diff --git a/flake.nix b/flake.nix index 3c7132a..9240e43 100644 --- a/flake.nix +++ b/flake.nix @@ -554,135 +554,6 @@ makeRockPro64BackupConfig = makeBoardBackupConfig sd-images.packages.${system}.RockPro64v2.modules; makeQuartz64ABackupConfig = makeBoardBackupConfig sd-images.packages.${system}.Quartz64A.modules; - makeGarageConfig = system: - { hostname, selfIp, unlockMounts ? true, mountVolumes ? true }: - makeServerConfig { - inherit hostname; - - extraModules = sd-images.packages.${system}.RockPro64v2.modules ++ [ - dockerModule - (networkModule { inherit selfIp; }) - (btrbkModule { - instances = [ - { - mountDir = "/btrfs/meta"; - name = "meta"; - subvolumes = - [ "@garage-cluster-config" "@garage-cluster-meta" ]; - } - { - mountDir = "/btrfs/data"; - name = "data"; - subvolumes = [ "@garage-cluster-data" ]; - } - ]; - }) - (if unlockMounts && mountVolumes then - (subvolumesModule { - device = "/dev/disk/by-label/META"; - subvolumes = - [ "@garage-cluster-config" "@garage-cluster-meta" ]; - }) - else - { }) - (if unlockMounts && mountVolumes then - (subvolumesModule { - device = "/dev/disk/by-label/DATA"; - subvolumes = [ "@garage-cluster-data" ]; - }) - else - { }) - ({ config, pkgs, lib, ... }: - let - keyFile = "nextcloudKeyFile"; - keyFilePath = config.sops.secrets."${keyFile}".path; - prepareDrives = '' - META=$1 - DATA=$2 - - if [ "$META" == "" ]; then - echo "META is required" - exit 1 - fi - - if [ "$DATA" == "" ]; then - echo "DATA is required" - exit 1 - fi - - echo "YES" | cryptsetup luksFormat $META -d ${keyFilePath} - echo "YES" | cryptsetup luksFormat $DATA -d ${keyFilePath} - - cryptsetup luksOpen $META cryptmeta -d ${keyFilePath} - cryptsetup luksOpen $DATA cryptdata -d ${keyFilePath} - - mkfs.btrfs -L META /dev/mapper/cryptmeta - mkfs.btrfs -L DATA /dev/mapper/cryptdata - - mkdir -p /btrfs/meta - mkdir -p /btrfs/data - - mount /dev/mapper/cryptmeta /btrfs/meta - mount /dev/mapper/cryptdata /btrfs/data - - btrfs subvolume create /btrfs/meta/@garage-cluster-config - btrfs subvolume create /btrfs/meta/@garage-cluster-meta - btrfs subvolume create /btrfs/meta/@snapshots - - btrfs subvolume create /btrfs/data/@garage-cluster-data - btrfs subvolume create /btrfs/data/@snapshots - - umount /btrfs/meta - umount /btrfs/data - - cryptsetup luksClose cryptmeta - cryptsetup luksClose cryptdata - ''; - in - { - sops.secrets.nextcloudKeyFile = { - format = "binary"; - sopsFile = ./secrets/nextcloudKeyFile.bin; - }; - - environment.systemPackages = with pkgs; [ - (writeShellScriptBin "prepare-drives" prepareDrives) - minio-client - ]; - - environment.etc.crypttab = { - enable = unlockMounts; - text = '' - cryptdrive1 /dev/sda ${keyFilePath} luks - cryptdrive2 /dev/sdb ${keyFilePath} luks - ''; - }; - - fileSystems = - let - fileSystemConfig = { - "/btrfs/meta" = { - device = "/dev/disk/by-label/META"; - fsType = "btrfs"; - options = [ "defaults" "compress=zstd" "rw" ]; - }; - "/btrfs/data" = { - device = "/dev/disk/by-label/DATA"; - fsType = "btrfs"; - options = [ "defaults" "compress=zstd" "rw" ]; - }; - }; - in - if unlockMounts && mountVolumes then - fileSystemConfig - else - { }; - - networking.firewall.enable = false; - }) - ]; - }; - makePostgresConfig = system: { hostname, selfIp, macAddress, keyFile, primaryIp ? null }: let @@ -733,16 +604,6 @@ in { nixosConfigurations = { - garage1 = makeGarageConfig system { - hostname = "garage1"; - selfIp = "192.168.20.40"; - }; - - garage2 = makeGarageConfig system { - hostname = "garage2"; - selfIp = "192.168.20.41"; - }; - redtail1 = makePostgresConfig system { hostname = "redtail1"; selfIp = "192.168.20.23"; @@ -951,21 +812,6 @@ subvolumes = [ "@exports" "@garage" ]; }; - garage = { ip, name }: [ - { - name = "${name}-meta"; - primaryIp = ip; - mountDir = "/btrfs/meta"; - subvolumes = [ "@garage-cluster-config" "@garage-cluster-meta" ]; - } - { - name = "${name}-data"; - primaryIp = ip; - mountDir = "/btrfs/data"; - subvolumes = [ "@garage-cluster-data" ]; - } - ]; - db = { ip, name }: { inherit name; primaryIp = ip; @@ -1023,15 +869,6 @@ ip = "192.168.20.129"; name = "k3s10"; } - ]) ++ (builtins.foldl' (acc: item: (acc ++ (garage item))) [ ] [ - { - ip = "192.168.20.40"; - name = "garage1"; - } - { - ip = "192.168.20.41"; - name = "garage2"; - } ]) ++ (builtins.map db [ { ip = "192.168.20.11"; @@ -1060,14 +897,6 @@ name = "whitestorm2"; ip = "192.168.20.27"; } - { - name = "garage1"; - ip = "192.168.20.40"; - } - { - name = "garage2"; - ip = "192.168.20.41"; - } { name = "build2"; ip = "192.168.20.101";