Compare commits
No commits in common. "37192edd8376191a25f79424284b4f562fc9af63" and "f6290f321563ac709df5f90e5f419abf0a3bd6f6" have entirely different histories.
37192edd83
...
f6290f3215
|
|
@ -1,3 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko ./zspeed.nix
|
||||
|
|
@ -1,73 +0,0 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
x = {
|
||||
type = "disk";
|
||||
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
zfs = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "zfs";
|
||||
pool = "zspeed";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
y = {
|
||||
type = "disk";
|
||||
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi3";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
zfs = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "zfs";
|
||||
pool = "zspeed";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
zpool = {
|
||||
zspeed = {
|
||||
type = "zpool";
|
||||
mode = "mirror";
|
||||
rootFsOptions = {
|
||||
"compression" = "zstd-4";
|
||||
"com.sun:auto-snapshot" = "false";
|
||||
"xattr" = "sa";
|
||||
"atime" = "off";
|
||||
};
|
||||
options = {
|
||||
"ashift" = "13";
|
||||
};
|
||||
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zspeed@blank$' || zfs snapshot zspeed@blank";
|
||||
|
||||
datasets = {
|
||||
postgres = {
|
||||
type = "zfs_volume";
|
||||
size = "10G -s";
|
||||
options = {
|
||||
"com.sun:auto-snapshot:daily" = "true";
|
||||
"volblocksize" = "8k";
|
||||
};
|
||||
};
|
||||
lxc = {
|
||||
type = "zfs_volume";
|
||||
size = "10G -s";
|
||||
options = {
|
||||
"com.sun:auto-snapshot:daily" = "true";
|
||||
"volblocksize" = "8k";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,6 +1,5 @@
|
|||
{ pkgs, inputs, config, lib, ... }:
|
||||
let
|
||||
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
||||
username = "admin";
|
||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
||||
hostname = config.networking.hostName;
|
||||
|
|
@ -8,7 +7,7 @@ let
|
|||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||
|
||||
in
|
||||
in
|
||||
{
|
||||
users.users.${username} = {
|
||||
isNormalUser = true;
|
||||
|
|
@ -16,13 +15,7 @@ in
|
|||
hashedPasswordFile = sopsHashedPasswordFile;
|
||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
] ++ ifTheyExist [
|
||||
"docker"
|
||||
"lxc"
|
||||
"git"
|
||||
];
|
||||
extraGroups = ["wheel"];
|
||||
|
||||
packages = with pkgs; [
|
||||
];
|
||||
|
|
@ -37,7 +30,7 @@ in
|
|||
path = "/home/${username}/.ssh/id_ed25519";
|
||||
mode = "0600";
|
||||
owner = "${username}";
|
||||
};
|
||||
};
|
||||
"ssh_keys/${username}/id_ed25519.pub" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519.pub";
|
||||
mode = "0644";
|
||||
|
|
|
|||
|
|
@ -1,10 +1,11 @@
|
|||
{ inputs, ... }:
|
||||
{ inputs, config, lib, pkgs, outputs, ... }:
|
||||
let
|
||||
# Disko setup
|
||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||
dev = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00005"; # depends on target hardware
|
||||
dev = "/dev/sda"; # depends on target hardware
|
||||
encrypted = false; # currrently only applies to btrfs
|
||||
impermanence = false; # currrently only applies to btrfs
|
||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
||||
user = "admin";
|
||||
in
|
||||
{
|
||||
|
|
@ -13,7 +14,7 @@ in
|
|||
# Create users for this host
|
||||
../common/users/${user}
|
||||
|
||||
# Root disk configuration
|
||||
# Disk configuration
|
||||
inputs.disko.nixosModules.disko
|
||||
(import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; })
|
||||
|
||||
|
|
@ -23,7 +24,7 @@ in
|
|||
|
||||
# Import optional options
|
||||
../common/optional/openssh.nix
|
||||
../common/optional/lxd
|
||||
|
||||
|
||||
];
|
||||
|
||||
|
|
@ -44,7 +45,6 @@ in
|
|||
boot.supportedFilesystems = [ "zfs" ];
|
||||
boot.zfs.forceImportRoot = false;
|
||||
networking.hostId = "18aec5d7";
|
||||
boot.zfs.extraPools = [ "zspeed" ];
|
||||
|
||||
services.libinput.enable = true;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue