Skip to content

SON-IX-NET/infra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
hosts
hosts
 
 
modules
modules
 
 
packages
packages
 
 
profiles
profiles
 
 
.envrc
.envrc
 
 
.gitignore
.gitignore
 
 
.sops.yaml
.sops.yaml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
hive.nix
hive.nix
 
 

Repository files navigation

SON-IX Infrastructure

Our servers are managed using the NixOS deployment tool Colmena. Secrets are encrypted using SOPS and age keys derived from SSH keys.

Repo structure

.
├── flake.lock
├── flake.nix
├── hive.nix     # contains the definition of all our machines
├── hosts        # contains our host-specific configuration (hostname, network, etc.)
├── profiles     # contains our profiles that we apply on hosts
├── packages     # contains our packages/overrides for existing ones

Preparations

Currently you need to enable the experimental features "nix-command" and "flakes" in your nix daemon.

Then you can start a developer-shell using nix develop or use direnv to automatically drop into a developer shell when entering the repository by running echo "use flake" > .envrc && direnv allow

Build/Deployment

Some Examples:

  • Build all hosts: colmena build
  • Build & deploy a specific host: colmena apply --on hostname

Profiles

Common

Applied to all servers, configures basic settings like SSH auth, users, etc.

IXP-Manager

Configures IXP-Manager, a web frontend that allows peers to manage their peering port.

About

Nix definitions of our infrastructure

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages