aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Re-deploy sisko with impermanence
All checks were successful
/ test (push) Successful in 1m38s
Details

Browse source
This commit is contained in:
Andrea Ciceri 2024-07-20 00:48:48 +02:00
parent b111910e64
commit ebc446116c
Signed by: aciceri
SSH key fingerprint: SHA256:/AagBweyV4Hlfg9u092n8hbHwD5fcB6A3qhDiDA65Rg
9 changed files with 89 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
flake.lock generated
View file

@ -852,6 +852,21 @@
"type": "github" "type": "github"
} }
}, },
"impermanence": {
"locked": {
"lastModified": 1719091691,
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"kernel-src": { "kernel-src": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -1653,6 +1668,7 @@
"hercules-ci-effects": "hercules-ci-effects_3", "hercules-ci-effects": "hercules-ci-effects_3",
"homeManager": "homeManager", "homeManager": "homeManager",
"homeManagerGitWorkspace": "homeManagerGitWorkspace", "homeManagerGitWorkspace": "homeManagerGitWorkspace",
"impermanence": "impermanence",
"lix": "lix", "lix": "lix",
"lix-module": "lix-module", "lix-module": "lix-module",
"mobile-nixos": "mobile-nixos", "mobile-nixos": "mobile-nixos",

1
flake.nix
View file

@ -68,6 +68,7 @@
flake = false; flake = false;
}; };
arion.url = "github:hercules-ci/arion"; arion.url = "github:hercules-ci/arion";
impermanence.url = "github:nix-community/impermanence";
}; };
outputs = inputs @ {flakeParts, ...}: outputs = inputs @ {flakeParts, ...}:

5
hosts/default.nix
View file

@ -160,6 +160,7 @@
extraModules = with inputs; [ extraModules = with inputs; [
disko.nixosModules.disko disko.nixosModules.disko
arion.nixosModules.arion arion.nixosModules.arion
impermanence.nixosModules.impermanence
# lix-module.nixosModules.default # lix-module.nixosModules.default
# inputs.hercules-ci-agent.nixosModules.agent-service; # inputs.hercules-ci-agent.nixosModules.agent-service;
# rock5b.nixosModules.default # rock5b.nixosModules.default
@ -173,8 +174,8 @@
"home-planimetry".owner = "hass"; "home-planimetry".owner = "hass";
"cloudflare-dyndns-api-token" = {}; "cloudflare-dyndns-api-token" = {};
"restic-hetzner-password" = {}; "restic-hetzner-password" = {};
"minio-credentials".owner = "minio"; # "minio-credentials".owner = "minio";
"aws-credentials".owner = "hercules-ci-agent"; # "aws-credentials".owner = "hercules-ci-agent";
"hass-ssh-key".owner = "hass"; "hass-ssh-key".owner = "hass";
# "matrix-registration-shared-secret".owner = "matrix-synapse"; # "matrix-registration-shared-secret".owner = "matrix-synapse";
# "matrix-sliding-sync-secret".owner = "matrix-synapse"; # "matrix-sliding-sync-secret".owner = "matrix-synapse";

2
hosts/picard/default.nix
View file

@ -32,7 +32,7 @@
"restic" "restic"
"binfmt" "binfmt"
"greetd" "greetd"
"syncthing" # "syncthing"
"hass-poweroff" "hass-poweroff"
"forgejo-runners" "forgejo-runners"
"teamviewer" "teamviewer"

65
hosts/sisko/default.nix
View file

@ -13,7 +13,7 @@
"wireguard-server" "wireguard-server"
"mediatomb" "mediatomb"
"transmission" "transmission"
"hercules-ci" # "hercules-ci"
"home-assistant" "home-assistant"
"adguard-home" "adguard-home"
"cloudflare-dyndns" "cloudflare-dyndns"
@ -21,13 +21,13 @@
"invidious" "invidious"
"searx" "searx"
"rock5b-samba" "rock5b-samba"
"paperless" # "paperless"
"restic" # "restic"
"syncthing" # "syncthing"
"minio" # "minio"
# "matrix" # # "matrix"
"forgejo" "forgejo"
# "jellyfin" # # "jellyfin"
# "immich" # "immich"
] ]
++ [ ++ [
@ -62,8 +62,6 @@
ccr.enable = true; ccr.enable = true;
# services.rock5b-fan-control.enable = true;
nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.hostPlatform = "aarch64-linux";
swapDevices = []; swapDevices = [];
@ -84,26 +82,35 @@
"console=ttyS0,1500000" "console=ttyS0,1500000"
]; ];
# fileSystems."/mnt/film" = { environment.persistence."/persist" = {
# device = "//ccr.ydns.eu/film"; hideMounts = true;
# fsType = "cifs"; directories = [
# options = let "/etc/NetworkManager/system-connections"
# credentials = pkgs.writeText "credentials" '' "/var/db/dhcpcd/"
# username=guest "/var/lib/NetworkManager/"
# password= "/var/lib/nixos"
# ''; "/var/lib/systemd"
# in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"]; "/var/lib/systemd/coredump"
# }; "/var/log"
# fileSystems."/mnt/archivio" = { "/var/lib/containers"
# device = "//ccr.ydns.eu/archivio"; "/var/lib/postgresql"
# fsType = "cifs"; ];
# options = let files = [
# credentials = pkgs.writeText "credentials" '' "/etc/machine-id"
# username=guest "/etc/ssh/ssh_host_ed25519_key"
# password= "/etc/ssh/ssh_host_ed25519_key.pub"
# ''; "/etc/ssh/ssh_host_rsa_key"
# in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"]; "/etc/ssh/ssh_host_rsa_key.pub"
# }; ];
};
age.identityPaths = [
"/persist/etc/ssh/ssh_host_ed25519_key"
"/persist/etc/ssh/ssh_host_rsa_key"
];
fileSystems."/persist".neededForBoot = true;
boot.tmp.cleanOnBoot = true;
fileSystems."/mnt/hd" = { fileSystems."/mnt/hd" = {
device = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550-part1"; device = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550-part1";

29
hosts/sisko/disko.nix
View file

@ -7,6 +7,10 @@ let
# old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU"; # old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU";
in { in {
disko.devices = { disko.devices = {
nodev."/" = {
fsType = "tmpfs";
mountOptions = ["size=1024M" "defaults" "mode=755"];
};
disk = { disk = {
ssd = { ssd = {
device = ssd; device = ssd;
@ -17,20 +21,35 @@ in {
ESP = { ESP = {
label = "ESP"; label = "ESP";
type = "EF00"; type = "EF00";
size = "1G"; size = "1024M";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot"; mountpoint = "/boot";
}; };
}; };
root = { nixroot = {
label = "root"; size = "100G";
size = "100%";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "ext4"; format = "ext4";
mountpoint = "/"; mountpoint = "/nix";
};
};
persist = {
size = "100G";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/persist";
};
};
tmp = {
end = "0";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/tmp";
}; };
}; };
}; };

8
modules/forgejo/default.nix
View file

@ -29,15 +29,11 @@
SHOW_FOOTER_VERSION = false; SHOW_FOOTER_VERSION = false;
}; };
}; };
mailerPasswordFile = config.age.secrets.autistici-password.path; secrets.mailer.PASSWD = config.age.secrets.autistici-password.path;
dump.enable = true; dump.enable = true;
}; };
systemd.tmpfiles.rules = [ environment.persistence."/persist".directories = [
"d ${config.services.forgejo.stateDir} 770 forgejo forgejo"
];
backup.paths = [
config.services.forgejo.stateDir config.services.forgejo.stateDir
]; ];

4
modules/home-assistant/default.nix
View file

@ -210,8 +210,8 @@ in {
}; };
}; };
backup.paths = [ environment.persistence."/persist".directories = [
"/var/lib/hass" config.services.home-assistant.configDir
]; ];
# virtualisation.oci-containers = { # virtualisation.oci-containers = {

4
modules/nginx-base/default.nix
View file

@ -16,4 +16,8 @@
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
}; };
environment.persistence."/persist".directories = [
"/var/lib/acme"
];
} }