c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

Add disko config for server10, add glotzbert back, don't configure fileSystems

This commit is contained in:
Sandro - 2024-01-06 17:33:49 +01:00
parent e9a4c3de11
commit f89a5fb24e
Signed by: sandro
GPG Key ID: 3AF5A43A3EECC2E5
3 changed files with 139 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/glotzbert/default.nix
View File

@ -19,6 +19,13 @@
systemd-boot.enable = true; systemd-boot.enable = true;
}; };
disko.disks = [ {
device = "/dev/disk/by-id/ata-SSD0240S00_20201124BC41037";
name = "glotzbert";
withCeph = false;
withLuks = false;
} ];
networking = { networking = {
domain = "hq.c3d2.de"; domain = "hq.c3d2.de";
firewall = { firewall = {

8
hosts/server10/default.nix
View File

@ -28,6 +28,14 @@
}; };
}; };
disko.disks = [ {
device = "/dev/disk/by-id/ata-Samsung_SSD_860_EVO_1TB_S3Z9NB0M203733F";
name = "server10";
partitionTableFormat = "msdos";
withBoot = true;
withLuks = true;
} ];
networking = { networking = {
hostName = "server10"; hostName = "server10";
# TODO: change that to something more random # TODO: change that to something more random

238
modules/disko.nix
View File

@ -1,7 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.disko; cfg = config.disko.disks;
in in
{ {
options.disko.disks = lib.mkOption { options.disko.disks = lib.mkOption {
@ -22,6 +22,12 @@ in
description = "Name of the disk."; description = "Name of the disk.";
}; };
partitionTableFormat = lib.mkOption {
type = lib.types.enum [ "gpt" "msdos" ];
default = "gpt";
description = "Which parition table format to use.";
};
withBoot = lib.mkOption { withBoot = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = true; default = true;
@ -30,7 +36,7 @@ in
withCeph = lib.mkOption { withCeph = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = true; default = false;
description = "Wether to include a ceph partition."; description = "Wether to include a ceph partition.";
}; };
@ -51,7 +57,7 @@ in
}; };
config = { config = {
assertions = lib.mkIf (cfg.disks != [ ]) (lib.head (map assertions = lib.mkIf (cfg != [ ]) (lib.head (map
(disk: [ (disk: [
{ {
assertion = disk.withCeph || disk.withZfs; assertion = disk.withCeph || disk.withZfs;
@ -62,118 +68,122 @@ in
message = "Ceph requires Luks!"; message = "Ceph requires Luks!";
} }
]) ])
cfg.disks)); cfg));
disko.devices = lib.mkIf (cfg.disks != [ ]) (lib.head (map disko = {
(disk: devices = lib.mkIf (cfg != [ ]) (lib.head (map
let (disk:
diskName = if disk.name != "" then "-${disk.name}" else ""; let
luksName = "crypt-${config.networking.hostName}${diskName}"; diskName = if disk.name != "" then "-${disk.name}" else "";
zfs = { luksName = "crypt-${config.networking.hostName}${diskName}";
size = "100%FREE"; zfs = {
content = { size = "100%FREE";
pool = zfsName; content = {
type = "zfs"; pool = zfsName;
}; type = "zfs";
};
zfsName = "${config.networking.hostName}${diskName}";
in
{
disk.${disk.device} = {
inherit (disk) device;
type = "disk";
content = {
type = "table";
format = "gpt";
partitions = lib.optional disk.withZfs {
name = "ESP";
start = "1MiB";
end = "512MiB";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
} ++ [
{
name = "root";
start = if disk.withZfs then "512MiB" else "1MiB";
end = "100%";
part-type = "primary";
content = lib.optionalAttrs disk.withLuks {
type = "luks";
name = luksName;
# trim potential new lines to not have them in the password
keyFile = "tr -d '\n' </$PWD/keyFile";
inherit (zfs) content;
} // lib.optionalAttrs (!disk.withLuks) zfs.content;
}
];
};
};
} // {
zpool.${zfsName} = {
type = "zpool";
# -O
rootFsOptions = {
acltype = "posixacl";
compression = "zstd";
dnodesize = "auto";
normalization = "formD";
xattr = "sa";
};
# -o
options = {
ashift = "12";
autotrim = "on";
};
datasets =
let
dataset = mountpoint: {
inherit mountpoint;
options = {
canmount = "on";
inherit mountpoint;
};
type = "zfs_fs";
};
datasetNoMount = {
mountpoint = null;
options = {
canmount = "off";
mountpoint = "none";
};
type = "zfs_fs";
};
in
{
"root" = dataset "/";
"data" = datasetNoMount;
# used by services.postgresqlBackup and later by restic
"data/backup" = dataset "/var/backup";
"data/etc" = dataset "/etc";
"data/lib" = dataset "/var/lib";
"home" = dataset "/home";
"nix" = lib.recursiveUpdate (dataset "/nix") {
options.atime = "off";
};
"nix/store" = dataset "/nix/store";
"nix/var" = dataset "/nix/var";
# zfs uses copy on write and requires some free space to delete files when the disk is completely filled
"reserved" = lib.recursiveUpdate (dataset "reserved") {
mountpoint = null;
options = {
canmount = "off";
mountpoint = "none";
reservation = "5GiB";
};
type = "zfs_fs";
};
}; };
}; };
}) zfsName = "${config.networking.hostName}${diskName}";
cfg.disks)); in
{
disk.${disk.device} = {
inherit (disk) device;
type = "disk";
content = {
type = "table";
format = disk.partitionTableFormat;
partitions = lib.optional disk.withZfs {
name = "ESP";
start = "1MiB";
end = "512MiB";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
} ++ [
{
name = "root";
start = if disk.withZfs then "512MiB" else "1MiB";
end = "100%";
part-type = "primary";
content = lib.optionalAttrs disk.withLuks {
type = "luks";
name = luksName;
askPassword = true;
inherit (zfs) content;
} // lib.optionalAttrs (!disk.withLuks) zfs.content;
}
];
};
};
} // {
zpool.${zfsName} = {
type = "zpool";
# -O
rootFsOptions = {
acltype = "posixacl";
compression = "zstd";
dnodesize = "auto";
normalization = "formD";
xattr = "sa";
};
# -o
options = {
ashift = "12";
autotrim = "on";
};
datasets =
let
dataset = mountpoint: {
inherit mountpoint;
options = {
canmount = "on";
inherit mountpoint;
};
type = "zfs_fs";
};
datasetNoMount = {
mountpoint = null;
options = {
canmount = "off";
mountpoint = "none";
};
type = "zfs_fs";
};
in
{
"root" = dataset "/";
"data" = datasetNoMount;
# used by services.postgresqlBackup and later by restic
"data/backup" = dataset "/var/backup";
"data/etc" = dataset "/etc";
"data/lib" = dataset "/var/lib";
"home" = dataset "/home";
"nix" = lib.recursiveUpdate (dataset "/nix") {
options.atime = "off";
};
"nix/store" = dataset "/nix/store";
"nix/var" = dataset "/nix/var";
# zfs uses copy on write and requires some free space to delete files when the disk is completely filled
"reserved" = lib.recursiveUpdate (dataset "reserved") {
mountpoint = null;
options = {
canmount = "off";
mountpoint = "none";
reservation = "5GiB";
};
type = "zfs_fs";
};
};
};
})
cfg));
# we do not want changes to this module render machines unbootable
enableConfig = false;
};
}; };
} }