c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

dacbert: mount / via nfs 

to store ssh host key :)
This commit is contained in:
Astro 2022-03-17 00:24:23 +01:00
parent e8f1f0f404
commit 6c38f4e4f1
4 changed files with 34 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/containers/nix-build/rpi-netboot.nix
View File

@ -33,15 +33,26 @@ in
"2a00:8180:2c00:200::/56" "2a00:8180:2c00:200::/56"
"fd23:42:c3d2:500::/56" "fd23:42:c3d2:500::/56"
]; ];
opts = lib.concatStringsSep "," [ opts = o: fsid:
"async" "ro" "no_subtree_check" "no_root_squash" "fsid=0" lib.concatStringsSep "," [
]; o "async"
"no_subtree_check" "no_root_squash"
"fsid=${toString fsid}"
];
in '' in ''
/nix/store ${ /nix/store ${
lib.concatMapStringsSep " " (subnet: lib.concatMapStringsSep " " (subnet:
"${subnet}(${opts})" "${subnet}(${opts "ro" 0})"
) allowed
}
/var/lib/nfsroot/dacbert ${
lib.concatMapStringsSep " " (subnet:
"${subnet}(${opts "rw" 1})"
) allowed ) allowed
} }
''; '';
}; };
systemd.tmpfiles.rules = [
"d /var/lib/nfsroot/dacbert 0755 root root - -"
];
} }

5
hosts/dacbert/default.nix
View File

@ -39,6 +39,11 @@
hardware.raspberry-pi."4" = { hardware.raspberry-pi."4" = {
fkms-3d.enable = true; fkms-3d.enable = true;
}; };
fileSystems."/" = {
device = "${hostRegistry.hosts.nix-build.ip4}:/var/lib/nfsroot/dacbert";
fsType = "nfs";
options = [ "nfsvers=3" "proto=tcp" "nolock" "hard" "async" "rw" ];
};
c3d2 = { c3d2 = {
isInHq = true; isInHq = true;

14
hosts/rpi-netboot/default.nix
View File

@ -65,6 +65,20 @@
firewall.enable = false; firewall.enable = false;
}; };
# volatile system: everything is tmpfs
fileSystems."/" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
fileSystems."/etc" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
fileSystems."/var" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
libraspberrypi libraspberrypi
raspberrypi-eeprom raspberrypi-eeprom

12
modules/rpi-netboot.nix
View File

@ -33,18 +33,6 @@
tmpOnTmpfs = true; tmpOnTmpfs = true;
}; };
fileSystems."/" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
fileSystems."/etc" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
fileSystems."/var" = {
fsType = "tmpfs";
options = [ "mode=0755" ];
};
fileSystems."/nix/store" = { fileSystems."/nix/store" = {
device = "${hostRegistry.hosts.nix-build.ip4}:/nix/store"; device = "${hostRegistry.hosts.nix-build.ip4}:/nix/store";
fsType = "nfs"; fsType = "nfs";