c8h4/nixos-config
1
0
Fork 0
Code Issues Activity Actions
nixos-config/machines/back.nix
Christoph Heiss b98a8e47e2
machines: back: switch ConnectX-3 ports to ethernet mode on boot 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-01-27 18:44:48 +01:00

82 lines
2.1 KiB
Nix
Raw Blame History

{ pkgs, ... }:
{
imports = [
../secrets/machines/back.nix
../system/baremetal-server.nix
../system/ucode-intel.nix
../system/zfs.nix
];
system.stateVersion = "23.11";
boot.initrd = {
availableKernelModules = [ "hpsa" "aesni_intel" "tg3" ];
luks.devices.nixos-root.device = "/dev/md1";
};
boot.swraid = {
enable = true;
mdadmConf = ''
DEVICE partitions
ARRAY /dev/md0 level=raid1 num-devices=2 metadata=1.0 name=nixos:0 UUID=8b85ad8d:07770d93:de437327:626744b3
ARRAY /dev/md1 level=raid1 num-devices=2 metadata=1.2 name=nixos:1 UUID=fa799b6d:76859754:7bf68be4:d184553c
PROGRAM ${pkgs.toybox}/bin/true
'';
};
boot.kernelParams = [ "zfs.zfs_arc_max=34359738368" ]; # 32 GiB
fileSystems."/" = {
device = "/dev/mapper/nixos-root";
fsType = "btrfs";
options = [ "noatime" "subvol=@" ];
};
fileSystems."/home" = {
device = "/dev/mapper/nixos-root";
fsType = "btrfs";
options = [ "subvol=@home" ];
};
fileSystems."/nix" = {
device = "/dev/mapper/nixos-root";
fsType = "btrfs";
options = [ "noatime" "subvol=@nix" ];
};
fileSystems."/var/log" = {
device = "/dev/mapper/nixos-root";
fsType = "btrfs";
options = [ "noatime" "compress=zstd" "subvol=@log" ];
};
fileSystems."/boot" = {
device = "/dev/md0";
fsType = "vfat";
};
users.users.backup = {
isNormalUser = true;
uid = 2000;
createHome = false;
openssh.authorizedKeys.keys = let
restrictCmd =
''command="${pkgs.rrsync}/bin/rrsync -wo -no-del /tank/",restrict'';
in [
"${restrictCmd} ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAO9LOBcl04ddGijyDSuUXH47Qt6TZISUDwDr1wrm+Ou tank.c8h4.io"
];
};
services.openssh.settings.AllowUsers = [ "backup" ];
systemd.services.switch-mlx4-ports-to-eth = {
serviceConfig.Type = "oneshot";
description = "switch Mellanox ConnectX-3 Pro ports to ethernet mode";
script = ''
echo eth >/sys/bus/pci/devices/0000\:04\:00.0/mlx4_port1
echo eth >/sys/bus/pci/devices/0000\:04\:00.0/mlx4_port2
'';
wantedBy = [ "multi-user.target" ];
};
}
Reference in a new issue View git blame Copy permalink