2021-11-11 16:20:45 +01:00
|
|
|
{ hostRegistry, config, pkgs, lib, strings, ... }:
|
2020-11-11 20:20:44 +01:00
|
|
|
|
2021-10-18 23:17:15 +02:00
|
|
|
let
|
|
|
|
|
eth0 = "ens18";
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
imports = [
|
|
|
|
|
# Include the results of the hardware scan.
|
2020-11-11 20:20:44 +01:00
|
|
|
./hardware-configuration.nix
|
2021-11-11 16:20:45 +01:00
|
|
|
# ../../lib
|
2021-02-15 07:55:44 +01:00
|
|
|
# ../../lib/hq.nix
|
2021-11-11 16:20:45 +01:00
|
|
|
# ../../lib/shared.nix
|
2020-11-11 20:20:44 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
c3d2 = {
|
|
|
|
|
users.k-ot = true;
|
|
|
|
|
isInHq = true;
|
|
|
|
|
mapHqHosts = true;
|
|
|
|
|
hq.interface = eth0;
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-11 16:20:45 +01:00
|
|
|
boot.loader.grub = {
|
2020-11-11 20:20:44 +01:00
|
|
|
enable = true;
|
2021-11-11 16:20:45 +01:00
|
|
|
version = 2;
|
|
|
|
|
efiSupport = true;
|
|
|
|
|
devices = [ "nodev" ];
|
2020-11-11 20:20:44 +01:00
|
|
|
};
|
2021-11-11 16:20:45 +01:00
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
2020-11-11 20:20:44 +01:00
|
|
|
systemd.enableEmergencyMode = false;
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "storage-ng";
|
|
|
|
|
# usePredictableInterfacenames = false;
|
2021-10-31 19:00:03 +01:00
|
|
|
interfaces."${eth0}" = {
|
2020-11-11 20:20:44 +01:00
|
|
|
ipv4.addresses = [{
|
2021-11-11 16:20:45 +01:00
|
|
|
address = hostRegistry.hosts.${config.networking.hostName}.ip4;
|
2020-11-11 20:20:44 +01:00
|
|
|
prefixLength = 24;
|
|
|
|
|
}];
|
|
|
|
|
ipv6.addresses = [{
|
2021-11-11 16:20:45 +01:00
|
|
|
address = hostRegistry.hosts.${config.networking.hostName}.ip6;
|
2020-11-11 20:20:44 +01:00
|
|
|
prefixLength = 64;
|
|
|
|
|
}];
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-11 16:20:45 +01:00
|
|
|
defaultGateway.address = "172.22.99.4";
|
2020-11-11 20:20:44 +01:00
|
|
|
defaultGateway.interface = eth0;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
screen
|
|
|
|
|
zsh
|
|
|
|
|
lftp
|
|
|
|
|
lsof
|
|
|
|
|
psmisc
|
2021-10-02 19:31:56 +02:00
|
|
|
git-annex
|
2020-11-11 20:20:44 +01:00
|
|
|
|
|
|
|
|
mpv
|
|
|
|
|
iotop
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
services.ceph = {
|
|
|
|
|
enable = false;
|
|
|
|
|
client.enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# fixme, we need a floating ip here
|
|
|
|
|
# correct is floating ip 172.22.99.21
|
|
|
|
|
# does not exist yet
|
2021-11-11 16:20:45 +01:00
|
|
|
# TODO: where, exactly?
|
2020-11-11 20:20:44 +01:00
|
|
|
|
|
|
|
|
# secretfile does not work :(
|
|
|
|
|
fileSystems."/mnt/cephfs" = {
|
|
|
|
|
device = "172.22.99.13:6789:/";
|
|
|
|
|
fsType = "ceph";
|
|
|
|
|
options = [
|
|
|
|
|
"name=storage2"
|
|
|
|
|
"secret=AQAvRhxcaCK0IxAAnoe00oiopcpQeKZgL02RWw=="
|
|
|
|
|
"noatime,_netdev"
|
|
|
|
|
"noauto"
|
|
|
|
|
"x-systemd.automount"
|
|
|
|
|
"x-systemd.device-timeout=175"
|
|
|
|
|
"users"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
programs.bash.enableCompletion = true;
|
|
|
|
|
programs.mtr.enable = true;
|
|
|
|
|
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
|
|
|
|
|
2020-11-11 20:50:46 +01:00
|
|
|
services.openssh = {
|
2021-02-22 11:45:12 +01:00
|
|
|
enable = true;
|
|
|
|
|
allowSFTP = true;
|
2020-11-11 20:50:46 +01:00
|
|
|
};
|
2020-11-11 20:20:44 +01:00
|
|
|
|
|
|
|
|
services.atftpd = {
|
|
|
|
|
enable = true;
|
|
|
|
|
root = "/mnt/cephfs/c3d2/tftp";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* # Open ports in the firewall.
|
2021-10-18 23:17:15 +02:00
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
|
23
|
|
|
|
|
];
|
|
|
|
|
networking.firewall.allowedUDPPorts = [
|
|
|
|
|
69
|
|
|
|
|
];
|
2020-11-11 20:20:44 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
networking.firewall.enable = false;
|
|
|
|
|
|
|
|
|
|
system.stateVersion = "19.03"; # Did you read the comment?
|
|
|
|
|
}
|
