From 72bc16ef31f58472b5c5c450a6fb1d325b8cad0d Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Tue, 17 Mar 2020 20:35:40 +0800 Subject: [PATCH] add sysfire server --- terranix/sysfire_server/config.nix | 35 +++++++++++++++++++++++ terranix/sysfire_server/shell.nix | 46 ++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 terranix/sysfire_server/config.nix create mode 100644 terranix/sysfire_server/shell.nix diff --git a/terranix/sysfire_server/config.nix b/terranix/sysfire_server/config.nix new file mode 100644 index 0000000..e3c2ab5 --- /dev/null +++ b/terranix/sysfire_server/config.nix @@ -0,0 +1,35 @@ +{ pkgs, lib, ... }: +let + hcloud-modules = pkgs.fetchgit { + url = "https://github.com/mrVanDalo/terranix-hcloud.git"; + rev = "c3571f76664e1813f90d97b8c194a1e0149e895e"; + sha256 = "0plld74wincyy3c5gdfqh78pzrqibxh6r839dm0c717fajr9imwb"; + }; +in { + imports = [ (toString hcloud-modules) ]; + + # configure admin ssh keys + users.admins.palo.publicKey = + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== cardno:000611343142"; + users.admins.netsysfire.publicKey = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILYl33wPGHM5xyq4T3xxMRgaYph1+0Rak4rPpyBdBcdr"; + + users.admins.terranix.publicKey = "${lib.fileContents ./sshkey.pub}"; + + # configure provisioning private Key to be used when running provisioning on the machines + provisioner.privateKeyFile = toString ./sshkey; + + hcloud.nixserver = { + playground = { + enable = true; + serverType = "cx31"; + configurationFile = pkgs.writeText "configuration.nix" '' + { pkgs, lib, config, ... }: + { } + ''; + }; + }; + + hcloud.export.nix = null; + +} diff --git a/terranix/sysfire_server/shell.nix b/terranix/sysfire_server/shell.nix new file mode 100644 index 0000000..8b33b71 --- /dev/null +++ b/terranix/sysfire_server/shell.nix @@ -0,0 +1,46 @@ +{ pkgs ? import { } }: +let + + terranix = pkgs.callPackage (pkgs.fetchgit { + url = "https://github.com/mrVanDalo/terranix.git"; + rev = "dfbf4d1fae08da8052ff880c5d02b2eb5857d54c"; + sha256 = "1qilbvldlq7ybxa3yx99hb8vbmj0sk5x9qqxa4f1czpzj2mja0fn"; + }) { }; + + terraform = pkgs.writers.writeBashBin "terraform" '' + export TF_VAR_hcloud_api_token=`${pkgs.pass}/bin/pass development/hetzner.com/api-token` + ${pkgs.terraform_0_12}/bin/terraform "$@" + ''; + +in pkgs.mkShell { + + buildInputs = [ + + terranix + terraform + + (pkgs.writers.writeBashBin "prepare" '' + set -e + set -o pipefail + ${pkgs.openssh}/bin/ssh-keygen -P "" -f ${toString ./.}/sshkey + '') + + (pkgs.writers.writeBashBin "build" '' + set -e + set -o pipefail + ${terranix}/bin/terranix | ${pkgs.jq}/bin/jq '.' > config.tf.json + ${terraform}/bin/terraform init + ${terraform}/bin/terraform apply + '') + + (pkgs.writers.writeBashBin "cleanup" '' + ${terraform}/bin/terraform destroy + rm ${toString ./.}/config.tf.json + rm ${toString ./.}/sshkey + rm ${toString ./.}/sshkey.pub + rm ${toString ./.}/terraform.tfstate* + '') + + ]; + +}