ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ppetru:2437d46aa9bf42784a98b4205f390bb5ba4e220d
Branches Tags
ppetru:master
..
compare: ppetru:ef22227ca8162f7e9294c05479e32dd1dd26c4ae
Branches Tags
ppetru:master

5 Commits
2437d46aa9 ... ef22227ca8

Author SHA1 Message Date
Petru Paler
ef22227ca8 Forgotten comma. 2025-10-22 17:11:23 +01:00
Petru Paler
8100aa7070 Wayland tweaks for size. 2025-10-22 17:10:00 +01:00
Petru Paler
fe2c866115 Chrome instead of chromium for desktops. 2025-10-22 16:53:54 +01:00
Petru Paler
35f68fb6e8 Cleanup syncthing reference. 2025-10-22 16:38:44 +01:00
Petru Paler
f8aee0d438 Move wordpress to NFS. 
This removes the need for the syncthing and rysnc plumbing.
 2025-10-22 15:01:01 +01:00
10 changed files with 91 additions and 154 deletions
Expand all files Collapse all files

3
common/compute-node.nix
View File

@@ -1,11 +1,10 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
# Compute node: Cluster node with Nomad, GlusterFS server, and Syncthing # Compute node: Cluster node with Nomad and GlusterFS server
# Used by: c1, c2, c3 # Used by: c1, c2, c3
imports = [ imports = [
./cluster-node.nix ./cluster-node.nix
./glusterfs.nix ./glusterfs.nix
./nomad.nix ./nomad.nix
./syncthing-data.nix
]; ];
} }

53
common/syncthing-data.nix
View File

@@ -1,53 +0,0 @@
{
# TODO: when deploying this to a new machine for the first time, first
# comment this out to get /data/sync created with the right owner and
# permissions. then, do it again with persistence enabled.
# This could list the owner user but I'm not sure if it's already created at
# the time impermanence setup runs.
# Note: chown syncthing:syncthing /data/sync && chmod 700 /data/sync also seems to work
environment.persistence."/persist".directories = [ "/data/sync" ];
services.syncthing = {
enable = true;
dataDir = "/data/sync";
openDefaultPorts = true;
#guiAddress = "0.0.0.0:8384";
overrideDevices = true;
overrideFolders = true;
settings = {
devices = {
"c1" = {
id = "XJECP3R-AZHCAYX-UIQKHIT-AHBK5UM-KM7T4OV-B7SEUCW-ZE2UFPG-7BNAIQZ";
};
"c2" = {
id = "II4XUXQ-7WCH3SB-FU655O7-NI6DYYW-GQCJS6J-K7USRC2-XLM5J5W-6ZCWPQU";
};
"c3" = {
id = "D3C3YII-A3QGUNF-LHOGZNX-GJ4ZF3X-VVLMNY5-BBKF3BO-KNHKJMD-EA5QYQJ";
};
"zippy" = {
id = "WXDYZWN-JG2OBQH-CC42RMM-LPJGTS6-Y2BV37J-TYSLHL4-VHGYL5M-URI42QJ";
};
};
folders = {
"wordpress" = {
path = "/data/sync/wordpress";
devices = [
"c1"
"c2"
"c3"
"zippy"
];
ignorePerms = false;
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
};
};
};
}

83
flake.lock generated
View File

@@ -1,5 +1,27 @@
{ {
"nodes": { "nodes": {
"browser-previews": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs-unstable"
],
"systems": "systems"
},
"locked": {
"lastModified": 1761074928,
"narHash": "sha256-hjy44ZxzQURjtPZ6WKpTDkD3aae9IaBv9pVL/n5KcD8=",
"owner": "nix-community",
"repo": "browser-previews",
"rev": "5e9b89761aeffb1a41b8a0446ead327654f446a3",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "browser-previews",
"type": "github"
}
},
"deploy-rs": { "deploy-rs": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@@ -68,13 +90,13 @@
"devshell": "devshell", "devshell": "devshell",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils_2",
"foundry-nix": "foundry-nix", "foundry-nix": "foundry-nix",
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs-unstable"
], ],
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"systems": "systems_2", "systems": "systems_3",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
@@ -164,7 +186,7 @@
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": [ "systems": [
"ethereum-nix", "browser-previews",
"systems" "systems"
] ]
}, },
@@ -184,7 +206,28 @@
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": [
"ethereum-nix",
"systems"
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,
@@ -380,7 +423,7 @@
"nixpkgs-unstable" "nixpkgs-unstable"
], ],
"nuschtosSearch": "nuschtosSearch", "nuschtosSearch": "nuschtosSearch",
"systems": "systems_4" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1759878636, "lastModified": 1759878636,
@@ -398,7 +441,7 @@
}, },
"nuschtosSearch": { "nuschtosSearch": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_3",
"ixx": "ixx", "ixx": "ixx",
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
@@ -421,6 +464,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"browser-previews": "browser-previews",
"deploy-rs": "deploy-rs", "deploy-rs": "deploy-rs",
"disko": "disko", "disko": "disko",
"ethereum-nix": "ethereum-nix", "ethereum-nix": "ethereum-nix",
@@ -455,16 +499,16 @@
}, },
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1680978846,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "x86_64-linux",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "x86_64-linux",
"type": "github" "type": "github"
} }
}, },
@@ -513,6 +557,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -536,7 +595,7 @@
}, },
"utils": { "utils": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1731533236,

11
flake.nix
View File

@@ -29,6 +29,10 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
browser-previews = {
url = "github:nix-community/browser-previews";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
}; };
outputs = outputs =
@@ -42,6 +46,7 @@
home-manager, home-manager,
impermanence, impermanence,
sops-nix, sops-nix,
browser-previews,
... ...
}@inputs: }@inputs:
let let
@@ -54,6 +59,10 @@
}; };
}; };
overlay-browser-previews = final: prev: {
browser-previews = browser-previews.packages.${prev.system};
};
mkHost = mkHost =
system: profile: modules: system: profile: modules:
let let
@@ -70,7 +79,7 @@
( (
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
nixpkgs.overlays = [ overlay-unstable ]; nixpkgs.overlays = [ overlay-unstable overlay-browser-previews ];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
} }
) )

1
home/default.nix
View File

@@ -20,6 +20,7 @@
GEMINI_API_KEY = "AIzaSyBZkifYOFNKCjROLa_GZyzQbB2EbEYIby4"; GEMINI_API_KEY = "AIzaSyBZkifYOFNKCjROLa_GZyzQbB2EbEYIby4";
LLM_GEMINI_KEY = "AIzaSyBZkifYOFNKCjROLa_GZyzQbB2EbEYIby4"; LLM_GEMINI_KEY = "AIzaSyBZkifYOFNKCjROLa_GZyzQbB2EbEYIby4";
PLAYWRIGHT_BROWSERS_PATH = "${pkgs.unstable.playwright-driver.browsers}"; PLAYWRIGHT_BROWSERS_PATH = "${pkgs.unstable.playwright-driver.browsers}";
NIXOS_OZONE_WL = "1";
}; };
shellAliases = { shellAliases = {

6
home/profiles/desktop.nix
View File

@@ -3,11 +3,15 @@ let
workstationProfile = import ./workstation.nix { inherit pkgs; }; workstationProfile = import ./workstation.nix { inherit pkgs; };
desktopPkgs = with pkgs; [ desktopPkgs = with pkgs; [
unstable.chromium browser-previews.google-chrome
foot # Wayland-native terminal emulator foot # Wayland-native terminal emulator
wofi # Application launcher for Wayland wofi # Application launcher for Wayland
]; ];
in in
{ {
packages = workstationProfile.packages ++ desktopPkgs; packages = workstationProfile.packages ++ desktopPkgs;
environment.persistence."/persist/home/ppetru".directories = [
".cache"
".config/google-chrome"
];
} }

53
home/programs/desktop.nix
View File

@@ -6,70 +6,21 @@
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
settings = { settings = {
monitor = "DP-1,preferred,auto,auto";
# Remap CapsLock to Super (Mod4) # Remap CapsLock to Super (Mod4)
"$mod" = "SUPER"; "$mod" = "SUPER";
input = { input = {
kb_options = "caps:super"; kb_options = "caps:super";
follow_mouse = 1; follow_mouse = 1;
touchpad = {
natural_scroll = false;
};
sensitivity = 0; sensitivity = 0;
}; };
general = {
gaps_in = 5;
gaps_out = 10;
border_size = 2;
"col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg";
"col.inactive_border" = "rgba(595959aa)";
layout = "dwindle";
};
decoration = {
rounding = 5;
blur = {
enabled = true;
size = 3;
passes = 1;
};
drop_shadow = true;
shadow_range = 4;
shadow_render_power = 3;
"col.shadow" = "rgba(1a1a1aee)";
};
animations = {
enabled = true;
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05";
animation = [
"windows, 1, 7, myBezier"
"windowsOut, 1, 7, default, popin 80%"
"border, 1, 10, default"
"borderangle, 1, 8, default"
"fade, 1, 7, default"
"workspaces, 1, 6, default"
];
};
dwindle = {
pseudotile = true;
preserve_split = true;
};
master = { master = {
new_status = "master"; new_status = "master";
}; };
gestures = {
workspace_swipe = false;
};
misc = {
force_default_wallpaper = 0;
};
# Key bindings # Key bindings
bind = [ bind = [
# Application launchers # Application launchers

30
services/wordpress-backup.hcl
View File

@@ -1,30 +0,0 @@
job "wordpress-backup" {
datacenters = ["alo"]
type = "batch"
periodic {
crons = ["*/5 * * * * *"]
prohibit_overlap = true
}
group "cron" {
task "rsync" {
driver = "raw_exec"
config {
command = "/bin/sh"
args = [ "local/script.sh" ]
}
template {
destination = "local/script.sh"
data = <<EOH
set -e
/run/current-system/sw/bin/rsync -a /data/sync/wordpress/ /data/compute/appdata/wordpress/ && \
echo "last_success $(date +%s)" | \
/run/current-system/sw/bin/curl --data-binary @- http://pushgateway.service.consul:9091/metrics/job/wordpress_backup
EOH
}
}
}
}

2
services/wordpress.hcl
View File

@@ -20,7 +20,7 @@ job "wordpress" {
image = "gitea.v.paler.net/ppetru/wordpress" image = "gitea.v.paler.net/ppetru/wordpress"
ports = ["http"] ports = ["http"]
volumes = [ volumes = [
"/data/sync/wordpress:/var/www/html", "/data/services/wordpress:/var/www/html",
"local/php-custom.ini:/usr/local/etc/php/conf.d/php-custom.ini", "local/php-custom.ini:/usr/local/etc/php/conf.d/php-custom.ini",
] ]
} }

3
stateful-commands.txt
View File

@@ -28,9 +28,6 @@ replacing failed / reinstalled gluster volume (c1 in this case). all commands on
* gluster peer probe 192.168.1.71 (not c1 because switching to IPs to avoid DNS/tailscale issues) * gluster peer probe 192.168.1.71 (not c1 because switching to IPs to avoid DNS/tailscale issues)
* gluster volume add-brick compute replica 3 192.168.1.71:/persist/glusterfs/compute/brick1 * gluster volume add-brick compute replica 3 192.168.1.71:/persist/glusterfs/compute/brick1
replacing failed / reinstalled host - other things:
* syncthing ID needs updating in common/syncthing-data.nix
kopia repository server setup (on a non-NixOS host at the time): kopia repository server setup (on a non-NixOS host at the time):
* kopia repository create filesystem --path /backup/persist * kopia repository create filesystem --path /backup/persist
* kopia repository connect filesystem --path=/backup/persist * kopia repository connect filesystem --path=/backup/persist