Minor improvements
This commit is contained in:
parent
aa2d332fc9
commit
ac24def5dc
|
@ -26,7 +26,7 @@
|
|||
# - NFS exports
|
||||
# - FreeBSD VM
|
||||
# - Kali VM
|
||||
# - Kerberos / IPA
|
||||
# - Kerberos / IPA / Kanidm
|
||||
];
|
||||
|
||||
networking = {
|
||||
|
@ -81,6 +81,7 @@
|
|||
)
|
||||
zfs
|
||||
screen
|
||||
exa
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
|
|
|
@ -1,92 +0,0 @@
|
|||
DISK='/dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101b10101c61e14737f7ba5d4debafb705fb5bb1082a0be6e8a84f5eb4ae02393df000000000000000000009940bff9ff01740081558107b5ad5d4a-0:0 /dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101aa2faa7599e5f2afc0dde60a5f61a62999cc479fbf61706afe2f115d19735f550000000000000000000026304b1f0094160081558107b5ac9a2a-0:0'
|
||||
|
||||
for i in ${DISK} do
|
||||
|
||||
# sgdisk --zap-all $i
|
||||
|
||||
# # EFI partition
|
||||
# sgdisk -n2:1M:+1G -t1:EF00 $i
|
||||
# # Root partition, remaining size
|
||||
# sgdisk -n1:0:0 -t3:BF00 $i
|
||||
#
|
||||
parted "$i" -- mklabel gpt
|
||||
parted "$i" -- mkpart primary ext2 1MB 513MB
|
||||
parted "$i" -- mkpart primary ext2 513MB 100%
|
||||
done
|
||||
|
||||
# # Boot partition for GRUB, limited features
|
||||
# zpool create \
|
||||
# -o compatibility=grub2 \
|
||||
# -o ashift=12 \
|
||||
# -o autotrim=on \
|
||||
# -O acltype=posixacl \
|
||||
# -O canmount=off \
|
||||
# -O compression=lz4 \
|
||||
# -O devices=off \
|
||||
# -O normalization=formD \
|
||||
# -O relatime=on \
|
||||
# -O xattr=sa \
|
||||
# -O mountpoint=/boot \
|
||||
# -R /mnt \
|
||||
# bpool \
|
||||
# mirror \
|
||||
# $(for i in ${DISK}; do
|
||||
# printf "$i-part2 ";
|
||||
# done)
|
||||
|
||||
# Root partition
|
||||
zpool create \
|
||||
-f
|
||||
-o ashift=12 \
|
||||
-o autotrim=on \
|
||||
-R /mnt \
|
||||
-O acltype=posixacl \
|
||||
-O canmount=off \
|
||||
-O compression=zstd \
|
||||
-O dnodesize=auto \
|
||||
-O normalization=formD \
|
||||
# -O relatime=on \
|
||||
-O atime=off \
|
||||
-O xattr=sa \
|
||||
-O mountpoint=/ \
|
||||
rpool \
|
||||
mirror \
|
||||
$(for i in ${DISK}; do
|
||||
printf "$i-part1 ";
|
||||
done)
|
||||
|
||||
zfs create \
|
||||
-o canmount=off \
|
||||
-o mountpoint=none \
|
||||
rpool/nixos
|
||||
|
||||
# Create system datasets, let NixOS declaritvely manage mountpoints with mountpoint=legacy
|
||||
|
||||
zfs create -o mountpoint=legacy rpool/nixos/root
|
||||
mount -t zfs rpool/nixos/root /mnt/
|
||||
|
||||
zfs create -o mountpoint=legacy rpool/nixos/home
|
||||
mkdir /mnt/home
|
||||
mount -t zfs rpool/nixos/home /mnt/home
|
||||
|
||||
zfs create -o mountpoint=legacy rpool/nixos/var
|
||||
zfs create -o mountpoint=legacy rpool/nixos/var/lib
|
||||
# zfs create -o mountpoint=legacy rpool/nixos/var/log
|
||||
# zfs create -o mountpoint=none bpool/nixos
|
||||
# zfs create -o mountpoint=legacy bpool/nixos/root
|
||||
# mkdir /mnt/boot
|
||||
# mount -t zfs bpool/nixos/root /mnt/boot
|
||||
# mkdir -p /mnt/var/log
|
||||
mkdir -p /mnt/var/lib
|
||||
mount -t zfs rpool/nixos/var/lib /mnt/var/lib
|
||||
# mount -t zfs rpool/nixos/var/log /mnt/var/log
|
||||
zfs create -o mountpoint=legacy rpool/nixos/empty
|
||||
zfs snapshot rpool/nixos/empty@start
|
||||
|
||||
|
||||
# Format and mount ESP:
|
||||
for i in ${DISK}; do
|
||||
mkfs.vfat -n EFI ${i}-part2
|
||||
mkdir -p /mnt/boot/efis/${i##*/}-part2
|
||||
mount -t vfat ${i}-part2 /mnt/boot/efis/${i##*/}-part2
|
||||
done
|
|
@ -20,17 +20,6 @@
|
|||
options = [ "vers=3" ];
|
||||
#options = [ "x-systemd.automount" "noauto" ];
|
||||
};
|
||||
#"/mnt/feal-syn1/netbackup" = {
|
||||
# device = "feal-syn1.home.feal.no:/volume2/NetBackup";
|
||||
# fsType = "nfs";
|
||||
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
|
||||
#};
|
||||
#"/mnt/feal-syn1/nfs_proxmox" = {
|
||||
# device = "feal-syn1.home.feal.no:/volume2/nfs_proxmox";
|
||||
# fsType = "nfs";
|
||||
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
|
||||
#};
|
||||
|
||||
"/mnt/feal-syn1/nfs_proxmox" = {
|
||||
device = "//feal-syn1.home.feal.no/nfs_proxmox";
|
||||
fsType = "cifs";
|
||||
|
|
|
@ -12,7 +12,7 @@ in {
|
|||
sslCertificateKey = "/etc/ssl-snakeoil/code_home_feal_no.key";
|
||||
sslCertificate = "/etc/ssl-snakeoil/code_home_feal_no.crt";
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.1.2:${toString cfg.port}";
|
||||
proxyPass = "http://${cfg.host}:${toString cfg.port}";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,10 +1,13 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
let
|
||||
host = "127.0.1.2";
|
||||
port = "5005";
|
||||
in {
|
||||
# Flame - Homelab dashboard/linktree
|
||||
virtualisation.oci-containers.containers = {
|
||||
flame = {
|
||||
image = "pawelmalak/flame";
|
||||
ports = [ "127.0.0.1:5005:5005" ];
|
||||
ports = [ "${host}:${port}:5005" ];
|
||||
volumes = [
|
||||
"/var/lib/flame/data:/app/data/"
|
||||
];
|
||||
|
@ -12,7 +15,7 @@
|
|||
};
|
||||
services.nginx.virtualHosts."flame.home.feal.no" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:5005";
|
||||
proxyPass = "http://${host}:${port}";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue