diff options
author | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
commit | 060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch) | |
tree | 2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/1systems/omo/hw | |
parent | cbfcc890e3b76d942b927809bf981a5fa7289e6a (diff) |
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/1systems/omo/hw')
-rw-r--r-- | makefu/1systems/omo/hw/omo.nix | 126 | ||||
-rw-r--r-- | makefu/1systems/omo/hw/tsp-tools.nix | 11 | ||||
-rw-r--r-- | makefu/1systems/omo/hw/tsp.nix | 41 | ||||
-rw-r--r-- | makefu/1systems/omo/hw/vaapi.nix | 17 |
4 files changed, 0 insertions, 195 deletions
diff --git a/makefu/1systems/omo/hw/omo.nix b/makefu/1systems/omo/hw/omo.nix deleted file mode 100644 index eaedbb779..000000000 --- a/makefu/1systems/omo/hw/omo.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ config, pkgs, lib, ... }: -let - toMapper = id: "/media/crypt${builtins.toString id}"; - byid = dev: "/dev/disk/by-id/" + dev; - keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; - rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; - rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp2s0"; - # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 - # cryptsetup luksAddKey $dev tmpkey - # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 - # mkfs.xfs /dev/mapper/crypt0 -L crypt0 - - # omo Chassis: - # __FRONT_ - # |* d0 | - # | | - # |* d1 | - # | | - # |* d3 | - # | | - # |* | - # |* d2 | - # | * | - # | * | - # |_______| - # cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; - cryptDisk0 = byid "ata-ST8000DM004-2CX188_ZCT01PLV"; - cryptDisk1 = byid "ata-WDC_WD80EZAZ-11TDBA0_7SJPVLYW"; - cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4"; - cryptDisk2 = byid "ata-WDC_WD80EZAZ-11TDBA0_7SJPWT5W"; - - # cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907"; - # all physical disks - - # TODO callPackage ../3modules/MonitorDisks { disks = allDisks } - dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 cryptDisk3 ]; - allDisks = [ rootDisk ] ++ dataDisks; -in { - imports = - [ # TODO: unlock home partition via ssh - ./vaapi.nix - <stockholm/makefu/2configs/fs/sda-crypto-root.nix> ]; - - makefu.server.primary-itf = primaryInterface; - system.activationScripts.createCryptFolders = '' - ${lib.concatMapStringsSep "\n" - (d: "install -m 755 -d " + (toMapper d) ) - [ 0 1 2 "X" ]} - ''; - - makefu.snapraid = { - enable = true; - disks = map toMapper [ 0 1 3 ]; - parity = toMapper 2; # find -name PARITY_PARTITION - extraConfig = '' - exclude /lib/storj/ - exclude /.bitcoin/blocks/ - ''; - }; - fileSystems = let - cryptMount = name: - { "/media/${name}" = { - device = "/dev/mapper/${name}"; fsType = "xfs"; - options = [ "nofail" ]; - };}; - in cryptMount "crypt0" - // cryptMount "crypt1" - // cryptMount "crypt2" - // cryptMount "crypt3" - // { "/media/cryptX" = { - device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 3 ]); - fsType = "mergerfs"; - noCheck = true; - options = [ "defaults" "allow_other" "nofail" "nonempty" ]; - }; - }; - - powerManagement.powerUpCommands = lib.concatStrings (map (disk: '' - ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk} - ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} - ${pkgs.hdparm}/sbin/hdparm -y ${disk} - '') allDisks); - - # crypto unlocking - boot = { - initrd.luks = { - devices = let - usbkey = device: { - inherit device keyFile; - keyFileSize = 4096; - allowDiscards = true; - }; - in - { - luksroot = usbkey rootPartition; - crypt0 = usbkey cryptDisk0; - crypt1 = usbkey cryptDisk1; - crypt2 = usbkey cryptDisk2; - crypt3 = usbkey cryptDisk3; - }; - }; - loader.grub.device = lib.mkForce rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "firewire_ohci" - "usb_storage" - "usbhid" - "raid456" - "megaraid_sas" - ]; - - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; - }; - environment.systemPackages = with pkgs;[ - mergerfs # hard requirement for mount - ]; - hardware.enableRedistributableFirmware = true; - hardware.cpu.intel.updateMicrocode = true; -} - diff --git a/makefu/1systems/omo/hw/tsp-tools.nix b/makefu/1systems/omo/hw/tsp-tools.nix deleted file mode 100644 index 6579edd9d..000000000 --- a/makefu/1systems/omo/hw/tsp-tools.nix +++ /dev/null @@ -1,11 +0,0 @@ -let - disko = import (builtins.fetchGit { - url = https://cgit.lassul.us/disko/; - rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe"; - }); - - cfg = builtins.fromJSON (builtins.readFile ../../hardware/tsp-disk.json); -in '' -${disko.create cfg} -${disko.mount cfg} -'' diff --git a/makefu/1systems/omo/hw/tsp.nix b/makefu/1systems/omo/hw/tsp.nix deleted file mode 100644 index a289fadce..000000000 --- a/makefu/1systems/omo/hw/tsp.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ pkgs, ... }: -with builtins; -let - disko = import (builtins.fetchGit { - url = https://cgit.lassul.us/disko/; - rev = "9c9b62e15e4ac11d4379e66b974f1389daf939fe"; - }); - cfg = fromJSON (readFile ../../hardware/tsp-disk.json); - # primaryInterface = "enp1s0"; - primaryInterface = "wlp2s0"; - rootDisk = "/dev/sda"; # TODO same as disko uses -in { - imports = [ - (disko.config cfg) - ]; - makefu.server.primary-itf = primaryInterface; - boot = { - loader.grub.device = rootDisk; - - initrd.availableKernelModules = [ - "ahci" - "ohci_pci" - "ehci_pci" - "pata_atiixp" - "firewire_ohci" - "usb_storage" - "usbhid" - ]; - - kernelModules = [ "kvm-intel" ]; - }; - networking.wireless.enable = true; - hardware.enableRedistributableFirmware = true; - hardware.cpu.intel.updateMicrocode = true; - services.logind.lidSwitch = "ignore"; - services.logind.lidSwitchDocked = "ignore"; - services.logind.extraConfig = '' - HandleSuspendKey = ignore - ''; - powerManagement.enable = false; -} diff --git a/makefu/1systems/omo/hw/vaapi.nix b/makefu/1systems/omo/hw/vaapi.nix deleted file mode 100644 index 8250d4110..000000000 --- a/makefu/1systems/omo/hw/vaapi.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, ... }: -{ - nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - vaapiVdpau - libvdpau-va-gl - ]; - }; - hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ vaapiIntel ]; - environment.systemPackages = [ pkgs.libva-utils ]; -} |