Changes for SEA
This commit is contained in:
nostoromo root
parent
93f490e488
commit
61b3ca6dd6
|
|
@ -32,7 +32,7 @@ in {
|
|||
};
|
||||
|
||||
smtp-password-file = mkOption {
|
||||
type = types.path;
|
||||
type = types.str;
|
||||
description = "Path to a file containing the password to use while connecting to the SMTP server.";
|
||||
};
|
||||
|
||||
|
|
@ -61,7 +61,7 @@ in {
|
|||
};
|
||||
|
||||
password-file = mkOption {
|
||||
type = types.path;
|
||||
type = types.str;
|
||||
description = "Path to file containing database password.";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -180,7 +180,7 @@ let
|
|||
};
|
||||
|
||||
password-file = mkOption {
|
||||
type = types.path;
|
||||
type = types.str;
|
||||
description = "Password to use when connecting to the database.";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -72,6 +72,7 @@
|
|||
unzip
|
||||
vim
|
||||
wget
|
||||
yubikey-manager
|
||||
];
|
||||
|
||||
system.stateVersion = "19.09";
|
||||
|
|
|
|||
|
|
@ -12,6 +12,8 @@ in {
|
|||
|
||||
time.timeZone = "America/Los_Angeles";
|
||||
|
||||
services.printing.enable = true;
|
||||
|
||||
services.cron = {
|
||||
mailto = admin;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -242,7 +242,7 @@ in {
|
|||
name = "webmail";
|
||||
hostname = "localhost";
|
||||
user = "webmail";
|
||||
password-file = /srv/webmail/secure/db.passwd;
|
||||
password-file = "/srv/webmail/secure/db.passwd";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
@ -255,12 +255,12 @@ in {
|
|||
site-name = "Fudo Chat";
|
||||
smtp-server = "france.fudo.org";
|
||||
smtp-user = "chat";
|
||||
smtp-password-file = /srv/mattermost/secure/smtp.passwd;
|
||||
smtp-password-file = "/srv/mattermost/secure/smtp.passwd";
|
||||
database = {
|
||||
name = "mattermost";
|
||||
hostname = "localhost";
|
||||
user = "mattermost";
|
||||
password-file = /srv/mattermost/secure/db.passwd;
|
||||
password-file = "/srv/mattermost/secure/db.passwd";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
|
||||
let
|
||||
hostname = "nostromo";
|
||||
hostname = "nostromo.sea.fudo.org";
|
||||
inherit (lib.strings) concatStringsSep;
|
||||
|
||||
in {
|
||||
|
|
@ -12,16 +12,18 @@ in {
|
|||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sdb";
|
||||
|
||||
hardware.bluetooth.enable = false;
|
||||
|
||||
imports = [
|
||||
../defaults.nix
|
||||
../networks/sea.fudo.org.nix
|
||||
../profiles/server.nix
|
||||
../hardware-configuration.nix
|
||||
|
||||
../profiles/services/postgres.nix
|
||||
# ../profiles/services/local_nameserver.nix
|
||||
];
|
||||
|
||||
fudo.common = {
|
||||
profile = "server";
|
||||
site = "seattle";
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = hostname;
|
||||
|
||||
|
|
@ -55,11 +57,22 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = false;
|
||||
fudo = {
|
||||
postgresql = {
|
||||
enable = true;
|
||||
ssl-private-key = "/srv/nostromo/certs/private/privkey.pem";
|
||||
ssl-certificate = "/srv/nostromo/certs/cert.pem";
|
||||
keytab = "/srv/nostromo/keytabs/postgres.keytab";
|
||||
|
||||
local-networks = [
|
||||
"10.0.0.1/24"
|
||||
"127.0.0.1/8"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# ganesha
|
||||
ipfs
|
||||
ceph
|
||||
libguestfs-with-appliance
|
||||
libvirt
|
||||
virtmanager
|
||||
|
|
@ -71,14 +84,6 @@ in {
|
|||
onShutdown = "shutdown";
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/data/gluster0" = {
|
||||
device = "/dev/nostromo-gluster/gluster0";
|
||||
fsType = "xfs";
|
||||
options = ["rw" "inode64" "noatime" "nouuid"];
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
# glusterfs = {
|
||||
# enable = true;
|
||||
|
|
@ -86,52 +91,32 @@ in {
|
|||
# useRpcbind = true;
|
||||
# };
|
||||
|
||||
# -DWITH_SPDK=OFF
|
||||
# ceph = {
|
||||
# enable = true;
|
||||
ceph = {
|
||||
enable = true;
|
||||
|
||||
# global = {
|
||||
# clusterName = "sea-data";
|
||||
|
||||
# clusterNetwork = "10.0.10.0/24";
|
||||
# publicNetwork = "10.0.0.0/23";
|
||||
|
||||
# monHost = "srv-1.data.sea.fudo.org";
|
||||
# monInitialMembers = concatStringsSep "," [
|
||||
# "srv-1.data.sea.fudo.org"
|
||||
# #"srv-2.data.sea.fudo.org"
|
||||
# ];
|
||||
|
||||
# authClientRequired = "cephx";
|
||||
# authClusterRequired = "cephx";
|
||||
# authServiceRequired = "cephx";
|
||||
|
||||
# fsid = "14c6fc0f-13f5-43ab-9b90-b012cd12cbaa";
|
||||
# };
|
||||
|
||||
# mds = {
|
||||
# enable = true;
|
||||
# daemons = ["srv-1"];
|
||||
# };
|
||||
|
||||
# mon = {
|
||||
# enable = true;
|
||||
# daemons = ["srv-1"];
|
||||
# };
|
||||
|
||||
# osd = {
|
||||
# enable = true;
|
||||
# daemons = ["srv-1"];
|
||||
# };
|
||||
# };
|
||||
global = {
|
||||
clusterName = "sea-data";
|
||||
clusterNetwork = "10.0.10.0/24";
|
||||
fsid = "d443e192-896d-4102-a60f-f8f0777eb2a3";
|
||||
monHost = "10.0.10.2";
|
||||
monInitialMembers = "mon-1";
|
||||
publicNetwork = "10.0.0.0/22";
|
||||
};
|
||||
|
||||
# services.ipfs = {
|
||||
# enable = true;
|
||||
# enableGC = true;
|
||||
# autoMount = false;
|
||||
# defaultMode = "online";
|
||||
# apiAddress = "/ip4/10.0.0.2/tcp/5001";
|
||||
# gatewayAddress = "/ipv4/10.0.0.2/tcp/8080";
|
||||
# };
|
||||
mds = {
|
||||
enable = true;
|
||||
daemons = ["srv-2"];
|
||||
};
|
||||
|
||||
mgr = {
|
||||
enable = true;
|
||||
daemons = ["srv-2"];
|
||||
};
|
||||
|
||||
mon = {
|
||||
enable = true;
|
||||
daemons = ["srv-2"];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue