nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes for SEA

This commit is contained in:
nostoromo root 2020-02-18 10:58:47 -08:00
parent 93f490e488
commit 61b3ca6dd6
6 changed files with 54 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/fudo/chat.nix
View File

@ -32,7 +32,7 @@ in {
}; };
smtp-password-file = mkOption { smtp-password-file = mkOption {
type = types.path; type = types.str;
description = "Path to a file containing the password to use while connecting to the SMTP server."; description = "Path to a file containing the password to use while connecting to the SMTP server.";
}; };
@ -61,7 +61,7 @@ in {
}; };
password-file = mkOption { password-file = mkOption {
type = types.path; type = types.str;
description = "Path to file containing database password."; description = "Path to file containing database password.";
}; };
}; };

2
config/fudo/webmail.nix
View File

@ -180,7 +180,7 @@ let
}; };
password-file = mkOption { password-file = mkOption {
type = types.path; type = types.str;
description = "Password to use when connecting to the database."; description = "Password to use when connecting to the database.";
}; };
}; };

1
defaults.nix
View File

@ -72,6 +72,7 @@
unzip unzip
vim vim
wget wget
yubikey-manager
]; ];
system.stateVersion = "19.09"; system.stateVersion = "19.09";

2
fudo/sites/seattle.nix
View File

@ -12,6 +12,8 @@ in {
time.timeZone = "America/Los_Angeles"; time.timeZone = "America/Los_Angeles";
services.printing.enable = true;
services.cron = { services.cron = {
mailto = admin; mailto = admin;
}; };

6
hosts/france.nix
View File

@ -242,7 +242,7 @@ in {
name = "webmail"; name = "webmail";
hostname = "localhost"; hostname = "localhost";
user = "webmail"; user = "webmail";
password-file = /srv/webmail/secure/db.passwd; password-file = "/srv/webmail/secure/db.passwd";
}; };
}; };
}; };
@ -255,12 +255,12 @@ in {
site-name = "Fudo Chat"; site-name = "Fudo Chat";
smtp-server = "france.fudo.org"; smtp-server = "france.fudo.org";
smtp-user = "chat"; smtp-user = "chat";
smtp-password-file = /srv/mattermost/secure/smtp.passwd; smtp-password-file = "/srv/mattermost/secure/smtp.passwd";
database = { database = {
name = "mattermost"; name = "mattermost";
hostname = "localhost"; hostname = "localhost";
user = "mattermost"; user = "mattermost";
password-file = /srv/mattermost/secure/db.passwd; password-file = "/srv/mattermost/secure/db.passwd";
}; };
}; };

109
hosts/nostromo.nix
View File

@ -1,7 +1,7 @@
{ lib, config, pkgs, ... }: { lib, config, pkgs, ... }:
let let
hostname = "nostromo"; hostname = "nostromo.sea.fudo.org";
inherit (lib.strings) concatStringsSep; inherit (lib.strings) concatStringsSep;
in { in {
@ -12,16 +12,18 @@ in {
boot.loader.grub.version = 2; boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sdb"; boot.loader.grub.device = "/dev/sdb";
hardware.bluetooth.enable = false;
imports = [ imports = [
../defaults.nix ../defaults.nix
../networks/sea.fudo.org.nix
../profiles/server.nix
../hardware-configuration.nix ../hardware-configuration.nix
../profiles/services/postgres.nix
# ../profiles/services/local_nameserver.nix
]; ];
fudo.common = {
profile = "server";
site = "seattle";
};
networking = { networking = {
hostName = hostname; hostName = hostname;
@ -55,11 +57,22 @@ in {
}; };
}; };
hardware.bluetooth.enable = false; fudo = {
postgresql = {
enable = true;
ssl-private-key = "/srv/nostromo/certs/private/privkey.pem";
ssl-certificate = "/srv/nostromo/certs/cert.pem";
keytab = "/srv/nostromo/keytabs/postgres.keytab";
local-networks = [
"10.0.0.1/24"
"127.0.0.1/8"
];
};
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# ganesha ceph
ipfs
libguestfs-with-appliance libguestfs-with-appliance
libvirt libvirt
virtmanager virtmanager
@ -71,14 +84,6 @@ in {
onShutdown = "shutdown"; onShutdown = "shutdown";
}; };
fileSystems = {
"/data/gluster0" = {
device = "/dev/nostromo-gluster/gluster0";
fsType = "xfs";
options = ["rw" "inode64" "noatime" "nouuid"];
};
};
services = { services = {
# glusterfs = { # glusterfs = {
# enable = true; # enable = true;
@ -86,52 +91,32 @@ in {
# useRpcbind = true; # useRpcbind = true;
# }; # };
# -DWITH_SPDK=OFF ceph = {
# ceph = { enable = true;
# enable = true;
# global = { global = {
# clusterName = "sea-data"; clusterName = "sea-data";
clusterNetwork = "10.0.10.0/24";
# clusterNetwork = "10.0.10.0/24"; fsid = "d443e192-896d-4102-a60f-f8f0777eb2a3";
# publicNetwork = "10.0.0.0/23"; monHost = "10.0.10.2";
monInitialMembers = "mon-1";
# monHost = "srv-1.data.sea.fudo.org"; publicNetwork = "10.0.0.0/22";
# monInitialMembers = concatStringsSep "," [
# "srv-1.data.sea.fudo.org"
# #"srv-2.data.sea.fudo.org"
# ];
# authClientRequired = "cephx";
# authClusterRequired = "cephx";
# authServiceRequired = "cephx";
# fsid = "14c6fc0f-13f5-43ab-9b90-b012cd12cbaa";
# };
# mds = {
# enable = true;
# daemons = ["srv-1"];
# };
# mon = {
# enable = true;
# daemons = ["srv-1"];
# };
# osd = {
# enable = true;
# daemons = ["srv-1"];
# };
# };
}; };
# services.ipfs = { mds = {
# enable = true; enable = true;
# enableGC = true; daemons = ["srv-2"];
# autoMount = false; };
# defaultMode = "online";
# apiAddress = "/ip4/10.0.0.2/tcp/5001"; mgr = {
# gatewayAddress = "/ipv4/10.0.0.2/tcp/8080"; enable = true;
# }; daemons = ["srv-2"];
};
mon = {
enable = true;
daemons = ["srv-2"];
};
};
};
} }