From 33b3a33f51fc280c4e1dc4239be4edcd355595d7 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Sun, 30 Apr 2023 00:47:46 +0200
Subject: [PATCH] update colmena state

---
 flake.nix                                 |  4 +--
 nixos/components/network/tinc/private.nix |  9 ++++++
 nixos/machines/chungus/configuration.nix  |  9 +++---
 nixos/machines/chungus/disko-config.nix   | 38 ++++++++++++++++++-----
 nixos/system/server/initssh.nix           |  5 +++
 5 files changed, 52 insertions(+), 13 deletions(-)

diff --git a/flake.nix b/flake.nix
index aab4015..b8fbe37 100644
--- a/flake.nix
+++ b/flake.nix
@@ -263,8 +263,8 @@
           };
 
           chungus = { name, nodes, pkgs, ... }: {
-            #deployment.targetHost = "${name}.private";
-            deployment.targetHost = "192.168.178.31";
+            deployment.targetHost = "${name}.private";
+            #deployment.targetHost = "192.168.178.31";
             deployment.tags = [ "server" "online" "private" ];
             imports = [
               grocy-scanner.nixosModule
diff --git a/nixos/components/network/tinc/private.nix b/nixos/components/network/tinc/private.nix
index fe8039c..a3cd877 100644
--- a/nixos/components/network/tinc/private.nix
+++ b/nixos/components/network/tinc/private.nix
@@ -13,6 +13,7 @@ let
     bobi = "10.23.42.25";
     pepe = "10.23.42.26";
     cream = "10.23.42.27";
+    chungus = "10.23.42.28";
     robi = "10.23.42.111";
   };
   subDomains = {
@@ -65,6 +66,10 @@ in
           subnets = [{ address = hosts.pepe; }];
           settings.Ed25519PublicKey = "LnE+w6ZfNCky4Kad3TBxpFKRJ2PJshkSpW6mC3pcsPI";
         };
+        chungus = {
+          subnets = [{ address = hosts.chungus; }];
+          settings.Ed25519PublicKey = "mJP+zzYGv42KItpSf3lMkr3dwa5xW3n3hi0W2Z75jfJ";
+        };
         robi = {
           addresses = [{ address = "144.76.13.147"; }];
           subnets = [{ address = hosts.robi; }];
@@ -107,6 +112,10 @@ in
       hostNames = [ "pepe.${network}" hosts.pepe ];
       publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJPlva+Vdj8WmQPlbQLN3qicMz5AAsyTzK53BincxtAz";
     };
+    "chungus.${network}" = {
+      hostNames = [ "chungus.${network}" hosts.chungus ];
+      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC+1U/BacpMxNmLc0r72i/LkmlZapSuIABKsulJnf7Up";
+    };
     "bobi.${network}" = {
       hostNames = [ "bobi.${network}" hosts.bobi ];
       publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0haepNVEaocfWh6kwVc4QsSg2iqO5k+hjarphBqMVk";
diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index 664ce8c..0340362 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -50,10 +50,11 @@
   users.users.root.shell = pkgs.zsh;
 
   # todo : rename to component.init.ssh
-  #configuration.init-ssh = {
-  #  enable = "enabled";
-  #  kernelModules = [ "e1000e" ];
-  #};
+  # todo : make tor optional
+  configuration.init-ssh = {
+    enable = "enabled";
+    kernelModules = [ "e1000e" ];
+  };
 
   # just enable lan
   #networking.dhcpcd.allowInterfaces = [ "enp0s25" ];
diff --git a/nixos/machines/chungus/disko-config.nix b/nixos/machines/chungus/disko-config.nix
index 0fb3499..d65e5ff 100644
--- a/nixos/machines/chungus/disko-config.nix
+++ b/nixos/machines/chungus/disko-config.nix
@@ -85,11 +85,18 @@ in
 
       zroot = {
         type = "zpool";
+        #rootFsOptions = {
+        #mountpoint = "none";
+        #canmount = "off";
+        #};
         datasets = {
           "root" = {
             type = "zfs_fs";
             mountpoint = "/";
-            options.compression = "lz4";
+            options = {
+              mountpoint = "/";
+              compression = "lz4";
+            };
           };
         };
       };
@@ -99,23 +106,40 @@ in
       zraid = {
         type = "zpool";
         mode = "raidz2";
+        rootFsOptions = {
+          mountpoint = "none";
+          canmount = "off";
+        };
         datasets = {
           "media" = {
             type = "zfs_fs";
             mountpoint = "/media";
-            options.compression = "lz4";
-          };
-          "media/nextcloud" = {
-            type = "zfs_fs";
-            mountpoint = "/media/nextcloud";
             options = {
+              mountpoint = "/media";
+              compression = "lz4";
+            };
+          };
+          "nextcloud" = {
+            type = "zfs_fs";
+            mountpoint = "/nextcloud";
+            options = {
+              mountpoint = "/nextcloud";
               compression = "lz4";
-              # question: is that combination of frequency and keep even possible?
               "com.sun:auto-snapshot" = "false";
               "com.sun:auto-snapshot:daily" = "true,keep=32";
               "com.sun:auto-snapshot:montly" = "true,keep=48";
             };
           };
+          "borg" = {
+            type = "zfs_fs";
+            mountpoint = "/borg";
+            options = {
+              mountpoint = "/borg";
+              compression = "lz4";
+              "com.sun:auto-snapshot" = "false";
+              "com.sun:auto-snapshot:daily" = "true,keep=32";
+            };
+          };
         };
       };
 
diff --git a/nixos/system/server/initssh.nix b/nixos/system/server/initssh.nix
index ee3a562..2513908 100644
--- a/nixos/system/server/initssh.nix
+++ b/nixos/system/server/initssh.nix
@@ -16,6 +16,11 @@ in
       type = with types; enum [ "disable" "prepare" "enabled" ];
     };
 
+    #mode = mkOption {
+    #  default = "ssh";
+    #  type = with types; enum [ "ssh" "ssh+tor" ];
+    #};
+
     kernelModules = mkOption {
       type = with types; listOf str;
       description =