asonix/sbc-deploys
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Remove garage-rock config

Browse source
This commit is contained in:
asonix 2023-02-24 16:30:42 -06:00
parent ff610c1cc5
commit 750753963b
1 changed files with 21 additions and 126 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

147
flake.nix
View file

@ -309,100 +309,7 @@
];
};
makeGarageRock64Config = { hostname, selfIp, macAddress, unlockMounts ? true, mountVolumes ? true }:
with sd-images.packages.x86_64-linux.modules;
let
device = "/dev/mapper/cryptdrive1";
mountDir = "/btrfs/ssd";
subvolumes = [
"@garage-cluster"
"@garage-cluster-config"
];
in
makeConfig {
inherit hostname;
extraModules = [
rock64
dockerModule
(networkModule { inherit selfIp macAddress; })
(btrbkModule {
instances = [{
inherit mountDir subvolumes;
primaryIp = null;
}];
})
(if unlockMounts && mountVolumes then
(subvolumesModule {
inherit device subvolumes;
}) else { })
({ config, pkgs, ... }:
let
keyFile = "nextcloudKeyFile";
keyFilePath = config.sops.secrets."${keyFile}".path;
prepareDrives = ''
fdisk -w always /dev/sda << EOL
g
n
1
w
EOL
echo "YES" | cryptsetup luksFormat /dev/sda1 -d ${keyFilePath}
cryptsetup luksOpen /dev/sda1 cryptdrive1 -d ${keyFilePath}
mkfs.btrfs /dev/mapper/cryptdrive1
mkdir -p /btrfs/ssd
mount /dev/mapper/cryptdrive1 /btrfs/ssd
btrfs subvolume create /btrfs/ssd/@garage-cluster
btrfs subvolume create /btrfs/ssd/@garage-cluster-config
btrfs subvolume create /btrfs/ssd/@snapshots
umount /btrfs/ssd
cryptsetup luksClose cryptdrive1
'';
in
{
sops.secrets.nextcloudKeyFile = {
format = "binary";
sopsFile = ./secrets/nextcloudKeyFile.bin;
};
environment.systemPackages = with pkgs; [
(writeShellScriptBin "prepare-drives" prepareDrives)
minio-client
];
environment.etc.crypttab = {
enable = unlockMounts;
text = ''
cryptdrive1 /dev/sda1 ${keyFilePath} luks
'';
};
fileSystems =
let fileSystemConfig = {
"${mountDir}" = {
inherit device;
fsType = "btrfs";
options = [ "defaults" "compress=zstd" "rw" ];
};
};
in
if unlockMounts && mountVolumes then fileSystemConfig else { };
networking.firewall.enable = false;
})
];
};
makeGarageConfig = { hostname, selfIp, primaryIp ? null, unlockMounts ? true, mountVolumes ? true }:
makeGarageConfig = { hostname, selfIp, unlockMounts ? true, mountVolumes ? true }:
with sd-images.packages.x86_64-linux.modules;
makeConfig {
inherit hostname;
@ -416,24 +323,30 @@
{
mountDir = "/btrfs/meta";
name = "meta";
subvolumes = [ "@garage-cluster-config" ];
subvolumes = [
"@garage-cluster-config"
"@garage-cluster-meta"
];
}
{
mountDir = "/btrfs/data";
name = "data";
subvolumes = [ "@garage-cluster" ];
subvolumes = [ "@garage-cluster-data" ];
}
];
})
(if unlockMounts && mountVolumes then
(subvolumesModule {
device = "/dev/disk/by-label/META";
subvolumes = [ "@garage-cluster-config" ];
subvolumes = [
"@garage-cluster-config"
"@garage-cluster-meta"
];
}) else { })
(if unlockMounts && mountVolumes then
(subvolumesModule {
device = "/dev/disk/by-label/DATA";
subvolumes = [ "@garage-cluster" ];
subvolumes = [ "@garage-cluster-data" ];
}) else { })
({ config, pkgs, ... }:
let
@ -443,12 +356,12 @@
META=$1
DATA=$2
if [ "$META" == "" ]; do
if [ "$META" == "" ]; then
echo "META is required"
exit 1
fi
if [ "$DATA" == "" ]; do
if [ "$DATA" == "" ]; then
echo "DATA is required"
exit 1
fi
@ -459,11 +372,8 @@
cryptsetup luksOpen $META cryptmeta -d ${keyFilePath}
cryptsetup luksOpen $DATA cryptdata -d ${keyFilePath}
e2label /dev/mapper/cryptmeta META
e2label /dev/mapper/cryptdata DATA
mkfs.btrfs /dev/mapper/cryptmeta
mkfs.btrfs /dev/mapper/cryptdata
mkfs.btrfs -L META /dev/mapper/cryptmeta
mkfs.btrfs -L DATA /dev/mapper/cryptdata
mkdir -p /btrfs/meta
mkdir -p /btrfs/data
@ -472,9 +382,10 @@
mount /dev/mapper/cryptdata /btrfs/data
btrfs subvolume create /btrfs/meta/@garage-cluster-config
btrfs subvolume create /btrfs/meta/@garage-cluster-meta
btrfs subvolume create /btrfs/meta/@snapshots
btrfs subvolume create /btrfs/data/@garage-cluster
btrfs subvolume create /btrfs/data/@garage-cluster-data
btrfs subvolume create /btrfs/data/@snapshots
umount /btrfs/meta
@ -581,26 +492,12 @@
nixosConfigurations = {
garage1 = makeGarageConfig {
hostname = "garage1";
selfIp = "192.168.20.21";
# primaryIp = "192.168.20.28";
selfIp = "192.168.20.40";
};
garage2 = makeGarageConfig {
hostname = "garage2";
selfIp = "192.168.20.28";
primaryIp = "192.168.20.21";
};
garage3 = makeGarageConfig {
hostname = "garage3";
selfIp = "192.168.20.29";
primaryIp = "192.168.20.21";
};
garage-rock1 = makeGarageRock64Config {
hostname = "garage-rock1";
selfIp = "192.168.20.40";
macAddress = "02:21:90:9e:e3:e4";
selfIp = "192.168.20.41";
};
redtail1 = makePostgresConfig {
@ -735,10 +632,8 @@
nodes = [
{ name = "redtail1"; ip = "192.168.20.23"; }
{ name = "whitestorm2"; ip = "192.168.20.27"; }
{ name = "garage1"; ip = "192.168.20.21"; }
{ name = "garage2"; ip = "192.168.20.28"; }
{ name = "garage3"; ip = "192.168.20.29"; }
{ name = "garage-rock1"; ip = "192.168.20.40"; }
{ name = "garage1"; ip = "192.168.20.40"; }
{ name = "garage2"; ip = "192.168.20.41"; }
{ name = "build2"; ip = "192.168.20.101"; }
{ name = "k3s1"; ip = "192.168.20.120"; }
{ name = "k3s2"; ip = "192.168.20.121"; }