{ # Ensure this is unique among all clans you want to use. meta = { name = "amarth-infra"; description = "Amarth cloud"; }; inventory.machines = { m1 = { name = "management-1"; description = "Management node 1"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:management" "criticallity:critical" "" ]; }; c1 = { name = "compute-1"; description = "Compute node 1"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; c2 = { name = "compute-2"; description = "Compute node 2"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; c3 = { name = "compute-3"; description = "Compute node 3"; machineClass = "nixos"; tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; }; # Docs: See https://docs.clan.lol/reference/clanServices inventory.instances = { admin = { roles.default.tags.all = { }; roles.default.settings.allowedKeys = { "chris" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICE+TFkjJ8p8fMOddvg/waKAjKJ6DRvvouj1MdXc1Taj"; }; }; internet = { roles.default.machines = { m1.settings.host = "192.168.1.223"; c1.settings.host = "192.168.1.224"; c2.settings.host = "192.168.1.225"; c3.settings.host = "192.168.1.226"; }; }; zerotier = { roles.controller.machines."m1" = { }; roles.peer.tags.all = { }; }; # certificates = { # module = { # name = "certificates"; # input = "clan-core"; # }; # roles.ca = { # settings = { # tlds = [ "amarth.local" "amarth.cloud" ]; # acmeEmail = "info@amarth.cloud"; # }; # machines.m1 = {}; # }; # roles.default = { # settings.acmeEmail = "info@amarth.cloud"; # tags.all = {}; # }; # }; zitadel = { module = { name = "zitadel"; input = "amarth-services"; }; roles.controller = { machines.m1 = {}; settings = { hostName = "auth.amarth.cloud"; displayName = "Amarth"; emergencyAccessPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICE+TFkjJ8p8fMOddvg/waKAjKJ6DRvvouj1MdXc1Taj"; }; }; }; k3s = { module = { name = "k3s"; input = "amarth-services"; }; roles.server.machines.c1 = { settings = { crossplane = { enable = true; resources.composite = [ ./resources/composite/app/definition.yml ./resources/composite/app/function.yml ./resources/composite/app/composite.yml { apiVersion = "example.crossplane.io/v1"; kind = "App"; metadata = { namespace = "default"; name = "example-app"; }; spec.image = "nginx"; } # { # apiVersion = "v1"; # kind = "CompositeResourceDefinition"; # metadata.name = "container.resources.amarth.cloud"; # spec = { # scope = "Namespaced"; # group = "resources.amarth.cloud"; # names = { kind = "Container"; plural = "containers"; }; # versions = [ # { # name = "v1"; # served = true; # referenceable = true; # schema.openAPIV3Schema = { # type = "object"; # properties = { # spec = { # type = "object"; # properties.image = { type = "string"; description = "OCI container image"; }; # required = [ "image" ]; # }; # status = { # type = "object"; # properties = { # replicas = { type = "integer"; description = "How many instances of the image to spin up"; }; # address = { type = "string"; description = "The app's IP address"; }; # }; # }; # }; # }; # } # ]; # }; # } # { # apiVersion = "pkg.crossplane.io/v1"; # kind = "Function"; # metadata.name = "crossplane-contrib-function-patch-and-transform"; # spec.package = "xpkg.crossplane.io/crossplane-contrib/function-patch-and-transform:v0.8.2"; # } ]; }; }; }; roles.agent.machines.c2 = {}; roles.agent.machines.c3 = {}; }; customer-portal = { module = { name = "customer-portal"; input = "amarth-services"; }; roles.server.machines.m1 = {}; }; }; # Additional NixOS configuration can be added here. # machines/jon/configuration.nix will be automatically imported. # See: https://docs.clan.lol/guides/more-machines/#automatic-registration machines = { m1 = { nixpkgs.hostPlatform = "x86_64-linux"; networking.domain = "amarth.local"; # security.acme.acceptTerms = true; # networking.firewall.allowedTCPPorts = [ 80 443 ]; # services.caddy = { # enable = true; # virtualHosts = { # "auth.amarth.cloud".extraConfig = '' # reverse_proxy http://::1:9092 # ''; # "amarth.cloud".extraConfig = '' # reverse_proxy http://::1:8080 # ''; # }; # }; }; c1 = { nixpkgs.hostPlatform = "x86_64-linux"; networking.domain = "amarth.local"; }; c2 = { nixpkgs.hostPlatform = "x86_64-linux"; networking.domain = "amarth.local"; }; c3 = { nixpkgs.hostPlatform = "x86_64-linux"; networking.domain = "amarth.local"; }; }; }