refactor into lib/lxc-container,shared for grafana

这个提交包含在:
Astro 2019-04-01 01:24:54 +02:00
父节点 f4b14c94fa
当前提交 79db592b0a
共有 5 个文件被更改,包括 47 次插入30 次删除

3
.gitmodules vendored 普通文件
查看文件

@ -0,0 +1,3 @@
[submodule "secrets"]
path = secrets
url = ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git

查看文件

@ -2,48 +2,20 @@
{
imports =
[ <nixpkgs/nixos/modules/profiles/minimal.nix>
[ ../../../lib/lxc-container.nix
../../../lib/shared.nix
];
nix.useSandbox = false;
nix.maxJobs = lib.mkDefault 2;
nix.buildCores = lib.mkDefault 16;
boot.isContainer = true;
# /sbin/init
boot.loader.initScript.enable = true;
boot.loader.grub.enable = false;
fileSystems."/" = { fsType = "rootfs"; device = "rootfs"; };
networking.hostName = "grafana";
networking.useNetworkd = true;
networking.defaultGateway = "172.22.99.4";
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
vim
];
# Create a few files early before packing tarball for Proxmox
# architecture/OS detection.
system.extraSystemBuilderCmds =
''
mkdir -m 0755 -p $out/bin
ln -s ${pkgs.bash}/bin/bash $out/bin/sh
mkdir -m 0755 -p $out/sbin
ln -s ../init $out/sbin/init
'';
# http https
networking.firewall.allowedTCPPorts = [ 80 443 ];
# collectd

30
lib/lxc-container.nix 普通文件
查看文件

@ -0,0 +1,30 @@
{ pkgs, lib, ... }:
{
imports =
[ <nixpkgs/nixos/modules/profiles/minimal.nix>
];
nix.useSandbox = false;
nix.maxJobs = lib.mkDefault 1;
nix.buildCores = lib.mkDefault 4;
boot.isContainer = true;
# /sbin/init
boot.loader.initScript.enable = true;
boot.loader.grub.enable = false;
# Create a few files early before packing tarball for Proxmox
# architecture/OS detection.
system.extraSystemBuilderCmds =
''
mkdir -m 0755 -p $out/bin
ln -s ${pkgs.bash}/bin/bash $out/bin/sh
mkdir -m 0755 -p $out/sbin
ln -s ../init $out/sbin/init
'';
fileSystems."/" = { fsType = "rootfs"; device = "rootfs"; };
# Required for remote deployment
services.openssh.enable = true;
}

11
lib/shared.nix 普通文件
查看文件

@ -0,0 +1,11 @@
{ lib, ... }:
{
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
supportedLocales = lib.mkForce [ "en_US.UTF-8/UTF-8" ];
};
}

1
secrets 子模块

@ -0,0 +1 @@
Subproject commit 16d7de68c8468e0f347092526150d72d4fd5fc93