Skip to content

SON-IX-NET/infra

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SON-IX Infrastructure

Our servers are managed using the NixOS deployment tool Colmena. Secrets are encrypted using SOPS and age keys derived from SSH keys.

Repo structure

.
├── flake.lock
├── flake.nix
├── hive.nix     # contains the definition of all our machines
├── hosts        # contains our host-specific configuration (hostname, network, etc.)
├── profiles     # contains our profiles that we apply on hosts
├── packages     # contains our packages/overrides for existing ones

Preparations

Currently you need to enable the experimental features "nix-command" and "flakes" in your nix daemon.

Then you can start a developer-shell using nix develop or use direnv to automatically drop into a developer shell when entering the repository by running echo "use flake" > .envrc && direnv allow

Build/Deployment

Some Examples:

  • Build all hosts: colmena build
  • Build & deploy a specific host: colmena apply --on hostname

Profiles

Common

Applied to all servers, configures basic settings like SSH auth, users, etc.

IXP-Manager

Configures IXP-Manager, a web frontend that allows peers to manage their peering port.

About

Nix definitions of our infrastructure

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages