felixalb/nixos-config
felixalb
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Minor improvements

This commit is contained in:
Felix Albrigtsen 2023-04-20 11:54:13 +02:00
parent 58725073e4
commit 057879fb71
5 changed files with 9 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/voyager/configuration.nix
View File

@ -26,7 +26,7 @@
# - NFS exports # - NFS exports
# - FreeBSD VM # - FreeBSD VM
# - Kali VM # - Kali VM
# - Kerberos / IPA # - Kerberos / IPA / Kanidm
]; ];
networking = { networking = {
@ -81,6 +81,7 @@
) )
zfs zfs
screen screen
exa
]; ];
networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedTCPPorts = [ 22 ];

92
hosts/voyager/diskinstall.sh
View File

@ -1,92 +0,0 @@
DISK='/dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101b10101c61e14737f7ba5d4debafb705fb5bb1082a0be6e8a84f5eb4ae02393df000000000000000000009940bff9ff01740081558107b5ad5d4a-0:0 /dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101aa2faa7599e5f2afc0dde60a5f61a62999cc479fbf61706afe2f115d19735f550000000000000000000026304b1f0094160081558107b5ac9a2a-0:0'
for i in ${DISK} do
# sgdisk --zap-all $i
# # EFI partition
# sgdisk -n2:1M:+1G -t1:EF00 $i
# # Root partition, remaining size
# sgdisk -n1:0:0 -t3:BF00 $i
#
parted "$i" -- mklabel gpt
parted "$i" -- mkpart primary ext2 1MB 513MB
parted "$i" -- mkpart primary ext2 513MB 100%
done
# # Boot partition for GRUB, limited features
# zpool create \
# -o compatibility=grub2 \
# -o ashift=12 \
# -o autotrim=on \
# -O acltype=posixacl \
# -O canmount=off \
# -O compression=lz4 \
# -O devices=off \
# -O normalization=formD \
# -O relatime=on \
# -O xattr=sa \
# -O mountpoint=/boot \
# -R /mnt \
# bpool \
# mirror \
# $(for i in ${DISK}; do
# printf "$i-part2 ";
# done)
# Root partition
zpool create \
-f
-o ashift=12 \
-o autotrim=on \
-R /mnt \
-O acltype=posixacl \
-O canmount=off \
-O compression=zstd \
-O dnodesize=auto \
-O normalization=formD \
# -O relatime=on \
-O atime=off \
-O xattr=sa \
-O mountpoint=/ \
rpool \
mirror \
$(for i in ${DISK}; do
printf "$i-part1 ";
done)
zfs create \
-o canmount=off \
-o mountpoint=none \
rpool/nixos
# Create system datasets, let NixOS declaritvely manage mountpoints with mountpoint=legacy
zfs create -o mountpoint=legacy rpool/nixos/root
mount -t zfs rpool/nixos/root /mnt/
zfs create -o mountpoint=legacy rpool/nixos/home
mkdir /mnt/home
mount -t zfs rpool/nixos/home /mnt/home
zfs create -o mountpoint=legacy rpool/nixos/var
zfs create -o mountpoint=legacy rpool/nixos/var/lib
# zfs create -o mountpoint=legacy rpool/nixos/var/log
# zfs create -o mountpoint=none bpool/nixos
# zfs create -o mountpoint=legacy bpool/nixos/root
# mkdir /mnt/boot
# mount -t zfs bpool/nixos/root /mnt/boot
# mkdir -p /mnt/var/log
mkdir -p /mnt/var/lib
mount -t zfs rpool/nixos/var/lib /mnt/var/lib
# mount -t zfs rpool/nixos/var/log /mnt/var/log
zfs create -o mountpoint=legacy rpool/nixos/empty
zfs snapshot rpool/nixos/empty@start
# Format and mount ESP:
for i in ${DISK}; do
mkfs.vfat -n EFI ${i}-part2
mkdir -p /mnt/boot/efis/${i##*/}-part2
mount -t vfat ${i}-part2 /mnt/boot/efis/${i##*/}-part2
done

11
hosts/voyager/filesystems.nix
View File

@ -20,17 +20,6 @@
options = [ "vers=3" ]; options = [ "vers=3" ];
#options = [ "x-systemd.automount" "noauto" ]; #options = [ "x-systemd.automount" "noauto" ];
}; };
#"/mnt/feal-syn1/netbackup" = {
# device = "feal-syn1.home.feal.no:/volume2/NetBackup";
# fsType = "nfs";
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
#};
#"/mnt/feal-syn1/nfs_proxmox" = {
# device = "feal-syn1.home.feal.no:/volume2/nfs_proxmox";
# fsType = "nfs";
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
#};
"/mnt/feal-syn1/nfs_proxmox" = { "/mnt/feal-syn1/nfs_proxmox" = {
device = "//feal-syn1.home.feal.no/nfs_proxmox"; device = "//feal-syn1.home.feal.no/nfs_proxmox";
fsType = "cifs"; fsType = "cifs";

2
hosts/voyager/services/code-server.nix
View File

@ -12,7 +12,7 @@ in {
sslCertificateKey = "/etc/ssl-snakeoil/code_home_feal_no.key"; sslCertificateKey = "/etc/ssl-snakeoil/code_home_feal_no.key";
sslCertificate = "/etc/ssl-snakeoil/code_home_feal_no.crt"; sslCertificate = "/etc/ssl-snakeoil/code_home_feal_no.crt";
locations."/" = { locations."/" = {
proxyPass = "http://127.0.1.2:${toString cfg.port}"; proxyPass = "http://${cfg.host}:${toString cfg.port}";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };

9
hosts/voyager/services/flame.nix
View File

@ -1,10 +1,13 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ let
host = "127.0.1.2";
port = "5005";
in {
# Flame - Homelab dashboard/linktree # Flame - Homelab dashboard/linktree
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
flame = { flame = {
image = "pawelmalak/flame"; image = "pawelmalak/flame";
ports = [ "127.0.0.1:5005:5005" ]; ports = [ "${host}:${port}:5005" ];
volumes = [ volumes = [
"/var/lib/flame/data:/app/data/" "/var/lib/flame/data:/app/data/"
]; ];
@ -12,7 +15,7 @@
}; };
services.nginx.virtualHosts."flame.home.feal.no" = { services.nginx.virtualHosts."flame.home.feal.no" = {
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:5005"; proxyPass = "http://${host}:${port}";
}; };
}; };
} }