mirrors/mdlayher-homelab
1
0
Fork 0
mirror of https://github.com/mdlayher/homelab.git synced 2024-12-14 11:47:32 +00:00
Code Activity

nixos/servnerr-4: set up libvirtd and br0

Browse source
This commit is contained in:
Matt Layher 2023-09-15 20:03:32 -04:00
parent d0cb631921
commit f8852486ad
4 changed files with 19 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/servnerr-4/configuration.nix
View file

@ -108,8 +108,6 @@ in {
}; };
}; };
virtualisation.libvirtd.enable = true;
# root SSH key for remote builds. # root SSH key for remote builds.
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3+HUx05h15g95ID/lWbU5uvF6TLr2XESmthQjU7qvR NixOS distributed build" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3+HUx05h15g95ID/lWbU5uvF6TLr2XESmthQjU7qvR NixOS distributed build"

22
nixos/servnerr-4/containers.nix
View file

@ -1,7 +1,7 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
# These services are proprietary and run containerized for confinement from # These services are proprietary and run in systemd containers for confinement from
# the rest of the system and on unstable for faster update cycles. # the rest of the system and on unstable for faster update cycles.
containers = { containers = {
plex = { plex = {
@ -32,21 +32,9 @@
}; };
}; };
virtualisation.oci-containers = { # libvirtd hypervisor.
backend = "podman"; virtualisation.libvirtd = {
containers = { enable = true;
home-assistant = { onBoot = "start";
image = "ghcr.io/home-assistant/home-assistant:stable";
extraOptions = [
# Expose on the host.
"--network=host"
# Pass in Home Assistant SkyConnect device.
"--device=/dev/serial/by-id/usb-Nabu_Casa_SkyConnect_v1.0_4c34810ea196ed11a365c698a7669f5d-if00-port0"
];
ports = [ "8123:8123" ];
volumes =
[ "/etc/localtime:/etc/localtime:ro" "/var/lib/hass:/config" ];
};
};
}; };
} }

18
nixos/servnerr-4/networking.nix
View file

@ -44,17 +44,25 @@ in {
ipv6AcceptRAConfig.UseDomains = true; ipv6AcceptRAConfig.UseDomains = true;
}; };
# 10GbE management LAN. # 10GbE management LAN with bridge.
netdevs."11-br0".netdevConfig = {
Name = "br0";
Kind = "bridge";
};
networks."11-br0" = {
matchConfig.Name = "br0";
networkConfig.DHCP = "ipv4";
dhcpV4Config.ClientIdentifier = "mac";
};
# 10GbE NIC tied to bridge.
links."11-mgmt1" = { links."11-mgmt1" = {
matchConfig.MACAddress = "8c:dc:d4:ac:96:24"; matchConfig.MACAddress = "8c:dc:d4:ac:96:24";
linkConfig.Name = "mgmt1"; linkConfig.Name = "mgmt1";
}; };
networks."11-mgmt1" = { networks."11-mgmt1" = {
matchConfig.Name = "mgmt1"; matchConfig.Name = "mgmt1";
networkConfig.DHCP = "ipv4"; bridge = ["br0"];
dhcpV4Config.ClientIdentifier = "mac";
# Only accept DNS search on this interface.
ipv6AcceptRAConfig.UseDomains = true;
}; };
}; };
} }

3
nixos/servnerr-4/prometheus.nix
View file

@ -122,7 +122,6 @@ in {
]) ])
(staticScrape "obs" [ "nerr-4:9407" ]) (staticScrape "obs" [ "nerr-4:9407" ])
(staticScrape "windows" [ "theatnerr-2:9182" ]) (staticScrape "windows" [ "theatnerr-2:9182" ])
(staticScrape "wireguard" [ "routnerr-3:9586" ])
(staticScrape "zrepl" [ "servnerr-4:9811" ]) (staticScrape "zrepl" [ "servnerr-4:9811" ])
# Home Assistant requires a more custom configuration. # Home Assistant requires a more custom configuration.
@ -130,7 +129,7 @@ in {
job_name = "homeassistant"; job_name = "homeassistant";
metrics_path = "/api/prometheus"; metrics_path = "/api/prometheus";
bearer_token = "${secrets.prometheus.homeassistant_token}"; bearer_token = "${secrets.prometheus.homeassistant_token}";
static_configs = [{ targets = [ "servnerr-4:8123" ]; }]; static_configs = [{ targets = [ "hass:8123" ]; }];
} }
# Blackbox exporter and associated targets. # Blackbox exporter and associated targets.