temmie/nfs-mounts: generate systemd units ourselves

hosts/gluttony/configuration.nix

@@ -10,6 +10,8 @@
     (fp /base)
   ];
 
+  boot.loader.systemd-boot.enable = false;
+
   systemd.network.enable = lib.mkForce false;
   networking =
     let

hosts/skrott/configuration.nix

@@ -1,12 +1,10 @@
-{ config, pkgs, lib, fp, values, ... }: {
+{ config, pkgs, lib, fp, ... }: {
   imports = [
     # ./hardware-configuration.nix
 
     (fp /base)
   ];
 
-  sops.defaultSopsFile = fp /secrets/skrott/skrott.yaml;
-
   boot = {
     consoleLogLevel = 0;
     enableContainers = false;
@@ -38,11 +36,7 @@
     interfaces.eth0 = {
       useDHCP = false;
       ipv4.addresses = [{
-        address = values.hosts.skrott.ipv4;
+        address = "129.241.210.235";
-        prefixLength = 25;
-      }];
-      ipv6.addresses = [{
-        address = values.hosts.skrott.ipv6;
         prefixLength = 25;
       }];
     };

hosts/temmie/configuration.nix

@@ -6,7 +6,6 @@
       (fp /base)
 
       ./services/nfs-mounts.nix
-    ./services/userweb.nix
     ];
 
   systemd.network.networks."30-ens18" = values.defaultNetworkConfig // {
@@ -14,8 +13,6 @@
     address = with values.hosts.temmie; [ (ipv4 + "/25") (ipv6 + "/64") ];
   };
 
-  services.nginx.enable = false;
-
   services.qemuGuest.enable = true;
 
   # Don't change (even during upgrades) unless you know what you are doing.

hosts/temmie/services/nfs-mounts.nix

@@ -1,19 +1,14 @@
-{ lib, values, ... }:
+{ lib, ... }:
 let
   # See microbel:/etc/exports
   letters = [ "a" "b" "c" "d"  "h" "i" "j" "k" "l" "m" "z" ];
 in
 {
-  systemd.targets."pvv-homedirs" = {
-    description = "PVV Homedir Partitions";
-  };
-
   systemd.mounts = map (l: {
-    description = "PVV Homedir Partition ${l}";
+    description = "PVV Homedirs Partition ${l}";
 
     before = [ "remote-fs.target" ];
     wantedBy = [ "multi-user.target" ];
-    requiredBy = [ "pvv-homedirs.target" ];
 
     type = "nfs";
     what = "homepvv${l}.pvv.ntnu.no:/export/home/pvv/${l}";
@@ -21,27 +16,10 @@ in
 
     options = lib.concatStringsSep "," [
       "nfsvers=3"
-
-      # NOTE: this is a bit unfortunate. The address above seems to resolve to IPv6 sometimes,
-      #       and it doesn't seem possible to specify proto=tcp,tcp6, meaning we have to tell
-      #       NFS which exact address to use here, despite it being specified in the `what` attr :\
       "proto=tcp"
-      "addr=${values.hosts.microbel.ipv4}"
+      "auto"
-      "mountproto=tcp"
-      "mounthost=${values.hosts.microbel.ipv4}"
-      "port=2049"
-
-      # NOTE: this is yet more unfortunate. When enabling locking, it will sometimes complain about connection failed.
-      #       dmesg(1) reveals that it has something to do with registering the lockdv1 RPC service (errno: 111), not
-      #       quite sure how to fix it. Living life on dangerous mode for now.
-      "nolock"
-
-      # Don't wait on every read/write
       "async"
 
-      # Always keep mounted
-      "noauto"
-
       # We don't want to update access time constantly
       "noatime"
 
@@ -57,4 +35,17 @@ in
       # "noexec"
     ];
   }) letters;
+
+  systemd.automounts = map (l: {
+    description = "PVV Homedirs Partition ${l}";
+
+    wantedBy = [ "multi-user.target" ];
+
+    where = "/run/pvv-home-mounts/${l}";
+
+    automountConfig = {
+      # Unmount if not accessed in 5 mins
+      TimeoutIdleSec = "5min";
+    };
+  }) letters;
 }

hosts/temmie/services/userweb.nix

@@ -1,29 +0,0 @@
-{ ... }:
-{
-  services.httpd = {
-    enable = true;
-
-    # extraModules = [];
-
-    # virtualHosts."userweb.pvv.ntnu.no" = {
-    virtualHosts."temmie.pvv.ntnu.no" = {
-
-      forceSSL = true;
-      enableACME = true;
-    };
-  };
-
-  systemd.services.httpd = {
-    after = [ "pvv-homedirs.target" ];
-    requires = [ "pvv-homedirs.target" ];
-
-    serviceConfig = {
-      ProtectHome = "tmpfs";
-      BindPaths = let
-        letters = [ "a" "b" "c" "d"  "h" "i" "j" "k" "l" "m" "z" ];
-      in map (l: "/run/pvv-home-mounts/${l}:/home/pvv/${l}") letters;
-    };
-  };
-
-  # TODO: create phpfpm pools with php environments that contain packages similar to those present on tom
-}

topology/default.nix

@@ -53,7 +53,7 @@ in {
   nodes.ntnu-pvv-router = mkRouter "NTNU PVV Gateway" {
     interfaceGroups = [ ["wan1"] ["eth1"] ];
     connections.eth1 = mkConnection "knutsen" "em1";
-    interfaces.eth1.network = "ntnu";
+    interfaces.eth1.network = "pvv";
   };
 
   nodes.knutsen = mkRouter "knutsen" {
@@ -82,8 +82,6 @@ in {
         (mkConnection "buskerud" "eth1")
         # (mkConnection "knutsen" "eth1")
         (mkConnection "powerpuff-cluster" "eth1")
-        (mkConnection "powerpuff-cluster" "eth2")
-        (mkConnection "powerpuff-cluster" "eth3")
         (mkConnection "lupine-1" "enp0s31f6")
         (mkConnection "lupine-2" "enp0s31f6")
         (mkConnection "lupine-3" "enp0s31f6")
@@ -141,7 +139,7 @@ in {
 
     hardware.info = "Dell PowerEdge R730 x 3";
 
-    interfaceGroups = [ [ "eth1" "eth2" "eth3" ] ];
+    interfaceGroups = [ [ "eth1" ] ];
 
     services = {
       proxmox = {
@@ -169,13 +167,6 @@ in {
     interfaces.ens18.network = "pvv";
   };
 
-  nodes.temmie = {
-    guestType = "proxmox";
-    parent = config.nodes.powerpuff-cluster.id;
-
-    interfaces.ens18.network = "pvv";
-  };
-
   nodes.ustetind = {
     guestType = "proxmox LXC";
     parent = config.nodes.powerpuff-cluster.id;
@@ -228,7 +219,7 @@ in {
         (mkConnection "demiurgen" "eno1")
         (mkConnection "sanctuary" "ethernet_0")
         (mkConnection "torskas" "eth0")
-        (mkConnection "skrot" "eth0")
+        (mkConnection "skrott" "eth0")
         (mkConnection "homeassistant" "eth0")
         (mkConnection "orchid" "eth0")
         (mkConnection "principal" "em0")
@@ -258,12 +249,6 @@ in {
 
     interfaces.ens4.network = "ntnu";
   };
-  nodes.gluttony = {
-    guestType = "openstack";
-    parent = config.nodes.stackit.id;
-
-    interfaces.ens3.network = "ntnu";
-  };
   nodes.wenche = {
     guestType = "openstack";
     parent = config.nodes.stackit.id;

topology/non-nixos-machines.nix

@@ -290,6 +290,21 @@ in {
     };
   };
 
+  nodes.skrott = mkDevice "skrott" {
+    # TODO: the interface name is likely wrong
+    interfaceGroups = [ [ "eth0" ] ];
+    interfaces.eth0 = {
+      # mac = "";
+      addresses = [
+        "129.241.210.235"
+      ];
+      gateways = [
+        values.hosts.gateway
+        values.hosts.gateway6
+      ];
+    };
+  };
+
   nodes.torskas = mkDevice "torskas" {
     deviceIcon = "${pkgs.super-tiny-icons}/share/icons/SuperTinyIcons/svg/arch_linux.svg";
 

values.nix

@@ -69,18 +69,10 @@ in rec {
       ipv4 = pvv-ipv4 223;
       ipv6 = pvv-ipv6 223;
     };
-    microbel = {
-      ipv4 = pvv-ipv4 179;
-      ipv6 = pvv-ipv6 "1:2";
-    };
     ustetind = {
       ipv4 = pvv-ipv4 234;
       ipv6 = pvv-ipv6 234;
     };
-    skrott = {
-      ipv4 = pvv-ipv4 235;
-      ipv6 = pvv-ipv6 235;
-    };
     temmie = {
       ipv4 = pvv-ipv4 167;
       ipv6 = pvv-ipv6 167;