From 47ef50388aadcdffda1b2ba531b78fcde5209e2f Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Tue, 18 Nov 2025 23:25:21 -0600 Subject: [PATCH] adding beszel agents --- flakes/beszel/flake.lock | 27 +++++++++++ flakes/beszel/flake.nix | 67 ++++++++++++++++++++++++++ hosts/h003/flake.nix | 21 +++++--- hosts/h003/monitoring_agent.nix | 32 ++++++++++++ hosts/linode/l001/monitoring_agent.nix | 31 ++++++++++++ hosts/lio/flake.lock | 37 ++++++++++++-- hosts/lio/flake.nix | 14 ++++++ hosts/oracle/o001/monitoring_agent.nix | 31 ++++++++++++ hosts/oren/monitoring_agent.nix | 31 ++++++++++++ 9 files changed, 280 insertions(+), 11 deletions(-) create mode 100644 flakes/beszel/flake.lock create mode 100644 flakes/beszel/flake.nix create mode 100644 hosts/h003/monitoring_agent.nix create mode 100644 hosts/linode/l001/monitoring_agent.nix create mode 100644 hosts/oracle/o001/monitoring_agent.nix create mode 100644 hosts/oren/monitoring_agent.nix diff --git a/flakes/beszel/flake.lock b/flakes/beszel/flake.lock new file mode 100644 index 00000000..84a78a5b --- /dev/null +++ b/flakes/beszel/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "beszel-nixpkgs": { + "locked": { + "lastModified": 1763421233, + "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "beszel-nixpkgs": "beszel-nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flakes/beszel/flake.nix b/flakes/beszel/flake.nix new file mode 100644 index 00000000..4ce563a7 --- /dev/null +++ b/flakes/beszel/flake.nix @@ -0,0 +1,67 @@ +{ + inputs = { + beszel-nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + }; + + outputs = + { + beszel-nixpkgs, + ... + }: + { + nixosModules = { + hub = { ... }: { }; + agent = + { + config, + lib, + pkgs, + ... + }: + let + declaration = "services/monitoring/beszel-agent.nix"; + nixpkgs = beszel-nixpkgs; + beszelPkgs = import nixpkgs { + system = pkgs.stdenv.hostPlatform.system; + }; + in + { + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + options.beszelAgent = { + listen = lib.mkOption { + type = lib.types.str; + description = "The listen:port address for agent"; + }; + token = lib.mkOption { + type = lib.types.str; + description = "The token for agent"; + }; + key = lib.mkOption { + type = lib.types.str; + description = "The public key for hub"; + default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; + }; + hub = lib.mkOption { + type = lib.types.str; + description = "The hub url"; + default = "http://100.64.0.13:8090"; + }; + }; + config = { + services.beszel.agent = { + package = beszelPkgs.beszel; + enable = true; + environment = { + SYSTEM_NAME = config.networking.hostName; + LISTEN = config.beszelAgent.listen; + HUB_URL = config.beszelAgent.hub; + TOKEN = config.beszelAgent.token; + KEY = config.beszelAgent.key; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/h003/flake.nix b/hosts/h003/flake.nix index 5bf81eac..8405ca9f 100644 --- a/hosts/h003/flake.nix +++ b/hosts/h003/flake.nix @@ -22,19 +22,24 @@ ... }@inputs: let - configuration_name = "h003"; - system = "x86_64-linux"; - stateVersion = "25.05"; - primaryUser = "luser"; + hostConfig = { + configurationName = "h003"; + system = "x86_64-linux"; + stateVersion = "25.05"; + primaryUser = "luser"; + + overlayIp = "100.64.0.14"; + }; lib = nixpkgs.lib; in + with hostConfig; { nixosConfigurations = { - "${configuration_name}" = ( + "${configurationName}" = ( lib.nixosSystem { inherit system; specialArgs = { - inherit inputs; + inherit inputs hostConfig; }; modules = [ home-manager.nixosModules.default @@ -84,8 +89,8 @@ # System configuration system.stateVersion = stateVersion; - networking.hostName = configuration_name; - programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${configuration_name}"; + networking.hostName = configurationName; + programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${configurationName}"; nixpkgs.config.allowUnfree = true; users.users = { "${primaryUser}" = { diff --git a/hosts/h003/monitoring_agent.nix b/hosts/h003/monitoring_agent.nix new file mode 100644 index 00000000..c1e7703c --- /dev/null +++ b/hosts/h003/monitoring_agent.nix @@ -0,0 +1,32 @@ +{ + inputs, + config, + hostConfig, + ... +}: +let + declaration = "services/monitoring/beszel-agent.nix"; + nixpkgs = inputs.beszel-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + config = { + services.beszel.agent = { + package = pkgs.beszel; + enable = true; + environment = { + SYSTEM_NAME = config.networking.hostName; + LISTEN = "${hostConfig.overlayIp}:45876"; + HUB_URL = "http://100.64.0.13:8090"; + # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. + TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; + }; + }; + }; +} diff --git a/hosts/linode/l001/monitoring_agent.nix b/hosts/linode/l001/monitoring_agent.nix new file mode 100644 index 00000000..99116f48 --- /dev/null +++ b/hosts/linode/l001/monitoring_agent.nix @@ -0,0 +1,31 @@ +{ + inputs, + config, + ... +}: +let + declaration = "services/monitoring/beszel-agent.nix"; + nixpkgs = inputs.beszel-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + config = { + services.beszel.agent = { + package = pkgs.beszel; + enable = true; + environment = { + SYSTEM_NAME = config.networking.hostName; + LISTEN = "100.64.0.13:45876"; + HUB_URL = "http://100.64.0.13:8090"; + # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. + TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; + }; + }; + }; +} diff --git a/hosts/lio/flake.lock b/hosts/lio/flake.lock index 066e86bb..e893d6ee 100644 --- a/hosts/lio/flake.lock +++ b/hosts/lio/flake.lock @@ -25,6 +25,36 @@ "type": "github" } }, + "beszel": { + "inputs": { + "beszel-nixpkgs": "beszel-nixpkgs" + }, + "locked": { + "path": "../../flakes/beszel", + "type": "path" + }, + "original": { + "path": "../../flakes/beszel", + "type": "path" + }, + "parent": [] + }, + "beszel-nixpkgs": { + "locked": { + "lastModified": 1763421233, + "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "common": { "locked": { "path": "../../flakes/common", @@ -189,11 +219,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1760524057, - "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", + "lastModified": 1763421233, + "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", + "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", "type": "github" }, "original": { @@ -1138,6 +1168,7 @@ }, "root": { "inputs": { + "beszel": "beszel", "common": "common", "flatpaks": "flatpaks", "home-manager": "home-manager", diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 3dbe69ae..afc4bfba 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -12,6 +12,8 @@ secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; # flatpaks.url = "path:../../flakes/flatpaks"; flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; + beszel.url = "path:../../flakes/beszel"; + # beszel.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/beszel"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; @@ -23,6 +25,7 @@ common, secrets, flatpaks, + beszel, ros_neovim, ... }@inputs: @@ -74,6 +77,17 @@ common.nixosModules.tty_caps_esc common.nixosModules.zsh + beszel.nixosModules.agent + ( + { ... }: + { + beszelAgent = { + listen = "100.64.0.1:45876"; + token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + }; + } + ) + ./configuration.nix ./hardware-configuration.nix (import ./containers.nix { inherit inputs; }) diff --git a/hosts/oracle/o001/monitoring_agent.nix b/hosts/oracle/o001/monitoring_agent.nix new file mode 100644 index 00000000..99116f48 --- /dev/null +++ b/hosts/oracle/o001/monitoring_agent.nix @@ -0,0 +1,31 @@ +{ + inputs, + config, + ... +}: +let + declaration = "services/monitoring/beszel-agent.nix"; + nixpkgs = inputs.beszel-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + config = { + services.beszel.agent = { + package = pkgs.beszel; + enable = true; + environment = { + SYSTEM_NAME = config.networking.hostName; + LISTEN = "100.64.0.13:45876"; + HUB_URL = "http://100.64.0.13:8090"; + # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. + TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; + }; + }; + }; +} diff --git a/hosts/oren/monitoring_agent.nix b/hosts/oren/monitoring_agent.nix new file mode 100644 index 00000000..99116f48 --- /dev/null +++ b/hosts/oren/monitoring_agent.nix @@ -0,0 +1,31 @@ +{ + inputs, + config, + ... +}: +let + declaration = "services/monitoring/beszel-agent.nix"; + nixpkgs = inputs.beszel-nixpkgs; + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; +in +{ + disabledModules = [ declaration ]; + imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; + config = { + services.beszel.agent = { + package = pkgs.beszel; + enable = true; + environment = { + SYSTEM_NAME = config.networking.hostName; + LISTEN = "100.64.0.13:45876"; + HUB_URL = "http://100.64.0.13:8090"; + # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. + TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; + }; + }; + }; +}