Add storage-ng

common.nix

@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+
+{
+  time.timeZone = "Europe/Berlin";
+
+  networking = {
+    domain = "hq.c3d2.de";
+    defaultGateway.address = "172.22.99.1";
+    nameservers = [ "172.20.72.6" "9.9.9.9" "74.82.42.42" ];
+  };
+
+}

hosts/storage-ng/configuration.nix

@@ -0,0 +1,176 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, strings, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ../../common.nix
+      ../../users.nix
+      #./ncdc.nix
+      ../../mpd.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  systemd = {
+    enableEmergencyMode = false;
+  };
+  # Use the GRUB 2 boot loader.
+  #boot.loader.grub.enable = true;
+  #boot.loader.grub.version = 2;
+  # boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  #boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
+
+  # networking = {
+  #   hostName = "storage2";
+  #   interfaces.ens18.ipv4.addresses = [{
+  #       address = "172.22.99.20";
+  #       prefixLength = 24;
+  #   }];
+  # };
+
+  networking = {
+    hostName = "storage-ng";
+    # usePredictableInterfacenames = false;
+    interfaces.ens18.ipv4.addresses = [{
+        address = "172.22.99.20";
+        prefixLength = 24;
+    }];
+    interfaces.ens18.ipv6.addresses = [{
+        address= "2a02:8106:208:5201::20";
+        prefixLength = 64;
+    }];
+
+    defaultGateway.interface = "ens18";
+
+    #defaultGateway6 = {
+    #  address = "fe80::a800:42ff:fe7a:3246";
+    #  interface = "ens18";
+    #};
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+     wget
+     vim
+     screen
+     zsh
+     lftp
+     # ceph
+     lsof
+     psmisc
+     gitAndTools.git-annex
+     gitAndTools.git
+     tmux
+  ];
+
+  services.ceph = {
+      # enable = true;
+      client.enable = true;
+  };
+
+  services.samba = {
+      enable = true;
+      enableNmbd = true;
+      shares = { 
+      xpool = {
+        browseable = "yes";
+              comment = "Public samba share.";
+              # guest ok = "yes";
+              path = "/mnt/cephfs/c3d2/files";
+              # read only = false;
+            };
+        };
+  };
+
+  # fixme, we need a floating ip here
+  # correct is floating ip 172.22.99.21
+  # does not exist yet
+
+  # secretfile does not work :(
+  
+  fileSystems."/mnt/cephfs" = {
+    device = "172.22.99.13:6789:/";
+    fsType = "ceph";
+    options = [ "name=storage2" ("secret=" + (builtins.readFile("/etc/nixos/storage-secret.key"))) "noatime,_netdev" "noauto" "x-systemd.automount" "x-systemd.device-timeout=175" "users" ];
+  };
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  programs.bash.enableCompletion = true;
+  programs.mtr.enable = true;
+  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  services.atftpd = {
+    enable = true;
+    root = "/mnt/cephfs/c3d2/tftp";
+  };
+
+  services.nfs.server = {
+    enable = true;
+#    exports = "/mnt/cephfs/c3d2/dacbert-rootfs dacbert.hq.c3d2.de(rw) *(ro)";
+    exports = "/mnt/cephfs/c3d2/dacbert-rootfs *(rw)";
+  };
+
+
+  services.nginx = {
+    enable = true;
+    #modules = [ pkgs.nginxModules.nixfancyindex ];
+    package = pkgs.nginx.override {
+      modules = with pkgs.nginxModules; [ fancyindex ];
+    };
+    virtualHosts = {
+      "storage-ng.hq.c3d2.de" = {
+        root = "/etc/nixos/www";
+        serverAliases = [ "storage" "storage2" "storageng" ];
+        http2 = true;
+        # addSSL = true;
+        locations = {
+          "/c3d2" = {
+            alias = "/mnt/cephfs/c3d2/files/";
+            extraConfig = ''
+              fancyindex on;
+              # autoindex on;
+            '';
+          };
+        };
+      };
+    };
+  };
+  # Open ports in the firewall.
+  networking.firewall.allowedTCPPorts = [ 
+    23
+    80
+    443
+    137 138 445 139 # samba
+   ];
+  networking.firewall.allowedUDPPorts = [ 
+    69
+    137 138 445 139 # samba
+   ];
+  # Or disable the firewall altogether.
+  networking.firewall.enable = false;
+
+  # Enable sound.
+  # sound.enable = true;
+  # hardware.pulseaudio.enable = true;
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "18.09"; # Did you read the comment?
+
+}

hosts/storage-ng/hardware-configuration.nix

@@ -0,0 +1,30 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/dcaea9ca-4aeb-441f-a0d6-7f31c8f16a2a";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/5C15-758A";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/68aade1c-47b6-403e-8f2f-21909d55044a"; }
+    ];
+
+  nix.maxJobs = lib.mkDefault 4;
+}

hosts/storage-ng/ncdc.nix

@@ -0,0 +1,18 @@
+{ config, pkgs, lib, ... }:
+
+let
+  ncdcPort = 1512;
+in
+{
+  users.users.ncdc =
+    { isNormalUser = true;
+      uid = ncdcPort;
+      openssh.authorizedKeys.keys =
+        config.users.users.k-ot.openssh.authorizedKeys.keys;
+      password = "k-ot";
+      packages = [ pkgs.tmux pkgs.ncdc ];
+    };
+  networking.firewall.allowedTCPPorts = [ ncdcPort ];
+  networking.firewall.allowedUDPPorts = [ ncdcPort ];
+}
+

mpd.nix

@@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+
+let
+  hostMpd = if config.networking.hostName == "storage-ng" then
+    {
+      musicDirectory = "/mnt/cephfs/c3d2/rpool/Music";
+    }
+    else
+    {
+      dbFile = null;
+      musicDirectory = "/mnt/storage/Music";
+      extraConfig = ''
+        database {
+          plugin "proxy"
+          host "172.22.99.20"
+        }
+      '';
+    };
+in
+{
+  services.mpd = (hostMpd // {
+    enable=true;
+    network.listenAddress = "any";
+  });
+
+  networking.firewall.allowedTCPPorts =
+   [ config.mpd.network.port ];
+}

users.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  users.users.k-ot = {
+    packages = with pkgs;
+      [ screen tmux ];
+    createHome = true;
+    isNormalUser = true;
+    uid = 1000;
+    extraGroups = [ "wheel" "audio" ];
+    password = "k-otk-ot";
+  };
+}