blueberry: tailscale

2023-12-21 21:41:40 -05:00 · 2023-12-21 21:41:40 -05:00 · 882ec71640
commit 882ec71640
parent 1e32f79bbf
3 changed files with 9 additions and 42 deletions
--- a/8
+++ b/8
@ -53,12 +53,20 @@ update:
 gc generations="5d":
  sudo nix-env --delete-generations {{generations}}
  sudo nix-store --gc
+  sudo nix-collect-garbage -d
+  nix-collect-garbage

 # Add a machine's age key for SOPS
 sops-add machine_name target:
  bun tools/onboard-machine.js {{machine_name}} {{target}}
  sops updatekeys -y secrets/default.yaml

+# Generate a SOPS keys file
 sops-generate-keys:
  sudo cat /etc/ssh/ssh_host_ed25519_key | ssh-to-age --private-key > .sops.keys
  cat ~/.ssh/id_ed25519 | ssh-to-age --private-key >> .sops.keys
+
+deploy target_host target_override="":
+  TARGET=
+  if [ "{{target_override}}" == "" ]; then TARGET=$(cat nixos/hosts/{{target_host}}/.target); else TARGET="{{target_override}}"; fi
+  @echo "TARGET=$TARGET"
--- a/nixos/hosts/blueberry/default.nix
+++ b/nixos/hosts/blueberry/default.nix
@ -5,51 +5,10 @@
    ../../server.nix
    ../../features/systemd-boot.nix
    ../../features/podman.nix
+    ../../tailscale.nix
  ];

  networking.hostName = "blueberry";
  system.stateVersion = "23.05";
  services.qemuGuest.enable = true;
-
-  sops.secrets."saerro/database/url" = {
-    sopsFile = ../../../secrets/blueberry/default.yaml;
-  };
-
-  sops.secrets."saerro/database/password" = {
-    sopsFile = ../../../secrets/blueberry/default.yaml;
-  };
-
-  sops.secrets."saerro/ws_addr" = {
-    sopsFile = ../../../secrets/blueberry/default.yaml;
-  };
-
-  pods.enable = true;
-  pods.pods.saerro = {
-    routes = let 
-      route = { port = "8003"; }; 
-    in {
-      "saerro.ps2.live" = route;
-      "saerro-new.ps2.live" = route;
-    };
-    
-    exportPorts = [
-      "0.0.0.0:8003:8003"
-    ];
-
-    containers = {
-      api = {
-        image = "ghcr.io/genudine/saerro/api:latest";
-        environment = {
-          PORT = "8003";
-          WEBSOCKET_HEALTHCHECK = "http://127.0.0.1:8004/healthz";
-        };
-        secrets = {
-          DATABASE_ADDR = config.sops.secrets."saerro/database/url".path;
-        };
-        ports = [
-          "8003:8003";
-        ];
-      };
-    };
-  };
 }
--- a/tools/deploy.ssh
+++ b/tools/deploy.ssh