Last active
May 31, 2021 15:51
-
-
Save paurosello/d168999bc0429cc9a7c968abc9d55be9 to your computer and use it in GitHub Desktop.
GS Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function unlock | |
set -gx BW_SESSION (bw unlock --raw) | |
set -gx OPSCTL_OPSGENIE_TOKEN (bw get item 48c3c891-b9cb-46a0-bac3-944b64c794d1 | jq -r .notes) | |
set -gx OPSCTL_GITHUB_TOKEN (bw get item 67448f11-ad1e-4099-8eaf-6ddbcce15c82 | jq -r .notes) | |
set -gx OPSCTL_GPG_PASSWORD (bw get item e16fbbaf-1913-49b3-b16d-a9352a81a979 | jq -r .notes) | |
end | |
function vpn_gridscale | |
sudo openvpn ~/gridscale.ovpn | |
end | |
function vpn_vultr | |
sudo openvpn ~/vultr.ovpn | |
end | |
function nix_clean | |
nix-env -p /nix/var/nix/profiles/system --delete-generations old | |
nix-collect-garbage -d | |
nix-env -p /nix/var/nix/profiles/system --list-generations | |
end | |
function kill_k9s | |
kill (ps aux | grep 'k9s' | grep -v grep | awk '{print $1}') | |
end | |
function upgrade_specific_release --description "upgrade_specific_release <installation> <cluster_id> <version>" | |
gsctl select endpoint $argv[1] | |
set VERSION $argv[3] | |
set CLUSTER $argv[2] | |
echo "Upgrading cluster $CLUSTER to $VERSION" | |
read -l -P 'Do you want to continue? [y/N] ' confirm | |
switch $confirm | |
case Y y | |
set TOKEN (gsctl info -v | grep Auth | awk '{print $3}') | |
set API (gsctl info -v | grep 'API endpoint:' | awk '{print $3}') | |
curl "$API/v5/clusters/$CLUSTER/" -H "Authorization: Bearer $TOKEN" -X PATCH -d "{ \"release_version\": \"$VERSION\" }" | jq . | |
case '' N n | |
return 1 | |
end | |
end | |
function upgrade_specific_release_v4 --description "upgrade_specific_release <installation> <cluster_id> <version>" | |
gsctl select endpoint $argv[1] | |
set VERSION $argv[3] | |
set CLUSTER $argv[2] | |
echo "Upgrading cluster $CLUSTER to $VERSION" | |
read -l -P 'Do you want to continue? [y/N] ' confirm | |
switch $confirm | |
case Y y | |
set TOKEN (gsctl info -v | grep Auth | awk '{print $3}') | |
set API (gsctl info -v | grep 'API endpoint:' | awk '{print $3}') | |
curl "$API/v4/clusters/$CLUSTER/" -H "Authorization: Bearer $TOKEN" -X PATCH -d "{ \"release_version\": \"$VERSION\" }" | jq . | |
case '' N n | |
return 1 | |
end | |
end | |
set -gx PATH $PATH:/home/pau/go/bin | |
set -gx EDITOR 'code --wait' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Edit this configuration file to define what should be installed on | |
# your system. Help is available in the configuration.nix(5) man page | |
# and in the NixOS manual (accessible by running ‘nixos-help’). | |
{ config, pkgs, ... }: | |
let | |
unstableTarball = | |
fetchTarball | |
https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz; | |
in | |
{ | |
imports = | |
[ # Include the results of the hardware scan. | |
<nixos-hardware/dell/xps/13-9380> | |
./hardware-configuration.nix | |
]; | |
nixpkgs.config = { | |
packageOverrides = pkgs: { | |
unstable = import unstableTarball { | |
config = config.nixpkgs.config; | |
}; | |
}; | |
}; | |
# Use the systemd-boot EFI boot loader. | |
boot.loader.systemd-boot.enable = true; | |
boot.loader.efi.canTouchEfiVariables = true; | |
boot.kernelPackages = pkgs.linuxPackages_latest; | |
boot.kernelModules = [ "kvm-intel" ]; | |
boot.kernelParams = [ | |
"pcie.aspm=force" | |
"i915.enable_fbc=1" | |
"i915.enable_rc6=7" | |
"i915.lvds_downclock=1" | |
"i915.enable_guc_loading=1" | |
"i915.enable_guc_submission=1" | |
]; | |
powerManagement.enable = true; | |
powerManagement.powertop.enable = true; | |
powerManagement.cpuFreqGovernor = "ondemand"; | |
powerManagement.powerUpCommands = '' | |
echo XHC > /proc/acpi/wakeup | |
''; | |
# The global useDHCP flag is deprecated, therefore explicitly set to false here. | |
# Per-interface useDHCP will be mandatory in the future, so this generated config | |
# replicates the default behaviour. | |
networking.useDHCP = false; | |
networking.interfaces.wlp2s0.useDHCP = true; | |
networking.networkmanager.enable = true; | |
networking.hostName = "gsl"; | |
networking.extraHosts = | |
'' | |
10.243.136.83 xxxxxx | |
''; | |
#OpenVPN GS | |
networking.resolvconf.enable = true; | |
environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn"; | |
#ZeroTier | |
services.zerotierone.enable = true; | |
services.zerotierone.joinNetworks = [ "" ]; # ZT NETWORK ID | |
security.pki.certificates = [ | |
]; | |
# Set your time zone. | |
time.timeZone = "Europe/Madrid"; | |
# List packages installed in system profile. To search, run: | |
# $ nix search wget | |
environment.systemPackages = with pkgs; [ | |
acpi | |
python38Full | |
python38Packages.pip | |
python38Packages.setuptools | |
python38Packages.virtualenv | |
python38Packages.pillow | |
chromium | |
brave | |
ark | |
curl | |
fzf | |
ffmpeg | |
htop | |
spotify | |
slack | |
unzip | |
wget | |
vim | |
zip | |
vscode | |
go | |
dep | |
git | |
bitwarden-cli | |
screen | |
busybox | |
bind | |
flameshot | |
tmux | |
gnumake | |
gparted | |
qtkeychain | |
docker-compose | |
kubectl | |
unstable.kubie | |
kubetail | |
kubernetes-helm | |
unstable.k9s | |
kind | |
jq | |
terraform | |
xsel | |
graphviz | |
mupdf | |
latte-dock | |
ngrok | |
openvpn | |
unrar | |
steam | |
gimp | |
]; | |
nixpkgs.config = { | |
allowUnfree = true; | |
chromium = {}; | |
}; | |
programs.fish.enable = true; | |
programs.ssh.startAgent = true; | |
virtualisation.docker = { | |
enable = true; | |
enableOnBoot = false; | |
autoPrune.enable = true; | |
}; | |
# List services that you want to enable: | |
services.openssh.enable = true; | |
services.upower.enable = true; | |
services.tlp.enable = true; | |
services.dbus.enable = true; | |
services.acpid.enable = true; | |
services.keybase.enable = true; | |
services.trezord.enable = true; | |
sound.enable = true; | |
hardware.pulseaudio.enable = true; | |
hardware.pulseaudio.extraConfig = "load-module module-switch-on-connect"; | |
hardware.bluetooth.enable = true; | |
hardware.opengl.extraPackages = with pkgs; [ vaapiIntel ]; | |
hardware.video.hidpi.enable = true; | |
hardware.opengl.driSupport32Bit = true; | |
# Enable the X11 windowing system. | |
services.xserver = { | |
enable = true; | |
desktopManager.plasma5.enable = true; | |
layout = "us"; | |
xkbOptions = "eurosign:e"; | |
resolutions = [ { x = 2560; y = 1440; } { x = 3840; y = 2160; } { x = 1280; y = 1024; } ]; | |
}; | |
fonts.fontconfig.dpi = 210; | |
console = { | |
font = "ter-i32b"; | |
packages = with pkgs; [ terminus_font ]; | |
earlySetup = true; | |
}; | |
# Enable touchpad support. | |
services.xserver.libinput.enable = true; | |
users.users.pau = { | |
isNormalUser = true; | |
extraGroups = [ "wheel" "docker" ]; # Enable ‘sudo’ for the user. | |
shell = pkgs.fish; | |
}; | |
# This value determines the NixOS release from which the default | |
# settings for stateful data, like file locations and database versions | |
# on your system were taken. It‘s perfectly fine and recommended to leave | |
# this value at the release version of the first install of this system. | |
# Before changing this value read the documentation for this option | |
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). | |
system.stateVersion = "20.09"; # Did you read the comment? | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bw get item 4e1c92b4-0e17-4c10-9ef7-d1d927d4bc68 | jq -r .notes > ~/.ssh/id_paugs | |
bw get item d98743be-47b4-431f-a095-3672897dd277 | jq -r .notes > ~/.ssh/id_pau | |
#Download go packages though ssh | |
git config --global url."git@github.com:".insteadOf "https://github.com/" | |
scp -P 2222 -i ~/.ssh/id_paugs vpn.giantswarm.io:/home/pau/pau.ovpn ./gridscale.vpn | |
scp -P 2222 -i ~/.ssh/id_paugs vpn2.giantswarm.io:/home/pau/pau.ovpn ./vultr.vpn | |
# Modify VPN Profiles | |
Get Path : `nix-instantiate --eval '<nixpkgs>' -A pkgs.update-resolv-conf.outPath` | |
up <path>/libexec/openvpn/update-resolv-conf | |
down <path>/libexec/openvpn/update-resolv-conf | |
go get github.com/giantswarm/opsctl | |
go get github.com/giantswarm/gsctl | |
go get github.com/giantswarm/aws-operator |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /home/pau/.ssh/config | |
host github.com | |
HostName github.com | |
IdentityFile ~/.ssh/id_paugs |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment