palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

finaly state of zfs setup

Browse source
This commit is contained in:
Ingolf Wagner 2023-05-01 15:21:15 +02:00
parent 38c401b6e7
commit ab396c38fe
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
5 changed files with 72 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake.lock
View file

@ -951,11 +951,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1682803277, "lastModified": 1682945945,
"narHash": "sha256-K8v9TNTgeyGob7bH23K/2ZBSBphXyJ8KwfYdNNEv3NI=", "narHash": "sha256-DEC29PuP99B70ItXoWRbGA1+kB0Y/u5xUArwdaQ8UWI=",
"ref": "main", "ref": "main",
"rev": "d57bd16c25bac2f2e709cb9b39ded1c01aca290e", "rev": "ed21079d3b5cbc79f28f918ea16a735d17428570",
"revCount": 48, "revCount": 49,
"type": "git", "type": "git",
"url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git" "url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git"
}, },

1
flake.nix
View file

@ -264,7 +264,6 @@
chungus = { name, nodes, pkgs, ... }: { chungus = { name, nodes, pkgs, ... }: {
deployment.targetHost = "${name}.private"; deployment.targetHost = "${name}.private";
#deployment.targetHost = "192.168.178.31";
deployment.tags = [ "server" "online" "private" ]; deployment.tags = [ "server" "online" "private" ];
imports = [ imports = [
grocy-scanner.nixosModule grocy-scanner.nixosModule

56
images/machine-init-configuration.nix Normal file
View file

@ -0,0 +1,56 @@
{ config, lib, pkgs, ... }:
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix"
(import ./disko-config.nix { })
];
networking.hostName = "nixos";
boot.supportedFilesystems = [ "zfs" ];
# head -c4 /dev/urandom | od -A none -t x4
networking.hostId = "4750e4b8";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.tmpOnTmpfs = true; # make /tmp a tmpfs (performance!)
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
environment.systemPackages = with pkgs; [
vim
wget
htop
silver-searcher
];
environment.extraInit = ''
# use vi shortcuts
# ----------------
set -o vi
EDITOR=vim
'';
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

8
nixos/components/network/tinc/private.nix
View file

@ -29,6 +29,12 @@ let
"prometheus.pepe" = hosts.pepe; "prometheus.pepe" = hosts.pepe;
"tts.pepe" = hosts.pepe; "tts.pepe" = hosts.pepe;
"tdarr.pepe" = hosts.pepe; "tdarr.pepe" = hosts.pepe;
# chungus
"loki.chungus" = hosts.chungus;
"grafana.chungus" = hosts.chungus;
"prometheus.chungus" = hosts.chungus;
"tts.chungus" = hosts.chungus;
"tdarr.chungus" = hosts.chungus;
}; };
network = "private"; network = "private";
in in
@ -114,7 +120,7 @@ in
}; };
"chungus.${network}" = { "chungus.${network}" = {
hostNames = [ "chungus.${network}" hosts.chungus ]; hostNames = [ "chungus.${network}" hosts.chungus ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC+1U/BacpMxNmLc0r72i/LkmlZapSuIABKsulJnf7Up"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP9jrbOJbgapreRjttyOKWv5vxGMThn7kAwlk8WnSyL9";
}; };
"bobi.${network}" = { "bobi.${network}" = {
hostNames = [ "bobi.${network}" hosts.bobi ]; hostNames = [ "bobi.${network}" hosts.bobi ];

10
nixos/machines/chungus/configuration.nix
View file

@ -40,7 +40,7 @@
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ];
# head -c4 /dev/urandom | od -A none -t x4 # head -c4 /dev/urandom | od -A none -t x4
networking.hostId = "e439b116"; networking.hostId = "e439b116";
boot.zfs.extraPools = [ "zraid" ]; #boot.zfs.extraPools = [ "zraid" ];
sops.defaultSopsFile = ../../secrets/chungus.yaml; sops.defaultSopsFile = ../../secrets/chungus.yaml;
@ -51,10 +51,10 @@
# todo : rename to component.init.ssh # todo : rename to component.init.ssh
# todo : make tor optional # todo : make tor optional
configuration.init-ssh = { #configuration.init-ssh = {
enable = "enabled"; # enable = "prepared";
kernelModules = [ "e1000e" ]; # kernelModules = [ "e1000e" ];
}; #};
# just enable lan # just enable lan
#networking.dhcpcd.allowInterfaces = [ "enp0s25" ]; #networking.dhcpcd.allowInterfaces = [ "enp0s25" ];