Compare commits
No commits in common. "b68e82ae03cdb4fb734b9080841f74835869c6c3" and "7e2dfc21c698920d9c50e1f6bfb959ceb7b7865a" have entirely different histories.
b68e82ae03
...
7e2dfc21c6
@ -116,9 +116,9 @@
|
|||||||
nixos/installer.nix
|
nixos/installer.nix
|
||||||
nixos/boxes/colony
|
nixos/boxes/colony
|
||||||
nixos/boxes/tower
|
nixos/boxes/tower
|
||||||
|
nixos/boxes/castle
|
||||||
nixos/boxes/home/stream.nix
|
nixos/boxes/home/stream.nix
|
||||||
nixos/boxes/home/palace
|
nixos/boxes/home/palace
|
||||||
nixos/boxes/home/castle
|
|
||||||
nixos/boxes/britway
|
nixos/boxes/britway
|
||||||
nixos/boxes/kelder
|
nixos/boxes/kelder
|
||||||
|
|
||||||
|
|||||||
@ -1,8 +1,7 @@
|
|||||||
{ lib, ... }:
|
{ lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib.my) net;
|
inherit (lib.my) net;
|
||||||
inherit (lib.my.c) networkd;
|
inherit (lib.my.c.home) domain vlans prefixes;
|
||||||
inherit (lib.my.c.home) domain vlans prefixes vips roceBootModules;
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
nixos.systems.castle = {
|
nixos.systems.castle = {
|
||||||
@ -16,7 +15,7 @@ in
|
|||||||
ipv4 = {
|
ipv4 = {
|
||||||
address = net.cidr.host 40 prefixes.hi.v4;
|
address = net.cidr.host 40 prefixes.hi.v4;
|
||||||
mask = 22;
|
mask = 22;
|
||||||
gateway = vips.hi.v4;
|
gateway = null;
|
||||||
};
|
};
|
||||||
ipv6 = {
|
ipv6 = {
|
||||||
iid = "::3:1";
|
iid = "::3:1";
|
||||||
@ -48,7 +47,7 @@ in
|
|||||||
timeout = 10;
|
timeout = 10;
|
||||||
};
|
};
|
||||||
kernelPackages = lib.my.c.kernel.latest pkgs;
|
kernelPackages = lib.my.c.kernel.latest pkgs;
|
||||||
kernelModules = [ "kvm-amd" "dm-snapshot" ];
|
kernelModules = [ "kvm-amd" ];
|
||||||
kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
|
kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
|
||||||
kernelPatches = [
|
kernelPatches = [
|
||||||
# {
|
# {
|
||||||
@ -58,38 +57,27 @@ in
|
|||||||
# }
|
# }
|
||||||
];
|
];
|
||||||
initrd = {
|
initrd = {
|
||||||
availableKernelModules = [
|
availableKernelModules = [ "thunderbolt" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||||
"thunderbolt" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod"
|
|
||||||
"8021q"
|
|
||||||
] ++ roceBootModules;
|
|
||||||
systemd.network = {
|
|
||||||
netdevs = mkVLAN "lan-hi" vlans.hi;
|
|
||||||
networks = {
|
|
||||||
"10-et100g" = {
|
|
||||||
matchConfig.Name = "et100g";
|
|
||||||
vlan = [ "lan-hi" ];
|
|
||||||
linkConfig.RequiredForOnline = "no";
|
|
||||||
networkConfig = networkd.noL3;
|
|
||||||
};
|
|
||||||
"20-lan-hi" = networkdAssignment "lan-hi" assignments.hi;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-partuuid/8ce4248a-3ee4-f44f-801f-064a628b4d6e";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
"/nix" = {
|
"/nix" = {
|
||||||
device = "/dev/nvmeof/nix";
|
device = "/dev/disk/by-partuuid/2da23a1d-2daf-d943-b91e-fc175f3dad07";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
"/persist" = {
|
"/persist" = {
|
||||||
device = "/dev/nvmeof/persist";
|
device = "/dev/disk/by-partuuid/f4c80d4f-a022-e941-b5d1-fe2e65e444b9";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
"/home" = {
|
"/home" = {
|
||||||
device = "/dev/nvmeof/home";
|
device = "/dev/disk/by-partuuid/992a93cf-6c9c-324b-b0ce-f8eb2d1ce10d";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -132,7 +120,7 @@ in
|
|||||||
virtualisation.libvirtd.enable = true;
|
virtualisation.libvirtd.enable = true;
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
inherit domain;
|
domain = "h.${lib.my.c.pubDomain}";
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -156,6 +144,7 @@ in
|
|||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
network = {
|
network = {
|
||||||
|
wait-online.enable = false;
|
||||||
netdevs = mkMerge [
|
netdevs = mkMerge [
|
||||||
(mkVLAN "lan-hi" vlans.hi)
|
(mkVLAN "lan-hi" vlans.hi)
|
||||||
];
|
];
|
||||||
@ -172,20 +161,29 @@ in
|
|||||||
matchConfig.PermanentMACAddress = "24:8a:07:a8:fe:3a";
|
matchConfig.PermanentMACAddress = "24:8a:07:a8:fe:3a";
|
||||||
linkConfig = {
|
linkConfig = {
|
||||||
Name = "et100g";
|
Name = "et100g";
|
||||||
MTUBytes = toString lib.my.c.home.hiMTU;
|
MTUBytes = "9000";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networks = {
|
networks = {
|
||||||
"30-et100g" = {
|
"50-lan" = {
|
||||||
|
matchConfig.Name = "et2.5g";
|
||||||
|
DHCP = "no";
|
||||||
|
address = [ "10.16.7.1/16" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
"50-et100g" = {
|
||||||
matchConfig.Name = "et100g";
|
matchConfig.Name = "et100g";
|
||||||
vlan = [ "lan-hi" ];
|
vlan = [ "lan-hi" ];
|
||||||
networkConfig.IPv6AcceptRA = false;
|
networkConfig.IPv6AcceptRA = false;
|
||||||
};
|
};
|
||||||
"40-lan-hi" = mkMerge [
|
"60-lan-hi" = mkMerge [
|
||||||
(networkdAssignment "lan-hi" assignments.hi)
|
(networkdAssignment "lan-hi" assignments.hi)
|
||||||
# So we don't drop the IP we use to connect to NVMe-oF!
|
{
|
||||||
{ networkConfig.KeepConfiguration = "static"; }
|
DHCP = "yes";
|
||||||
|
matchConfig.Name = "lan-hi";
|
||||||
|
linkConfig.MTUBytes = "9000";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -240,19 +238,11 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
#deploy.generate.system.mode = "boot";
|
#deploy.generate.system.mode = "boot";
|
||||||
|
deploy.node.hostname = "castle.box.${config.networking.domain}";
|
||||||
secrets = {
|
secrets = {
|
||||||
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMlVuTzKObeaUuPocCF41IO/8X+443lzUJLuCIclt2vr";
|
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMlVuTzKObeaUuPocCF41IO/8X+443lzUJLuCIclt2vr";
|
||||||
};
|
};
|
||||||
netboot.client = {
|
nvme.uuid = "2230b066-a674-4f45-a1dc-f7727b3a9e7b";
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
nvme = {
|
|
||||||
uuid = "2230b066-a674-4f45-a1dc-f7727b3a9e7b";
|
|
||||||
boot = {
|
|
||||||
nqn = "nqn.2016-06.io.spdk:castle";
|
|
||||||
address = "192.168.68.80";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
firewall = {
|
firewall = {
|
||||||
enable = false;
|
enable = false;
|
||||||
@ -123,7 +123,7 @@
|
|||||||
ip = assignments.lo.ipv4.address;
|
ip = assignments.lo.ipv4.address;
|
||||||
host = "boot.${domain}";
|
host = "boot.${domain}";
|
||||||
allowedPrefixes = with prefixes; [ hi.v4 hi.v6 lo.v4 lo.v6 ];
|
allowedPrefixes = with prefixes; [ hi.v4 hi.v6 lo.v4 lo.v6 ];
|
||||||
instances = [ "sfh" "castle" ];
|
instances = [ "sfh" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
deploy.node.hostname = "192.168.68.1";
|
deploy.node.hostname = "192.168.68.1";
|
||||||
|
|||||||
@ -68,7 +68,6 @@ in
|
|||||||
hostname = "boot.${domain}";
|
hostname = "boot.${domain}";
|
||||||
systems = {
|
systems = {
|
||||||
sfh = "52:54:00:a5:7e:93";
|
sfh = "52:54:00:a5:7e:93";
|
||||||
castle = "c8:7f:54:6e:17:0f";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
subnet4 = [
|
subnet4 = [
|
||||||
|
|||||||
@ -54,7 +54,6 @@ let
|
|||||||
loader.grub.enable = false;
|
loader.grub.enable = false;
|
||||||
initrd = {
|
initrd = {
|
||||||
kernelModules = [ "nbd" ];
|
kernelModules = [ "nbd" ];
|
||||||
availableKernelModules = [ "igb" "igc" ];
|
|
||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
storePaths = with pkgs; [
|
storePaths = with pkgs; [
|
||||||
@ -68,8 +67,8 @@ let
|
|||||||
nbd-client = "${nbd}/bin/nbd-client";
|
nbd-client = "${nbd}/bin/nbd-client";
|
||||||
};
|
};
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
DefaultTimeoutStartSec=20
|
DefaultTimeoutStartSec=10
|
||||||
DefaultDeviceTimeoutSec=20
|
DefaultDeviceTimeoutSec=10
|
||||||
'';
|
'';
|
||||||
|
|
||||||
network = {
|
network = {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user