From 097d676291373b9ad0819edf348c8bf0c5ce22c0 Mon Sep 17 00:00:00 2001 From: "sascha.koenig" Date: Thu, 30 Apr 2026 21:42:13 +0200 Subject: [PATCH] feat: azion-scheduler --- flake.lock | 154 ++++++++++---------- flake.nix | 5 + home/features/cli/default.nix | 1 - hosts/AZ-PRM-1/secrets.nix | 3 + hosts/AZ-PRM-1/services/azion-scheduler.nix | 35 +++++ hosts/AZ-PRM-1/services/default.nix | 2 +- lib/ports.nix | 2 + secrets.nix | 1 + secrets/azion-env.age | 18 +++ 9 files changed, 142 insertions(+), 79 deletions(-) create mode 100644 hosts/AZ-PRM-1/services/azion-scheduler.nix create mode 100644 secrets/azion-env.age diff --git a/flake.lock b/flake.lock index 666f78c..170c8ef 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ ] }, "locked": { - "lastModified": 1774977190, - "narHash": "sha256-C4FJ0UhbHQngXqPZNPrNShb0tFXYXFdYdXSg1WezKes=", + "lastModified": 1777399938, + "narHash": "sha256-xXPqUQezDdDtF8MbpZnwD1HkybOYwF92evx8rJ6OXCU=", "ref": "refs/heads/master", - "rev": "a05558b8112574fc4e8e82094ce1420ee02c0770", - "revCount": 67, + "rev": "9a91f1ee0cf011a7eaf1f16a9e17610b0457e055", + "revCount": 85, "type": "git", "url": "https://code.m3ta.dev/m3tam3re/AGENTS" }, @@ -42,6 +42,22 @@ } }, "agents_2": { + "flake": false, + "locked": { + "lastModified": 1777399938, + "narHash": "sha256-xXPqUQezDdDtF8MbpZnwD1HkybOYwF92evx8rJ6OXCU=", + "ref": "refs/heads/master", + "rev": "9a91f1ee0cf011a7eaf1f16a9e17610b0457e055", + "revCount": 85, + "type": "git", + "url": "https://code.m3ta.dev/m3tam3re/AGENTS" + }, + "original": { + "type": "git", + "url": "https://code.m3ta.dev/m3tam3re/AGENTS" + } + }, + "agents_3": { "flake": false, "locked": { "lastModified": 1771353084, @@ -57,6 +73,26 @@ "url": "https://code.m3ta.dev/m3tam3re/AGENTS" } }, + "azion-scheduler": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1777529010, + "narHash": "sha256-1Ig0lcwYTxAgskM6RM/R6jkx6Q5W5jAkEL+0DomaHhk=", + "ref": "refs/heads/main", + "rev": "dee96ee1cc75a16a04803a735dc23ca3f0f300fb", + "revCount": 4, + "type": "git", + "url": "https://git.az-gruppe.com/AZ-Intec-GmbH/AZion" + }, + "original": { + "type": "git", + "url": "https://git.az-gruppe.com/AZ-Intec-GmbH/AZion" + } + }, "base16-schemes": { "flake": false, "locked": { @@ -107,11 +143,11 @@ ] }, "locked": { - "lastModified": 1771437256, - "narHash": "sha256-bLqwib+rtyBRRVBWhMuBXPCL/OThfokA+j6+uH7jDGU=", + "lastModified": 1776249299, + "narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=", "owner": "numtide", "repo": "blueprint", - "rev": "06ee7190dc2620ea98af9eb225aa9627b68b0e33", + "rev": "56131e8628f173d24a27f6d27c0215eff57e40dd", "type": "github" }, "original": { @@ -151,7 +187,6 @@ "llm-agents", "flake-parts" ], - "import-tree": "import-tree", "nixpkgs": [ "llm-agents", "nixpkgs" @@ -166,15 +201,16 @@ ] }, "locked": { - "lastModified": 1770895533, - "narHash": "sha256-v3QaK9ugy9bN9RXDnjw0i2OifKmz2NnKM82agtqm/UY=", + "lastModified": 1777369708, + "narHash": "sha256-1xW7cRZNsFNPQD+cE0fwnLVStnDth0HSoASEIFeT7uI=", "owner": "nix-community", "repo": "bun2nix", - "rev": "c843f477b15f51151f8c6bcc886954699440a6e1", + "rev": "e659e1cc4b8e1b21d0aa85f1c481f9db61ecfa98", "type": "github" }, "original": { "owner": "nix-community", + "ref": "staging-2.1.0", "repo": "bun2nix", "type": "github" } @@ -185,7 +221,7 @@ "nix-ai-tools", "flake-parts" ], - "import-tree": "import-tree_2", + "import-tree": "import-tree", "nixpkgs": [ "nix-ai-tools", "nixpkgs" @@ -321,11 +357,11 @@ ] }, "locked": { - "lastModified": 1772408722, - "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", + "lastModified": 1775087534, + "narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", + "rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b", "type": "github" }, "original": { @@ -493,21 +529,6 @@ "type": "github" } }, - "import-tree_2": { - "locked": { - "lastModified": 1763762820, - "narHash": "sha256-ZvYKbFib3AEwiNMLsejb/CWs/OL/srFQ8AogkebEPF0=", - "owner": "vic", - "repo": "import-tree", - "rev": "3c23749d8013ec6daa1d7255057590e9ca726646", - "type": "github" - }, - "original": { - "owner": "vic", - "repo": "import-tree", - "type": "github" - } - }, "llm-agents": { "inputs": { "blueprint": "blueprint", @@ -518,11 +539,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1774928491, - "narHash": "sha256-blqxzOmDdR35BjHeA8V6NeoQot4mysWy8N8ZMiHyEsk=", + "lastModified": 1777527214, + "narHash": "sha256-xoe/d6DI99r3MWlbS1+3A82NnD6uMpdgEQNqn7cp7Y0=", "owner": "numtide", "repo": "llm-agents.nix", - "rev": "fb1dfb5960aa4b8a91995f8f99ec2452e5052dbe", + "rev": "de2a3af876b071dfc43afa14976edfc89fd585b4", "type": "github" }, "original": { @@ -533,18 +554,18 @@ }, "m3ta-nixpkgs": { "inputs": { + "agents": "agents_2", "basecamp": "basecamp", "nixpkgs": "nixpkgs_4", "nixpkgs-master": "nixpkgs-master", - "opencode": "opencode", "openspec": "openspec" }, "locked": { - "lastModified": 1775213085, - "narHash": "sha256-PwE/PkgxsX8mq5j+dGUKVlHmzX9AU/ZaitAnvkzkPMA=", + "lastModified": 1777557677, + "narHash": "sha256-+5a8DtKMXIwh36oO/M8M33y7KejZFqbqArKjVPi/1jk=", "ref": "refs/heads/master", - "rev": "53220ae007f21fca6247bb707fceb27ac8f665ff", - "revCount": 210, + "rev": "14d906ef9355b1910c709671c7449f40badb10f2", + "revCount": 269, "type": "git", "url": "https://code.m3ta.dev/m3tam3re/nixpkgs" }, @@ -557,7 +578,7 @@ "inputs": { "nixpkgs": "nixpkgs_7", "nixpkgs-master": "nixpkgs-master_2", - "opencode": "opencode_2" + "opencode": "opencode" }, "locked": { "lastModified": 1771355771, @@ -737,11 +758,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1775044794, - "narHash": "sha256-WHIZHvguLKWOcmAXdpOjrrSb528+bJU2geyAWPa1Yzc=", + "lastModified": 1777557494, + "narHash": "sha256-sOKGyYzLyhAWgjBYJRAx4Zjhl1hbhh0cyCn0n0ZNExE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1de4a8e478f9f7cf3143967e8de444be35114c39", + "rev": "26613c0bd28d8b5976afe6e7d678b76136ab4fb0", "type": "github" }, "original": { @@ -801,11 +822,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1774610258, - "narHash": "sha256-HaThtroVD9wRdx7KQk0B75JmFcXlMUoEdDFNOMOlsOs=", + "lastModified": 1776949667, + "narHash": "sha256-GMSVw35Q+294GlrTUKlx087E31z7KurReQ1YHSKp5iw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "832efc09b4caf6b4569fbf9dc01bec3082a00611", + "rev": "01fbdeef22b76df85ea168fbfe1bfd9e63681b30", "type": "github" }, "original": { @@ -817,11 +838,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1774709303, - "narHash": "sha256-D3Q07BbIA2KnTcSXIqqu9P586uWxN74zNoCH3h2ESHg=", + "lastModified": 1777268161, + "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8110df5ad7abf5d4c0f6fb0f8f978390e77f9685", + "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76", "type": "github" }, "original": { @@ -917,28 +938,6 @@ } }, "opencode": { - "inputs": { - "nixpkgs": [ - "m3ta-nixpkgs", - "nixpkgs-master" - ] - }, - "locked": { - "lastModified": 1774807340, - "narHash": "sha256-OV76SWqiBguUupfbkJMBVrslJoTqSh4epNjEp/HE/cY=", - "owner": "anomalyco", - "repo": "opencode", - "rev": "e7f94f9b9a3bd8742330e4a7ba8573ac21042c01", - "type": "github" - }, - "original": { - "owner": "anomalyco", - "ref": "v1.3.6", - "repo": "opencode", - "type": "github" - } - }, - "opencode_2": { "inputs": { "nixpkgs": [ "zugferd-service", @@ -969,11 +968,11 @@ ] }, "locked": { - "lastModified": 1772182342, - "narHash": "sha256-9Q0iUyZGcDPLdgvnrBN3GumV8g9akV8TFb8bFkD1yYs=", + "lastModified": 1777556999, + "narHash": "sha256-HfFlRwR8IMjudRttN4T8L3DJKnNlpWfeNzQPly/HaRY=", "owner": "Fission-AI", "repo": "OpenSpec", - "rev": "afdca0d5dab1aa109cfd8848b2512333ccad60c3", + "rev": "347f0277e3be3549cd85cdea364fbd7710f1922b", "type": "github" }, "original": { @@ -986,6 +985,7 @@ "inputs": { "agenix": "agenix", "agents": "agents", + "azion-scheduler": "azion-scheduler", "deploy-rs": "deploy-rs", "disko": "disko", "home-manager": "home-manager_2", @@ -1135,11 +1135,11 @@ ] }, "locked": { - "lastModified": 1773297127, - "narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=", + "lastModified": 1775636079, + "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "71b125cd05fbfd78cab3e070b73544abe24c5016", + "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", "type": "github" }, "original": { @@ -1210,7 +1210,7 @@ }, "zugferd-service": { "inputs": { - "agents": "agents_2", + "agents": "agents_3", "flake-utils": "flake-utils", "m3ta-nixpkgs": "m3ta-nixpkgs_2", "nixpkgs": "nixpkgs_8" diff --git a/flake.nix b/flake.nix index 36279b1..da4a554 100644 --- a/flake.nix +++ b/flake.nix @@ -79,6 +79,10 @@ zugferd-service = { url = "git+https://git.az-gruppe.com/AZ-Intec-GmbH/zugferd-service"; }; + azion-scheduler = { + url = "git+https://git.az-gruppe.com/AZ-Intec-GmbH/AZion"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = { @@ -184,6 +188,7 @@ ./hosts/AZ-PRM-1 agenix.nixosModules.default inputs.disko.nixosModules.disko + inputs.azion-scheduler.nixosModules.default ]; }; AZ-LT-NIX = inputs.nixpkgs-unstable.lib.nixosSystem { diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix index f5af775..34b504f 100644 --- a/home/features/cli/default.nix +++ b/home/features/cli/default.nix @@ -72,7 +72,6 @@ alejandra basecamp bc - claude-code comma coreutils devenv diff --git a/hosts/AZ-PRM-1/secrets.nix b/hosts/AZ-PRM-1/secrets.nix index bbd6bcb..7247a57 100644 --- a/hosts/AZ-PRM-1/secrets.nix +++ b/hosts/AZ-PRM-1/secrets.nix @@ -1,6 +1,9 @@ { age = { secrets = { + azion-env = { + file = ../../secrets/azion-env.age; + }; traefik-env = { file = ../../secrets/traefik-env.age; }; diff --git a/hosts/AZ-PRM-1/services/azion-scheduler.nix b/hosts/AZ-PRM-1/services/azion-scheduler.nix new file mode 100644 index 0000000..1fbd485 --- /dev/null +++ b/hosts/AZ-PRM-1/services/azion-scheduler.nix @@ -0,0 +1,35 @@ +{ + config, + lib, + inputs, + pkgs, + ... +}: let + portUtils = import ../../../lib/port-utils.nix {inherit lib;}; + servicePort = portUtils.getPort "azion-scheduler" "AZ-PRM-1"; + schedulerProxyPort = portUtils.getPort "azion-scheduler-proxy" "AZ-PRM-1"; +in { + services.azion-scheduler = { + enable = true; + package = inputs.azion-scheduler.packages.${pkgs.stdenv.hostPlatform.system}.default; + port = servicePort; + proxyPort = schedulerProxyPort; + environmentFile = config.age.secrets.azion-env.path; + }; + + # Traefik configuration + services.traefik.dynamicConfigOptions.http = { + services.azion-scheduler.loadBalancer.servers = [ + {url = "http://localhost:${toString servicePort}/";} + ]; + + routers.azion-scheduler = { + rule = "Host(`azion.l.az-gruppe.com`)"; + tls = { + certResolver = "ionos"; + }; + service = "azion-scheduler"; + entrypoints = "websecure"; + }; + }; +} diff --git a/hosts/AZ-PRM-1/services/default.nix b/hosts/AZ-PRM-1/services/default.nix index b2a4b02..55ef115 100644 --- a/hosts/AZ-PRM-1/services/default.nix +++ b/hosts/AZ-PRM-1/services/default.nix @@ -1,7 +1,7 @@ { imports = [ ./containers - + ./azion-scheduler.nix ./n8n.nix ./netbird.nix ./pgadmin.nix diff --git a/lib/ports.nix b/lib/ports.nix index 4dd742e..0e719be 100644 --- a/lib/ports.nix +++ b/lib/ports.nix @@ -18,6 +18,8 @@ zammad-hr = 3036; netbird = 3038; zammad-hr-elasticsearch = 3037; + azion-scheduler = 3039; + azion-scheduler-proxy = 3049; # Docker services (3100-3199 range) librechat = 3040; diff --git a/secrets.nix b/secrets.nix index c6364b9..41b3a34 100644 --- a/secrets.nix +++ b/secrets.nix @@ -11,6 +11,7 @@ let users = [sascha.koenig]; systems = [AZ-CLD-1 AZ-LT-NIX AZ-PRM-1]; in { + "secrets/azion-env.age".publicKeys = systems ++ users; "secrets/server.crt.age".publicKeys = systems ++ users; "secrets/server.key.age".publicKeys = systems ++ users; "secrets/traefik-env.age".publicKeys = systems ++ users; diff --git a/secrets/azion-env.age b/secrets/azion-env.age new file mode 100644 index 0000000..a8b8905 --- /dev/null +++ b/secrets/azion-env.age @@ -0,0 +1,18 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFpoVnNlZyBEK3Vo +VUJGUExER0VDZHROdkN6S0pPRTVXSEhvVWpvV1FSNnZUcStLalRNCk9DZGN2ZFZi +cWlhUDBlQkFZSHVxN1ErYmdhTW5ZbVhGb20yZmtnY1MvWEEKLT4gc3NoLWVkMjU1 +MTkgU3JIYXFBIEFUc3B1alN0NElwcDl1empxeVFack9hUzFGYlg1bUVRbllNWkNQ +MUlBRVkKaUNQNGhSV0pQQ2VGQXFHM2s1YmFPMTJUWUpZVFNrdTFoNmxlTExYeFc4 +dwotPiBzc2gtZWQyNTUxOSBsR3FWWmcgeG9ZZWNIUHo5c09kMWxmRXJieXJOV0Vo +ajEzYTdCRmp5aVlwT2p2Y1ZnYwo4M01URmZwY21idzdQSkszYW5qcVRKdVpkaVRR +NXhiSVg1MmlMVlpGNEdvCi0+IHNzaC1lZDI1NTE5IENTTXloZyA5U2V6eEl6ZVoz +L0RCblpuR1Y2dGhxZC9YREFhYVBrOGVESldZOHlmSEVVCkEwenhZbkJNK2RoaSsr +Tm1DWXN4TjBldXN4VlByN2IrZ2NvQ3c5dEdJUFkKLT4gVid1fXs+LWdyZWFzZSBc +dSBLCjdpZ251emhPemFyeEQzYVZhTE85WUtKemhmWVBIeUp1Ci0tLSA3cTcva3dC +NytiSTdXMFVkUmkzZ1psbndvMTcwVk42bXArdm1ZSXA3aXNnCgcCLDRJcYeVXN7A +OHS0d2J+1TEvSHAEtrnTQjTqYl7ceaS8TFYF/DekImVCoDBjKI2294On8eiCOlUX +V9k/GF4OVXQfLcvxhRSTj/h5G8kVXvOodjftlIrx07SVTdIaxJZNAEqyTQi89G8Q +Uxu4pKPJn53u3KGPga8xdxEbPwv2VTWp879z7ge3e2me4qT8VZagq06IkeTfbun9 +Pq8qY6w= +-----END AGE ENCRYPTED FILE-----