machines: Add back
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
This commit is contained in:
parent
1f35754b4a
commit
7956c03730
|
@ -15,8 +15,9 @@ let
|
|||
};
|
||||
|
||||
machines = {
|
||||
fort = { tags = [ "external" "vm" ]; };
|
||||
serv = { tags = [ "homelab" "lxc" ]; };
|
||||
back = { tags = [ "external" "server" "baremetal" ]; };
|
||||
fort = { tags = [ "external" "server" "vm" ]; };
|
||||
serv = { tags = [ "homelab" "server" "lxc" ]; };
|
||||
trek = { tags = [ "desktop" ]; };
|
||||
zero = { tags = [ "desktop" ]; };
|
||||
};
|
||||
|
|
|
@ -53,8 +53,9 @@
|
|||
switch -b bak
|
||||
'';
|
||||
|
||||
machines = [ "fort" "serv" "trek" "zero" ];
|
||||
tags = [ "desktop" "external" "homelab" "lxc" "vm" ];
|
||||
machines = [ "back" "fort" "serv" "trek" "zero" ];
|
||||
tags =
|
||||
[ "baremetal" "desktop" "external" "homelab" "lxc" "server" "vm" ];
|
||||
in {
|
||||
apps = (builtins.listToAttrs (map (name: {
|
||||
inherit name;
|
||||
|
|
83
machines/back.nix
Normal file
83
machines/back.nix
Normal file
|
@ -0,0 +1,83 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
../secrets/machines/back.nix
|
||||
../system/baremetal-server.nix
|
||||
../system/ucode-intel.nix
|
||||
];
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
|
||||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
copyKernels = true;
|
||||
efiInstallAsRemovable = true;
|
||||
efiSupport = true;
|
||||
fsIdentifier = "uuid";
|
||||
enableCryptodisk = true;
|
||||
device = "nodev";
|
||||
};
|
||||
|
||||
boot.initrd = {
|
||||
availableKernelModules = [ "hpsa" "sd_mod" "aesni_intel" "cryptd" ];
|
||||
kernelModules = [ "md_mod" "raid0" "raid1" ];
|
||||
luks.devices.nixos-root.device = "/dev/md1";
|
||||
|
||||
# Manually start degraded arrays if needed, to still allow booting from them.
|
||||
# See https://github.com/NixOS/nixpkgs/issues/72608
|
||||
preLVMCommands = ''
|
||||
for dev in /dev/md*; do
|
||||
if [ -b "$dev" ]; then
|
||||
mdadm --run "$dev"
|
||||
fi
|
||||
done
|
||||
'';
|
||||
};
|
||||
|
||||
boot.swraid = {
|
||||
enable = true;
|
||||
mdadmConf = ''
|
||||
DEVICE partitions
|
||||
ARRAY /dev/md0 level=raid1 num-devices=2 metadata=1.0 name=nixos:0 UUID=8b85ad8d:07770d93:de437327:626744b3
|
||||
ARRAY /dev/md1 level=raid1 num-devices=2 metadata=1.2 name=nixos:1 UUID=fa799b6d:76859754:7bf68be4:d184553c
|
||||
PROGRAM ${pkgs.toybox}/bin/true
|
||||
'';
|
||||
};
|
||||
|
||||
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/mapper/nixos-root";
|
||||
fsType = "btrfs";
|
||||
options = [ "noatime" "subvol=@" ];
|
||||
};
|
||||
|
||||
fileSystems."/home" = {
|
||||
device = "/dev/mapper/nixos-root";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@home" ];
|
||||
};
|
||||
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/mapper/nixos-root";
|
||||
fsType = "btrfs";
|
||||
options = [ "noatime" "subvol=@nix" ];
|
||||
};
|
||||
|
||||
fileSystems."/var/log" = {
|
||||
device = "/dev/mapper/nixos-root";
|
||||
fsType = "btrfs";
|
||||
options = [ "noatime" "compress=zstd" "subvol=@log" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/md0";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
services.zfs.autoScrub.enable = true;
|
||||
services.zfs.autoSnapshot.enable = true;
|
||||
services.zfs.trim.enable = true;
|
||||
}
|
BIN
secrets/machines/back.nix
Normal file
BIN
secrets/machines/back.nix
Normal file
Binary file not shown.
16
system/baremetal-server.nix
Normal file
16
system/baremetal-server.nix
Normal file
|
@ -0,0 +1,16 @@
|
|||
{ lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ ../common ../services/openssh.nix ../system/headless.nix ];
|
||||
|
||||
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||
boot.kernelParams = [ "panic=10" "mitigations=off" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
linuxPackages.cpupower
|
||||
lm_sensors
|
||||
powertop
|
||||
smartmontools
|
||||
];
|
||||
}
|
Loading…
Reference in a new issue