From f024159742df9f3b1dabc2e4fa9091f9a702235b Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 20 Oct 2024 01:50:24 +0200 Subject: [PATCH 1/5] WIP: Init new backup server; bakke --- flake.nix | 5 ++ hosts/bakke/configuration.nix | 25 +++++++ hosts/bakke/disks.nix | 90 ++++++++++++++++++++++++++ hosts/bakke/filesystems.nix | 28 ++++++++ hosts/bakke/hardware-configuration.nix | 22 +++++++ values.nix | 4 ++ 6 files changed, 174 insertions(+) create mode 100644 hosts/bakke/configuration.nix create mode 100644 hosts/bakke/disks.nix create mode 100644 hosts/bakke/filesystems.nix create mode 100644 hosts/bakke/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index b09a986..771f21e 100644 --- a/flake.nix +++ b/flake.nix @@ -79,6 +79,11 @@ stableNixosConfig = nixosConfig nixpkgs; unstableNixosConfig = nixosConfig nixpkgs-unstable; in { + bakke = stableNixosConfig "bakke" { + modules = [ + disko.nixosModules.disko + ]; + }; bicep = stableNixosConfig "bicep" { modules = [ inputs.matrix-next.nixosModules.default diff --git a/hosts/bakke/configuration.nix b/hosts/bakke/configuration.nix new file mode 100644 index 0000000..29435ce --- /dev/null +++ b/hosts/bakke/configuration.nix @@ -0,0 +1,25 @@ +{ config, pkgs, values, ... }: +{ + imports = [ + ./hardware-configuration.nix + ../../base + ../../misc/metrics-exporters.nix + ./filesystems.nix + ]; + + sops.defaultSopsFile = ../../secrets/bakke/bakke.yaml; + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + sops.age.keyFile = "/var/lib/sops-nix/key.txt"; + sops.age.generateKey = true; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "bakke"; + systemd.network.networks."30-enp2s0" = values.defaultNetworkConfig // { + matchConfig.Name = "enp2s0"; + address = with values.hosts.bakke; [ (ipv4 + "/25") (ipv6 + "/64") ]; + }; + + system.stateVersion = "23.05"; +} diff --git a/hosts/bakke/disks.nix b/hosts/bakke/disks.nix new file mode 100644 index 0000000..08a2c98 --- /dev/null +++ b/hosts/bakke/disks.nix @@ -0,0 +1,90 @@ +{ + # https://github.com/nix-community/disko/blob/master/example/boot-raid1.nix + disko.devices = { + disk = { + one = { + type = "disk"; + device = "/dev/disk/by-id/ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E2EER6N6"; + content = { + type = "gpt"; + partitions = { + BOOT = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "500M"; + type = "EF00"; + content = { + type = "mdraid"; + name = "boot"; + }; + }; + mdadm = { + size = "100%"; + content = { + type = "mdraid"; + name = "raid1"; + }; + }; + }; + }; + }; + two = { + type = "disk"; + device = "/dev/disk/by-id/ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E7LPLU71"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "500M"; + type = "EF00"; + content = { + type = "mdraid"; + name = "boot"; + }; + }; + mdadm = { + size = "100%"; + content = { + type = "mdraid"; + name = "raid1"; + }; + }; + }; + }; + }; + }; + mdadm = { + boot = { + type = "mdadm"; + level = 1; + metadata = "1.0"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + raid1 = { + type = "mdadm"; + level = 1; + content = { + type = "gpt"; + partitions.primary = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/bakke/filesystems.nix b/hosts/bakke/filesystems.nix new file mode 100644 index 0000000..8648924 --- /dev/null +++ b/hosts/bakke/filesystems.nix @@ -0,0 +1,28 @@ +{ config, pkgs, lib, ... }: +{ + # Boot drives: + imports = [ + ./boot-disks.nix + ]; + + # ZFS Data pool: + environment.systemPackages = with pkgs; [ zfs ]; + boot = { + zfs = { + extraPools = [ "tank" ]; + requestEncryptionCredentials = false; + }; + supportedFilesystems = [ "zfs" ]; + kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + }; + services.zfs.autoScrub = { + enable = true; + interval = "Wed *-*-8..14 00:00:00"; + }; + + # NFS Exports: + #TODO + + # NFS Import mounts: + #TODO +} diff --git a/hosts/bakke/hardware-configuration.nix b/hosts/bakke/hardware-configuration.nix new file mode 100644 index 0000000..2c5e7b1 --- /dev/null +++ b/hosts/bakke/hardware-configuration.nix @@ -0,0 +1,22 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + swapDevices = [ ]; #TODO + + networking.useDHCP = lib.mkDefault false; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/values.nix b/values.nix index 2e9d266..7ccf30b 100644 --- a/values.nix +++ b/values.nix @@ -27,6 +27,10 @@ in rec { gateway = pvv-ipv4 129; gateway6 = pvv-ipv6 1; + bakke = { + ipv4 = pvv-ipv4 173; + ipv6 = pvv-ipv6 173; + }; bekkalokk = { ipv4 = pvv-ipv4 168; ipv6 = pvv-ipv6 168; -- 2.44.2 From 950e2514a7194749273ec8a2c193ad7f170b0851 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 20 Oct 2024 17:40:44 +0200 Subject: [PATCH 2/5] bakke: Update disk layout --- hosts/bakke/disks.nix | 8 -------- hosts/bakke/filesystems.nix | 3 ++- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/hosts/bakke/disks.nix b/hosts/bakke/disks.nix index 08a2c98..3420a85 100644 --- a/hosts/bakke/disks.nix +++ b/hosts/bakke/disks.nix @@ -8,10 +8,6 @@ content = { type = "gpt"; partitions = { - BOOT = { - size = "1M"; - type = "EF02"; # for grub MBR - }; ESP = { size = "500M"; type = "EF00"; @@ -36,10 +32,6 @@ content = { type = "gpt"; partitions = { - boot = { - size = "1M"; - type = "EF02"; # for grub MBR - }; ESP = { size = "500M"; type = "EF00"; diff --git a/hosts/bakke/filesystems.nix b/hosts/bakke/filesystems.nix index 8648924..5bb1172 100644 --- a/hosts/bakke/filesystems.nix +++ b/hosts/bakke/filesystems.nix @@ -2,8 +2,9 @@ { # Boot drives: imports = [ - ./boot-disks.nix + ./disks.nix ]; + boot.swraid.enable = true; # ZFS Data pool: environment.systemPackages = with pkgs; [ zfs ]; -- 2.44.2 From 94b8047dee994a6e82576c11af5ac33c114d1842 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 20 Oct 2024 18:20:09 +0200 Subject: [PATCH 3/5] Bakke: more disk stuff --- hosts/bakke/configuration.nix | 11 +++++++++-- hosts/bakke/hardware-configuration.nix | 15 +++++++++++++-- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/hosts/bakke/configuration.nix b/hosts/bakke/configuration.nix index 29435ce..5d7b5b4 100644 --- a/hosts/bakke/configuration.nix +++ b/hosts/bakke/configuration.nix @@ -12,10 +12,17 @@ sops.age.keyFile = "/var/lib/sops-nix/key.txt"; sops.age.generateKey = true; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; + boot.loader = { + efi.canTouchEfiVariables = true; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; networking.hostName = "bakke"; + networking.hostId = "99609ffc"; systemd.network.networks."30-enp2s0" = values.defaultNetworkConfig // { matchConfig.Name = "enp2s0"; address = with values.hosts.bakke; [ (ipv4 + "/25") (ipv6 + "/64") ]; diff --git a/hosts/bakke/hardware-configuration.nix b/hosts/bakke/hardware-configuration.nix index 2c5e7b1..3ada267 100644 --- a/hosts/bakke/hardware-configuration.nix +++ b/hosts/bakke/hardware-configuration.nix @@ -8,12 +8,23 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - swapDevices = [ ]; #TODO + fileSystems."/" = + { device = "/dev/disk/by-uuid/873e1891-d9f8-470f-9c57-e1b4c8b7bf0e"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-id/ata-WDC_WD40EFRX-68WT0N0_WD-WCC4E7LPLU71-part1"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; networking.useDHCP = lib.mkDefault false; -- 2.44.2 From 1630c1c38ef2b5a52fde7880198e4bd716fe1295 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sun, 20 Oct 2024 22:04:11 +0200 Subject: [PATCH 4/5] =?UTF-8?q?bakke:=20get=20rid=20of=20disko=20?= =?UTF-8?q?=F0=9F=92=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hosts/bakke/configuration.nix | 10 ++-------- hosts/bakke/disks.nix | 1 + hosts/bakke/filesystems.nix | 3 --- 3 files changed, 3 insertions(+), 11 deletions(-) diff --git a/hosts/bakke/configuration.nix b/hosts/bakke/configuration.nix index 5d7b5b4..7629f22 100644 --- a/hosts/bakke/configuration.nix +++ b/hosts/bakke/configuration.nix @@ -12,14 +12,8 @@ sops.age.keyFile = "/var/lib/sops-nix/key.txt"; sops.age.generateKey = true; - boot.loader = { - efi.canTouchEfiVariables = true; - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "bakke"; networking.hostId = "99609ffc"; diff --git a/hosts/bakke/disks.nix b/hosts/bakke/disks.nix index 3420a85..e7d1a5b 100644 --- a/hosts/bakke/disks.nix +++ b/hosts/bakke/disks.nix @@ -1,5 +1,6 @@ { # https://github.com/nix-community/disko/blob/master/example/boot-raid1.nix + # Note: Disko was used to create the initial md raid, but is no longer in active use on this host. disko.devices = { disk = { one = { diff --git a/hosts/bakke/filesystems.nix b/hosts/bakke/filesystems.nix index 5bb1172..9312a0c 100644 --- a/hosts/bakke/filesystems.nix +++ b/hosts/bakke/filesystems.nix @@ -1,9 +1,6 @@ { config, pkgs, lib, ... }: { # Boot drives: - imports = [ - ./disks.nix - ]; boot.swraid.enable = true; # ZFS Data pool: -- 2.44.2 From 4dc28f2d257e390d86df872453a2262403092fa6 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Mon, 21 Oct 2024 21:30:17 +0200 Subject: [PATCH 5/5] =?UTF-8?q?bakke:=20fix=20state(=F0=9F=A4=AC)=20versio?= =?UTF-8?q?n?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hosts/bakke/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/bakke/configuration.nix b/hosts/bakke/configuration.nix index 7629f22..1aa2b9e 100644 --- a/hosts/bakke/configuration.nix +++ b/hosts/bakke/configuration.nix @@ -22,5 +22,5 @@ address = with values.hosts.bakke; [ (ipv4 + "/25") (ipv6 + "/64") ]; }; - system.stateVersion = "23.05"; + system.stateVersion = "24.05"; } -- 2.44.2