Compare commits
3 Commits
7e2dfc21c6
...
b68e82ae03
| Author | SHA1 | Date | |
|---|---|---|---|
| b68e82ae03 | |||
| 91489551b9 | |||
| 86c99c2cbb |
@ -116,9 +116,9 @@
|
|||||||
nixos/installer.nix
|
nixos/installer.nix
|
||||||
nixos/boxes/colony
|
nixos/boxes/colony
|
||||||
nixos/boxes/tower
|
nixos/boxes/tower
|
||||||
nixos/boxes/castle
|
|
||||||
nixos/boxes/home/stream.nix
|
nixos/boxes/home/stream.nix
|
||||||
nixos/boxes/home/palace
|
nixos/boxes/home/palace
|
||||||
|
nixos/boxes/home/castle
|
||||||
nixos/boxes/britway
|
nixos/boxes/britway
|
||||||
nixos/boxes/kelder
|
nixos/boxes/kelder
|
||||||
|
|
||||||
|
|||||||
@ -1,7 +1,8 @@
|
|||||||
{ lib, ... }:
|
{ lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib.my) net;
|
inherit (lib.my) net;
|
||||||
inherit (lib.my.c.home) domain vlans prefixes;
|
inherit (lib.my.c) networkd;
|
||||||
|
inherit (lib.my.c.home) domain vlans prefixes vips roceBootModules;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
nixos.systems.castle = {
|
nixos.systems.castle = {
|
||||||
@ -15,7 +16,7 @@ in
|
|||||||
ipv4 = {
|
ipv4 = {
|
||||||
address = net.cidr.host 40 prefixes.hi.v4;
|
address = net.cidr.host 40 prefixes.hi.v4;
|
||||||
mask = 22;
|
mask = 22;
|
||||||
gateway = null;
|
gateway = vips.hi.v4;
|
||||||
};
|
};
|
||||||
ipv6 = {
|
ipv6 = {
|
||||||
iid = "::3:1";
|
iid = "::3:1";
|
||||||
@ -47,7 +48,7 @@ in
|
|||||||
timeout = 10;
|
timeout = 10;
|
||||||
};
|
};
|
||||||
kernelPackages = lib.my.c.kernel.latest pkgs;
|
kernelPackages = lib.my.c.kernel.latest pkgs;
|
||||||
kernelModules = [ "kvm-amd" ];
|
kernelModules = [ "kvm-amd" "dm-snapshot" ];
|
||||||
kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
|
kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
|
||||||
kernelPatches = [
|
kernelPatches = [
|
||||||
# {
|
# {
|
||||||
@ -57,27 +58,38 @@ in
|
|||||||
# }
|
# }
|
||||||
];
|
];
|
||||||
initrd = {
|
initrd = {
|
||||||
availableKernelModules = [ "thunderbolt" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
availableKernelModules = [
|
||||||
|
"thunderbolt" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod"
|
||||||
|
"8021q"
|
||||||
|
] ++ roceBootModules;
|
||||||
|
systemd.network = {
|
||||||
|
netdevs = mkVLAN "lan-hi" vlans.hi;
|
||||||
|
networks = {
|
||||||
|
"10-et100g" = {
|
||||||
|
matchConfig.Name = "et100g";
|
||||||
|
vlan = [ "lan-hi" ];
|
||||||
|
linkConfig.RequiredForOnline = "no";
|
||||||
|
networkConfig = networkd.noL3;
|
||||||
|
};
|
||||||
|
"20-lan-hi" = networkdAssignment "lan-hi" assignments.hi;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/disk/by-partuuid/8ce4248a-3ee4-f44f-801f-064a628b4d6e";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
"/nix" = {
|
"/nix" = {
|
||||||
device = "/dev/disk/by-partuuid/2da23a1d-2daf-d943-b91e-fc175f3dad07";
|
device = "/dev/nvmeof/nix";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
"/persist" = {
|
"/persist" = {
|
||||||
device = "/dev/disk/by-partuuid/f4c80d4f-a022-e941-b5d1-fe2e65e444b9";
|
device = "/dev/nvmeof/persist";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
"/home" = {
|
"/home" = {
|
||||||
device = "/dev/disk/by-partuuid/992a93cf-6c9c-324b-b0ce-f8eb2d1ce10d";
|
device = "/dev/nvmeof/home";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -120,7 +132,7 @@ in
|
|||||||
virtualisation.libvirtd.enable = true;
|
virtualisation.libvirtd.enable = true;
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
domain = "h.${lib.my.c.pubDomain}";
|
inherit domain;
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -144,7 +156,6 @@ in
|
|||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
network = {
|
network = {
|
||||||
wait-online.enable = false;
|
|
||||||
netdevs = mkMerge [
|
netdevs = mkMerge [
|
||||||
(mkVLAN "lan-hi" vlans.hi)
|
(mkVLAN "lan-hi" vlans.hi)
|
||||||
];
|
];
|
||||||
@ -161,29 +172,20 @@ in
|
|||||||
matchConfig.PermanentMACAddress = "24:8a:07:a8:fe:3a";
|
matchConfig.PermanentMACAddress = "24:8a:07:a8:fe:3a";
|
||||||
linkConfig = {
|
linkConfig = {
|
||||||
Name = "et100g";
|
Name = "et100g";
|
||||||
MTUBytes = "9000";
|
MTUBytes = toString lib.my.c.home.hiMTU;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networks = {
|
networks = {
|
||||||
"50-lan" = {
|
"30-et100g" = {
|
||||||
matchConfig.Name = "et2.5g";
|
|
||||||
DHCP = "no";
|
|
||||||
address = [ "10.16.7.1/16" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
"50-et100g" = {
|
|
||||||
matchConfig.Name = "et100g";
|
matchConfig.Name = "et100g";
|
||||||
vlan = [ "lan-hi" ];
|
vlan = [ "lan-hi" ];
|
||||||
networkConfig.IPv6AcceptRA = false;
|
networkConfig.IPv6AcceptRA = false;
|
||||||
};
|
};
|
||||||
"60-lan-hi" = mkMerge [
|
"40-lan-hi" = mkMerge [
|
||||||
(networkdAssignment "lan-hi" assignments.hi)
|
(networkdAssignment "lan-hi" assignments.hi)
|
||||||
{
|
# So we don't drop the IP we use to connect to NVMe-oF!
|
||||||
DHCP = "yes";
|
{ networkConfig.KeepConfiguration = "static"; }
|
||||||
matchConfig.Name = "lan-hi";
|
|
||||||
linkConfig.MTUBytes = "9000";
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -238,11 +240,19 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
#deploy.generate.system.mode = "boot";
|
#deploy.generate.system.mode = "boot";
|
||||||
deploy.node.hostname = "castle.box.${config.networking.domain}";
|
|
||||||
secrets = {
|
secrets = {
|
||||||
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMlVuTzKObeaUuPocCF41IO/8X+443lzUJLuCIclt2vr";
|
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMlVuTzKObeaUuPocCF41IO/8X+443lzUJLuCIclt2vr";
|
||||||
};
|
};
|
||||||
nvme.uuid = "2230b066-a674-4f45-a1dc-f7727b3a9e7b";
|
netboot.client = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
nvme = {
|
||||||
|
uuid = "2230b066-a674-4f45-a1dc-f7727b3a9e7b";
|
||||||
|
boot = {
|
||||||
|
nqn = "nqn.2016-06.io.spdk:castle";
|
||||||
|
address = "192.168.68.80";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
firewall = {
|
firewall = {
|
||||||
enable = false;
|
enable = false;
|
||||||
@ -123,7 +123,7 @@
|
|||||||
ip = assignments.lo.ipv4.address;
|
ip = assignments.lo.ipv4.address;
|
||||||
host = "boot.${domain}";
|
host = "boot.${domain}";
|
||||||
allowedPrefixes = with prefixes; [ hi.v4 hi.v6 lo.v4 lo.v6 ];
|
allowedPrefixes = with prefixes; [ hi.v4 hi.v6 lo.v4 lo.v6 ];
|
||||||
instances = [ "sfh" ];
|
instances = [ "sfh" "castle" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
deploy.node.hostname = "192.168.68.1";
|
deploy.node.hostname = "192.168.68.1";
|
||||||
|
|||||||
@ -68,6 +68,7 @@ in
|
|||||||
hostname = "boot.${domain}";
|
hostname = "boot.${domain}";
|
||||||
systems = {
|
systems = {
|
||||||
sfh = "52:54:00:a5:7e:93";
|
sfh = "52:54:00:a5:7e:93";
|
||||||
|
castle = "c8:7f:54:6e:17:0f";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
subnet4 = [
|
subnet4 = [
|
||||||
|
|||||||
@ -54,6 +54,7 @@ let
|
|||||||
loader.grub.enable = false;
|
loader.grub.enable = false;
|
||||||
initrd = {
|
initrd = {
|
||||||
kernelModules = [ "nbd" ];
|
kernelModules = [ "nbd" ];
|
||||||
|
availableKernelModules = [ "igb" "igc" ];
|
||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
storePaths = with pkgs; [
|
storePaths = with pkgs; [
|
||||||
@ -67,8 +68,8 @@ let
|
|||||||
nbd-client = "${nbd}/bin/nbd-client";
|
nbd-client = "${nbd}/bin/nbd-client";
|
||||||
};
|
};
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
DefaultTimeoutStartSec=10
|
DefaultTimeoutStartSec=20
|
||||||
DefaultDeviceTimeoutSec=10
|
DefaultDeviceTimeoutSec=20
|
||||||
'';
|
'';
|
||||||
|
|
||||||
network = {
|
network = {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user