1 = { nixpkgs.hostPlatform = "x86_64-linux"; networking.domain = "amarth.local"; + + # security.acme.acceptTerms = true; + + # networking.firewall.allowedTCPPorts = [ 80 443 ]; + + # services.caddy = { + # enable = true; + + # virtualHosts = { + # "auth.amarth.cloud".extraConfig = '' + # reverse_proxy http://::1:9092 + # ''; + + # "amarth.cloud".extraConfig = '' + # reverse_proxy http://::1:8080 + # ''; + # }; + # }; }; c1 = { nixpkgs.hostPlatform = "x86_64-linux"; diff --git a/flake.lock b/flake.lock index 96fe62e..6f6209b 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1758634522, - "narHash": "sha256-Y5J+yCAbNZnPhrCvrTjhGUTD5amONxH/R/MGqwm0uIc=", + "lastModified": 1760537258, + "narHash": "sha256-aWhDQjVsMQz15JMgKOX3Q9Bmau8bGQIi2OVTvYj107w=", "ref": "refs/heads/main", - "rev": "e7b0307690730781d9908cf3a48b9081b9ffe87c", - "revCount": 23, + "rev": "c485a0ac1ac0a4c4a0614682466f3cbf2fc66728", + "revCount": 66, "type": "git", "url": "https://git.amarth.cloud/amarth/customer-portal" }, @@ -29,11 +29,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1758657712, - "narHash": "sha256-j1jbJ0PD1k4FQoHSmbzAteF1euLc1ChAIDyOsJc4Qns=", + "lastModified": 1760969527, + "narHash": "sha256-rDn5MwQpKUf9AE2xgpbDXkqwbPnxp7ZkGy3sYviPwyg=", "ref": "refs/heads/main", - "rev": "ad2b96180f00d45e4319d1595b948bba38e3915a", - "revCount": 45, + "rev": "d911f4d9c14d705feb7a95aa24668f42a977c1ef", + "revCount": 117, "type": "git", "url": "https://git.amarth.cloud/amarth/services" }, @@ -145,11 +145,11 @@ "treefmt-nix": "treefmt-nix_3" }, "locked": { - "lastModified": 1758642849, - "narHash": "sha256-t6fn1DuP8acTIUJ6uQuNJojT4pjMcjC6aiEZRljiyQg=", - "rev": "3171512f30802ada403d47c9d7a19b5350aa5565", + "lastModified": 1758672338, + "narHash": "sha256-GuAaXGsvGD6jiFGeYxaq/Z7v7DkpyC28xRzQJ7hd7IA=", + "rev": "fde05adbd68f9a2f8374f576affa88c5073803d5", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/3171512f30802ada403d47c9d7a19b5350aa5565.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/fde05adbd68f9a2f8374f576affa88c5073803d5.tar.gz" }, "original": { "type": "tarball",