(wip) add initial k3s role definition

flake.nix

@@ -55,12 +55,13 @@
       system = "x86_64-linux";
       modules = baseModules ++ [
         ./machines/boxy/configuration.nix
-        inputs.home-manager.nixosModules.home-manager
+        # inputs.home-manager.nixosModules.home-manager
-        {
+        # {
-          home-manager.users.johno = import ./home/home-default.nix;
+        #   home-manager.users.johno = import ./home/home-default.nix;
-          home-manager.extraSpecialArgs.customPkgs =
+        #   home-manager.extraSpecialArgs.customPkgs =
-            nixpkgs.legacyPackages."${system}".callPackage ./packages {};
+        #     nixpkgs.legacyPackages."${system}".callPackage ./packages {};
-        }
+        #     customPkgs = nixpkgs.legacyPackages."${system}".callPackage ./packages {};
+        # }
       ];
     };
   };

machines/boxy/configuration.nix

@@ -17,9 +17,8 @@ with lib;
     kodi = {
       enable = true;
       autologin = true;
-      wayland = true;
+      wayland = false;
     };
-    users.enable = true;
   };
 
   # Use the systemd-boot EFI boot loader.
@@ -30,7 +29,7 @@ with lib;
 
   hardware.graphics.enable = true;
 
-  services.displayManager.enable = mkForce false;
+  #services.displayManager.enable = mkForce false;
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

roles/audio/default.nix

@@ -10,7 +10,7 @@ in
     enable = mkEnableOption "Enable the audio role";
   };
 
-  config = mkIf cfg.enable
+  config =
     {
       environment.systemPackages = with pkgs; [
         paprefs

roles/bluetooth/default.nix

@@ -10,7 +10,7 @@ in
     enable = mkEnableOption "Enable the bluetooth role";
   };
 
-  config = mkIf cfg.enable
+  config =
     {
       hardware.bluetooth.enable = true;
       hardware.bluetooth.powerOnBoot = true;

roles/k3s/default.nix

@@ -0,0 +1,32 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.k3s;
+in
+{
+  options.roles.k3s = {
+    enable = mkEnableOption "Enable the k3s role";
+  };
+
+  config =
+    {
+      networking.firewall.allowedTCPPorts = [
+        6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
+        2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
+        2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
+      ];
+      networking.firewall.allowedUDPPorts = [
+        8472 # k3s, flannel: required if using multi-node for inter-node networking
+      ];
+      services.k3s.enable = true;
+      services.k3s.role = "server";
+      services.k3s.tokenFile = "";
+      services.k3s.serverAddr = "https://10.0.0.222:6443";
+      services.k3s.extraFlags = toString [
+        # "--debug" # Optionally add additional args to k3s
+      ];
+      services.k3s.gracefulNodeShutdown.enable = true;
+    };
+}

roles/kodi/default.nix

@@ -25,8 +25,7 @@ in
       steam-library
       youtube
     ]);
-  in mkIf cfg.enable
+  in {
-    {
     users.extraUsers.kodi.isNormalUser = true;
 
     networking.firewall = {
@@ -34,21 +33,14 @@ in
       allowedUDPPorts = [ 8080 ];
     };
 
-      services = if cfg.autologin then mkMerge [
+    services = mkIf cfg.autologin {
-        mkIf cfg.wayland {
       cage = mkIf cfg.wayland {
         user = "kodi";
         program = "${kodiPkg}/bin/kodi-standalone";
         enable = true;
       };
-          xserver = {
-            enable = false;
-            autorun = false;
-          };
-        }
 
-        mkIf (!cfg.wayland) {
+      xserver = mkIf (!cfg.wayland) {
-          xserver = {
         enable = true;
         desktopManager.kodi = {
           enable = true;
@@ -58,14 +50,14 @@ in
           enable = true;
           greeter.enable = false;
         };
+	displayManager.sddm.enable = mkForce false;
       };
-          displayManager = {
+      displayManager = mkIf (!cfg.wayland) {
         autoLogin.enable = true;
         autoLogin.user = "kodi";
         defaultSession = "kodi";
         sessionData.autologinSession = "kodi";
       };
-        }
+    };
-      ] else {};
   };
 }

roles/nfs-mounts/default.nix

@@ -16,8 +16,7 @@ in
     };
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     fileSystems."/media" = {
       device = "10.0.0.43:/media";
       fsType = "nfs";

roles/printing/default.nix

@@ -2,16 +2,12 @@
 
 with lib;
 
-let
-  cfg = config.roles.printing;
-in
 {
   options.roles.printing = {
     enable = mkEnableOption "Enable default printing setup";
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     services.printing.enable = true;
 
     services.avahi = {

roles/spotifyd/default.nix

@@ -10,8 +10,7 @@ in
     enable = mkEnableOption "Enable the spotifyd role";
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     roles.audio.enable = true;
 
     services.spotifyd = {

roles/users/default.nix

@@ -21,7 +21,7 @@ in
     kidsPackages = with pkgs; [
       firefox
     ];
-  in mkIf cfg.enable {
+  in {
     users.users.johno = {
       isNormalUser = true;
       description = "John Ogle";

roles/virtualisation/default.nix

@@ -2,16 +2,12 @@
 
 with lib;
 
-let
-  cfg = config.roles.virtualisation;
-in
 {
   options.roles.virtualisation = {
     enable = mkEnableOption "Enable virtualisation";
   };
 
-  config = mkIf cfg.enable
+  config = {
-    {
     virtualisation.libvirtd.enable = true;
     programs.virt-manager.enable = true;
   };