Compare commits

...

3 Commits

Author SHA1 Message Date
Sam 216f1bd706 incus preseed reload not working 2024-06-30 20:16:17 +01:00
Sam b99cf47870 Disable firewall for incus 2024-06-30 17:45:24 +01:00
Sam 044b04752f Create db storage pool in postgres profile 2024-06-30 17:44:48 +01:00
7 changed files with 147 additions and 5 deletions

View File

@ -0,0 +1,38 @@
architecture: x86_64
config:
boot.autostart: "true"
image.architecture: amd64
image.description: Nixos unstable amd64 (20240630_01:00)
image.os: Nixos
image.release: unstable
image.requirements.secureboot: "false"
image.serial: "20240630_01:00"
image.type: squashfs
image.variant: default
security.nesting: "true"
volatile.base_image: bbd293f2d08dfe82b4d81f28aeb3f1f7fef829f717e3073423c59fd6a7794749
volatile.cloud-init.instance-id: 90575adf-c804-483b-bb95-a188cdc47101
volatile.eth0.host_name: veth79bf6370
volatile.eth0.hwaddr: 00:16:3e:17:c1:da
volatile.idmap.base: "0"
volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.last_state.idmap: '[]'
volatile.last_state.power: RUNNING
volatile.uuid: 62db570b-8c46-4199-8657-1c387f6fddba
volatile.uuid.generation: 62db570b-8c46-4199-8657-1c387f6fddba
devices:
eth0:
name: eth0
nictype: bridged
parent: lxdBrDefault
type: nic
root:
path: /
pool: test
type: disk
ephemeral: false
profiles:
- default
stateful: false
description: ""

View File

@ -58,7 +58,7 @@
"volblocksize" = "8k"; "volblocksize" = "8k";
}; };
}; };
test = { lxc = {
type = "zfs_volume"; type = "zfs_volume";
size = "10G -s"; size = "10G -s";
options = { options = {

View File

@ -4,6 +4,7 @@
./lxd-preseed.nix ./lxd-preseed.nix
]; ];
networking.nftables.enable = true; networking.nftables.enable = true;
networking.firewall.enable = false;
virtualisation = { virtualisation = {
incus = { incus = {
package = pkgs.incus; package = pkgs.incus;

View File

@ -2,6 +2,7 @@
let let
lxd_profiles = { lxd_profiles = {
"postgres" = (import ./profiles/postgres.nix);
"default" = (import ./profiles/default.nix); "default" = (import ./profiles/default.nix);
}; };
in in
@ -17,13 +18,17 @@ in
networks = [ networks = [
lxd_profiles.default.network lxd_profiles.default.network
lxd_profiles.postgres.network
]; ];
profiles = [ profiles = [
lxd_profiles.default.profile lxd_profiles.default.profile
lxd_profiles.postgres.profile
]; ];
storage_pools = lxd_profiles.default.storage_pools; storage_pools =
lxd_profiles.default.storage_pools ++
lxd_profiles.postgres.storage_pools;
}; };
}; };
}; };

View File

@ -4,7 +4,7 @@
type = "bridge"; type = "bridge";
config = { config = {
"ipv4.address" = "10.100.1.1/8"; "ipv4.address" = "10.100.2.1/8";
"ipv4.nat" = "true"; "ipv4.nat" = "true";
"ipv4.firewall" = "false"; "ipv4.firewall" = "false";
}; };
@ -17,9 +17,9 @@
config.source = "/dev/zvol/zspeed/postgres"; config.source = "/dev/zvol/zspeed/postgres";
} }
{ {
name = "test"; name = "lxc";
driver = "btrfs"; driver = "btrfs";
config.source = "/dev/zvol/zspeed/test"; config.source = "/dev/zvol/zspeed/lxc";
} }
]; ];

View File

@ -0,0 +1,49 @@
{
network = {
name = "lxdBrPsql";
type = "bridge";
config = {
"ipv4.address" = "10.100.1.1/8";
"ipv4.nat" = "true";
"ipv4.firewall" = "false";
};
};
storage_pools = [
{
name = "postgres";
driver = "btrfs";
config.source = "/dev/zvol/zspeed/postgres";
}
{
name = "lxc";
driver = "btrfs";
config.source = "/dev/zvol/zspeed/lxc";
}
];
profile = {
name = "postgres";
devices = {
"eth0" = {
name = "eth0";
nictype = "bridged";
parent = "lxdBrPsql";
type = "nic";
};
"root" = {
path = "/";
pool = "default";
size = "8GiB";
type = "disk";
};
"db" = {
path = "/var/lib/postgresql/16/";
pool = "postgres";
source = "db";
type = "disk";
};
};
};
}

49
psql.nix Normal file
View File

@ -0,0 +1,49 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, modulesPath, ... }:
{
imports =
[
# Include the default lxd configuration.
"${modulesPath}/virtualisation/lxc-container.nix"
# Include the container-specific autogenerated configuration.
./lxd.nix
];
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
systemd.network = {
enable = true;
networks."50-eth0" = {
matchConfig.Name = "eth0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
environment.systemPackages = [
pkgs.vim
];
services.postgresql = {
enable = true;
package = pkgs.postgresql_16;
ensureDatabases = [ "default" ];
authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method
local all all trust
'';
};
system.stateVersion = "24.11"; # Did you read the comment?
}