From 581245ed35bde63a8691c5f5a059cc647b2e88ec Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 28 Mar 2022 18:04:24 +0200 Subject: ma gum.r: move smartd monitor to hw-specific config --- makefu/1systems/gum/config.nix | 2 - makefu/1systems/gum/hardware-config.nix | 113 ------------------------------- makefu/1systems/gum/hetzner/default.nix | 116 ++++++++++++++++++++++++++++++++ 3 files changed, 116 insertions(+), 115 deletions(-) delete mode 100644 makefu/1systems/gum/hardware-config.nix create mode 100644 makefu/1systems/gum/hetzner/default.nix (limited to 'makefu/1systems/gum') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 540106004..0cdfcda4b 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -32,8 +32,6 @@ in { # - - { services.smartd.devices = builtins.map (x: { device = x; }) allDisks; } # Security diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix deleted file mode 100644 index 1881329ce..000000000 --- a/makefu/1systems/gum/hardware-config.nix +++ /dev/null @@ -1,113 +0,0 @@ -{ config, ... }: -let - external-mac = "50:46:5d:9f:63:6b"; - main-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_13H8863AS"; - sec-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_23OJ2GJAS"; - external-gw = "144.76.26.225"; - # single partition, label "nixos" - # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate - - - # static - external-ip = "144.76.26.247"; - external-ip6 = "2a01:4f8:191:12f6::2"; - external-gw6 = "fe80::1"; - external-netmask = 27; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly -in { - imports = [ - ]; - makefu.server.primary-itf = ext-if; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - networking = { - interfaces."${ext-if}" = { - ipv4.addresses = [{ - address = external-ip; - prefixLength = external-netmask; - }]; - ipv6.addresses = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - defaultGateway6 = { address = external-gw6; interface = ext-if; }; - defaultGateway = external-gw; - }; - boot.kernelParams = [ ]; - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.devices = [ main-disk ]; - boot.initrd.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" ]; - boot.initrd.availableKernelModules = [ - "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" - "xhci_pci" "ehci_pci" "ahci" "sd_mod" - ]; - boot.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" "kvm-intel" ]; - hardware.enableRedistributableFirmware = true; - fileSystems."/" = { - device = "/dev/nixos/root"; - fsType = "ext4"; - }; - fileSystems."/var/lib" = { - device = "/dev/nixos/lib"; - fsType = "ext4"; - }; - fileSystems."/var/log" = { - device = "/dev/nixos/log"; - fsType = "ext4"; - }; - fileSystems."/var/download" = { - device = "/dev/nixos/download"; - fsType = "ext4"; - }; - fileSystems."/var/www/binaergewitter" = { - device = "/dev/nixos/binaergewitter"; - fsType = "ext4"; - options = [ "nofail" ]; - }; - fileSystems."/var/lib/nextcloud/data" = { - device = "/dev/nixos/nextcloud"; - fsType = "ext4"; - options = [ "nofail" ]; - }; - fileSystems."/var/lib/borgbackup" = { - device = "/dev/nixos/backup"; - fsType = "ext4"; - }; - fileSystems."/boot" = { - device = "/dev/sda2"; - fsType = "vfat"; - }; - # parted -s -a optimal "$disk" \ - # mklabel gpt \ - # mkpart no-fs 0 1024KiB \ - # set 1 bios_grub on \ - # mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \ - # mkpart primary 1025MiB 100% - # parted -s -a optimal "/dev/sdb" \ - # mklabel gpt \ - # mkpart primary 1M 100% - - #mkfs.vfat /dev/sda2 - #pvcreate /dev/sda3 - #pvcreate /dev/sdb1 - #vgcreate nixos /dev/sda3 /dev/sdb1 - #lvcreate -L 120G -m 1 -n root nixos - #lvcreate -L 50G -m 1 -n lib nixos - #lvcreate -L 100G -n download nixos - #lvcreate -L 100G -n backup nixos - #mkfs.ext4 /dev/mapper/nixos-root - #mkfs.ext4 /dev/mapper/nixos-lib - #mkfs.ext4 /dev/mapper/nixos-download - #mkfs.ext4 /dev/mapper/nixos-borgbackup - #mount /dev/mapper/nixos-root /mnt - #mkdir /mnt/boot - #mount /dev/sda2 /mnt/boot - #mkdir -p /mnt/var/src - #touch /mnt/var/src/.populate - -} diff --git a/makefu/1systems/gum/hetzner/default.nix b/makefu/1systems/gum/hetzner/default.nix new file mode 100644 index 000000000..7d445879a --- /dev/null +++ b/makefu/1systems/gum/hetzner/default.nix @@ -0,0 +1,116 @@ +{ config, ... }: +let + external-mac = "50:46:5d:9f:63:6b"; + main-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_13H8863AS"; + sec-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_23OJ2GJAS"; + external-gw = "144.76.26.225"; + # single partition, label "nixos" + # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate + + + # static + external-ip = "144.76.26.247"; + external-ip6 = "2a01:4f8:191:12f6::2"; + external-gw6 = "fe80::1"; + external-netmask = 27; + external-netmask6 = 64; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + ext-if = "et0"; # gets renamed on the fly +in { + imports = [ + + { services.smartd.devices = builtins.map (x: { device = x; }) allDisks; } + + ]; + makefu.server.primary-itf = ext-if; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; + networking = { + interfaces."${ext-if}" = { + ipv4.addresses = [{ + address = external-ip; + prefixLength = external-netmask; + }]; + ipv6.addresses = [{ + address = external-ip6; + prefixLength = external-netmask6; + }]; + }; + defaultGateway6 = { address = external-gw6; interface = ext-if; }; + defaultGateway = external-gw; + }; + boot.kernelParams = [ ]; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.devices = [ main-disk ]; + boot.initrd.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" ]; + boot.initrd.availableKernelModules = [ + "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" + "xhci_pci" "ehci_pci" "ahci" "sd_mod" + ]; + boot.kernelModules = [ "dm-raid" "dm_cache" "dm-thin-pool" "kvm-intel" ]; + hardware.enableRedistributableFirmware = true; + fileSystems."/" = { + device = "/dev/nixos/root"; + fsType = "ext4"; + }; + fileSystems."/var/lib" = { + device = "/dev/nixos/lib"; + fsType = "ext4"; + }; + fileSystems."/var/log" = { + device = "/dev/nixos/log"; + fsType = "ext4"; + }; + fileSystems."/var/download" = { + device = "/dev/nixos/download"; + fsType = "ext4"; + }; + fileSystems."/var/www/binaergewitter" = { + device = "/dev/nixos/binaergewitter"; + fsType = "ext4"; + options = [ "nofail" ]; + }; + fileSystems."/var/lib/nextcloud/data" = { + device = "/dev/nixos/nextcloud"; + fsType = "ext4"; + options = [ "nofail" ]; + }; + fileSystems."/var/lib/borgbackup" = { + device = "/dev/nixos/backup"; + fsType = "ext4"; + }; + fileSystems."/boot" = { + device = "/dev/sda2"; + fsType = "vfat"; + }; + # parted -s -a optimal "$disk" \ + # mklabel gpt \ + # mkpart no-fs 0 1024KiB \ + # set 1 bios_grub on \ + # mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \ + # mkpart primary 1025MiB 100% + # parted -s -a optimal "/dev/sdb" \ + # mklabel gpt \ + # mkpart primary 1M 100% + + #mkfs.vfat /dev/sda2 + #pvcreate /dev/sda3 + #pvcreate /dev/sdb1 + #vgcreate nixos /dev/sda3 /dev/sdb1 + #lvcreate -L 120G -m 1 -n root nixos + #lvcreate -L 50G -m 1 -n lib nixos + #lvcreate -L 100G -n download nixos + #lvcreate -L 100G -n backup nixos + #mkfs.ext4 /dev/mapper/nixos-root + #mkfs.ext4 /dev/mapper/nixos-lib + #mkfs.ext4 /dev/mapper/nixos-download + #mkfs.ext4 /dev/mapper/nixos-borgbackup + #mount /dev/mapper/nixos-root /mnt + #mkdir /mnt/boot + #mount /dev/sda2 /mnt/boot + #mkdir -p /mnt/var/src + #touch /mnt/var/src/.populate + +} -- cgit v1.2.3 From 7e89bf587256e6148b2ed46e4da0ac818a1dd012 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 30 May 2022 12:56:29 +0200 Subject: ma gum.r: bind nextcloud data --- makefu/1systems/gum/config.nix | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'makefu/1systems/gum') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 0cdfcda4b..f47289e06 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -133,6 +133,23 @@ in { # # Removed until move: avoid letsencrypt ban ### Web + + # postgres backend + # postgres backend + + + #postgres backend + ### Moving owncloud data dir to /media/cloud/nextcloud-data + { + users.users.nextcloud.extraGroups = [ "download" ]; + # nextcloud-setup fails as it cannot set permissions for nextcloud + systemd.services.nextcloud-setup.serviceConfig.SuccessExitStatus = "0 1"; + fileSystems."/var/lib/nextcloud/data" = { + device = "/media/cloud/nextcloud-data"; + options = [ "bind" ]; + }; + } + # @@ -148,7 +165,7 @@ in { # # - + # # -- cgit v1.2.3 From 793b57fb6b8bb917d61319f82acc7dcedeff7244 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 6 Jun 2022 21:22:48 +0200 Subject: ma gum: move /var/backup to cloud --- makefu/1systems/gum/config.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'makefu/1systems/gum') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index f47289e06..ff0c18795 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -148,6 +148,10 @@ in { device = "/media/cloud/nextcloud-data"; options = [ "bind" ]; }; + fileSystems."/var/backup" = { + device = "/media/cloud/gum-backup"; + options = [ "bind" ]; + }; } -- cgit v1.2.3