From 42fe5b95daa3702e3f55740a9c7d9cfc68c963a1 Mon Sep 17 00:00:00 2001 From: Jazzlyn <9011011+jazzlyn@users.noreply.github.com> Date: Tue, 28 Jan 2025 22:12:43 +0100 Subject: [PATCH 1/3] feat(nfs): configure local nfs --- infra/nixos/hosts/kube-nas/configuration.nix | 2 ++ .../hosts/kube-nas/hardware-configuration.nix | 5 +++ infra/nixos/hosts/kube-nas/nfs.nix | 19 +++++----- .../apps/backup-system/kustomization.yaml | 3 +- .../snapshot-controller/app/helm-release.yaml | 0 .../app/kustomization.yaml | 2 +- .../snapshot-controller/flux-sync.yaml | 8 +++-- .../csi-driver-nfs/app/helm-release.yaml | 35 +++++++++++++++++++ .../csi-driver-nfs/app/kustomization.yaml | 7 ++++ .../csi-driver-nfs/app/storage-class.yaml | 20 +++++++++++ .../kube-system/csi-driver-nfs/flux-sync.yaml | 25 +++++++++++++ .../apps/kube-tools/kustomization.yaml | 3 +- 12 files changed, 113 insertions(+), 16 deletions(-) rename kubernetes/kube-nas/apps/{kube-tools => backup-system}/snapshot-controller/app/helm-release.yaml (100%) rename kubernetes/kube-nas/apps/{kube-tools => backup-system}/snapshot-controller/app/kustomization.yaml (86%) rename kubernetes/kube-nas/apps/{kube-tools => backup-system}/snapshot-controller/flux-sync.yaml (75%) create mode 100644 kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/helm-release.yaml create mode 100644 kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/kustomization.yaml create mode 100644 kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/storage-class.yaml create mode 100644 kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/flux-sync.yaml diff --git a/infra/nixos/hosts/kube-nas/configuration.nix b/infra/nixos/hosts/kube-nas/configuration.nix index ab362ce2b..19aef2613 100644 --- a/infra/nixos/hosts/kube-nas/configuration.nix +++ b/infra/nixos/hosts/kube-nas/configuration.nix @@ -144,5 +144,7 @@ "d /mnt/volume1/home/alex 0770 alex users" "d /mnt/volume1/home/dominik 0770 dominik users" "d /mnt/volume1/minio 0755 568 568" # 568 is the minio user + "d /mnt/volume1/nfs-csi 0750 root users" + "d /mnt/volume1/nfs-csi/kube-nas 0770 kube users" ]; } diff --git a/infra/nixos/hosts/kube-nas/hardware-configuration.nix b/infra/nixos/hosts/kube-nas/hardware-configuration.nix index 3b74eddc0..21cc0a804 100644 --- a/infra/nixos/hosts/kube-nas/hardware-configuration.nix +++ b/infra/nixos/hosts/kube-nas/hardware-configuration.nix @@ -64,6 +64,11 @@ options = [ "bind" ]; }; + fileSystems."/export/nfs-csi" = { + device = "/mnt/volume1/nfs-csi"; + options = [ "bind" ]; + }; + swapDevices = [ ]; diff --git a/infra/nixos/hosts/kube-nas/nfs.nix b/infra/nixos/hosts/kube-nas/nfs.nix index c92de6390..96154d531 100644 --- a/infra/nixos/hosts/kube-nas/nfs.nix +++ b/infra/nixos/hosts/kube-nas/nfs.nix @@ -8,14 +8,15 @@ services.nfs.server.enable = true; services.nfs.server.exports = '' - /export/home/nils 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) - /export/home/jasmin 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) - /export/backup/nils 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) - /export/backup/jasmin 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) - /export/data/csi 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) - /export/data/downloads 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.11(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) - /export/data/fotos 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.11(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) - /export/data/syncthing 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) - /export/data/scans 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) + /export/home/nils 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) + /export/home/jasmin 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) + /export/backup/nils 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) + /export/backup/jasmin 192.168.1.20(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1000,anongid=100) 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) + /export/data/csi 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) + /export/data/downloads 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.11(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=65534,anongid=65534) + /export/data/fotos 192.168.1.10(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.11(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) 192.168.1.12(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1001,anongid=100) + /export/data/syncthing 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) + /export/data/scans 192.168.1.51(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.52(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.53(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.54(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) 192.168.1.55(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) + /export/nfs-csi/kube-nas 192.168.1.60(rw,async,no_wdelay,nohide,no_subtree_check,insecure,all_squash,insecure_locks,sec=sys,anonuid=1004,anongid=100) ''; } diff --git a/kubernetes/kube-nas/apps/backup-system/kustomization.yaml b/kubernetes/kube-nas/apps/backup-system/kustomization.yaml index edb3d79cf..be363b256 100644 --- a/kubernetes/kube-nas/apps/backup-system/kustomization.yaml +++ b/kubernetes/kube-nas/apps/backup-system/kustomization.yaml @@ -4,4 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespace.yaml - - volsync/flux-sync.yaml + - ./snapshot-controller/flux-sync.yaml + - ./volsync/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app/helm-release.yaml b/kubernetes/kube-nas/apps/backup-system/snapshot-controller/app/helm-release.yaml similarity index 100% rename from kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app/helm-release.yaml rename to kubernetes/kube-nas/apps/backup-system/snapshot-controller/app/helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app/kustomization.yaml b/kubernetes/kube-nas/apps/backup-system/snapshot-controller/app/kustomization.yaml similarity index 86% rename from kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app/kustomization.yaml rename to kubernetes/kube-nas/apps/backup-system/snapshot-controller/app/kustomization.yaml index c727ac99b..51567a423 100644 --- a/kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/backup-system/snapshot-controller/app/kustomization.yaml @@ -3,4 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./helm-release.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-tools/snapshot-controller/flux-sync.yaml b/kubernetes/kube-nas/apps/backup-system/snapshot-controller/flux-sync.yaml similarity index 75% rename from kubernetes/kube-nas/apps/kube-tools/snapshot-controller/flux-sync.yaml rename to kubernetes/kube-nas/apps/backup-system/snapshot-controller/flux-sync.yaml index a9ce70806..a7da47664 100644 --- a/kubernetes/kube-nas/apps/kube-tools/snapshot-controller/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/backup-system/snapshot-controller/flux-sync.yaml @@ -8,14 +8,16 @@ metadata: labels: substitution.flux.home.arpa/enabled: "true" spec: + targetNamespace: backup-system commonMetadata: labels: app.kubernetes.io/name: *appname - targetNamespace: kube-tools - interval: 10m - path: ./kubernetes/kube-nas/apps/kube-tools/snapshot-controller/app + path: ./kubernetes/kube-nas/apps/backup-system/snapshot-controller/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/helm-release.yaml b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/helm-release.yaml new file mode 100644 index 000000000..222a75ec4 --- /dev/null +++ b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/helm-release.yaml @@ -0,0 +1,35 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: csi-driver-nfs +spec: + interval: 30m + chart: + spec: + chart: csi-driver-nfs + version: v4.10.0 + sourceRef: + kind: HelmRepository + name: csi-driver-nfs-charts + namespace: flux-system + maxHistory: 3 + install: + createNamespace: true + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + values: + # https://artifacthub.io/packages/helm/csi-driver-nfs/csi-driver-nfs?modal=values + externalSnapshotter: + enabled: false + volumeSnapshotClass: + create: true + name: nfs-snapshot + deletionPolicy: Delete diff --git a/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/kustomization.yaml new file mode 100644 index 000000000..a10689db9 --- /dev/null +++ b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml + - storage-class.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/storage-class.yaml b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/storage-class.yaml new file mode 100644 index 000000000..d78a99d5b --- /dev/null +++ b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app/storage-class.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: nfs-local +provisioner: nfs.csi.k8s.io +parameters: + server: 192.168.1.60 + share: /export/nfs-csi/kube-nas +reclaimPolicy: Delete +volumeBindingMode: WaitForFirstConsumer +allowVolumeExpansion: true +mountOptions: + - nfsvers=4.1 + - nconnect=8 + - hard + - noatime + - tcp + - timeo=600 + - retrans=2 diff --git a/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/flux-sync.yaml new file mode 100644 index 000000000..a706a5716 --- /dev/null +++ b/kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/flux-sync.yaml @@ -0,0 +1,25 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &appname csi-driver-nfs + namespace: flux-system + labels: + substitution.flux.home.arpa/enabled: "true" +spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname + path: ./kubernetes/kube-nas/apps/kube-system/csi-driver-nfs/app + prune: true + sourceRef: + kind: GitRepository + name: home-ops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: snapshot-controller diff --git a/kubernetes/kube-nas/apps/kube-tools/kustomization.yaml b/kubernetes/kube-nas/apps/kube-tools/kustomization.yaml index f8593c0e9..07eb6f944 100644 --- a/kubernetes/kube-nas/apps/kube-tools/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-tools/kustomization.yaml @@ -3,6 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./reloader/flux-sync.yaml - - ./snapshot-controller/flux-sync.yaml From bcafcf94286647328fc8cb2f7ec727cba8550d45 Mon Sep 17 00:00:00 2001 From: Jazzlyn <9011011+jazzlyn@users.noreply.github.com> Date: Tue, 28 Jan 2025 22:32:58 +0100 Subject: [PATCH 2/3] feat(nix): do not load home manager on kube-nas --- infra/nixos/flake.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/infra/nixos/flake.nix b/infra/nixos/flake.nix index e65c1fe7a..80bc38e17 100644 --- a/infra/nixos/flake.nix +++ b/infra/nixos/flake.nix @@ -2,13 +2,13 @@ description = "A simple NixOS flake"; inputs = { - # NixOS official package source, using the nixos-24.05 branch here + # NixOS official package source, using the nixos-24.11 branch here nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; # NixOS official package source, using the unstable branch here unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; # home-manager, used for managing user configuration home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/release-24.11"; # The `follows` keyword in inputs is used for inheritance. # Here, `inputs.nixpkgs` of home-manager is kept consistent with # the `inputs.nixpkgs` of the current flake, @@ -54,7 +54,8 @@ { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - home-manager.users.nils = import ./home-manager/home.nix; + # home-manager.users.nils = import ./home-manager/home.nix; + home-manager.users.nils = lib.mkIf (config.networking.hostName != "kube-nas") (import ./home-manager/home.nix); # pass flake inputs to home-manager home-manager.extraSpecialArgs = { inherit inputs; }; } From ffb5eb3dfa968e6ea3c76d22436f0011723d6d48 Mon Sep 17 00:00:00 2001 From: Jazzlyn <9011011+jazzlyn@users.noreply.github.com> Date: Tue, 28 Jan 2025 22:43:56 +0100 Subject: [PATCH 3/3] fix(nix): conditional import does not work --- infra/nixos/flake.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/infra/nixos/flake.nix b/infra/nixos/flake.nix index 80bc38e17..0dc60e878 100644 --- a/infra/nixos/flake.nix +++ b/infra/nixos/flake.nix @@ -54,8 +54,7 @@ { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - # home-manager.users.nils = import ./home-manager/home.nix; - home-manager.users.nils = lib.mkIf (config.networking.hostName != "kube-nas") (import ./home-manager/home.nix); + home-manager.users.nils = import ./home-manager/home.nix; # pass flake inputs to home-manager home-manager.extraSpecialArgs = { inherit inputs; }; }