dala/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

camelot: Rework ZFS, add mailer

Browse source
This commit is contained in:
Victor Mignot 2025-01-12 13:30:09 +01:00
parent bb0c54ee26
commit 6f40a9fbde
Signed by: dala
SSH key fingerprint: SHA256:+3O9MhlDc2tJL0n+E+Myr7nL+74DP9AXdIXHmIqZTkY
6 changed files with 73 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
configurations/camelot/default.nix
View file

@ -12,6 +12,7 @@
./nextcloud.nix ./nextcloud.nix
./gotosocial.nix ./gotosocial.nix
./forgejo.nix ./forgejo.nix
./zfs.nix
]; ];
services.nginx = { services.nginx = {
@ -48,6 +49,7 @@
}; };
keycloakDbPassword.file = ../../secrets/keycloak-db.age; keycloakDbPassword.file = ../../secrets/keycloak-db.age;
zfsMail.file = ../../secrets/zfs-mail.age;
}; };
my.server.blog.enable = true; my.server.blog.enable = true;

15
configurations/camelot/hardware.nix
View file

@ -1,4 +1,9 @@
{ lib, config, ... }: {
lib,
config,
extraInfo,
...
}:
{ {
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"xhci_pci" "xhci_pci"
@ -12,14 +17,6 @@
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.supportedFilesystems = [ "zfs" ];
boot.zfs.forceImportRoot = false;
networking.hostId = "c97cef07";
boot.zfs.extraPools = [ "pool" ];
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
};
fileSystems = { fileSystems = {
"/" = { "/" = {

52
configurations/camelot/zfs.nix Normal file
View file

@ -0,0 +1,52 @@
{
config,
extraInfo,
pkgs,
...
}:
{
boot.supportedFilesystems = [ "zfs" ];
boot.zfs.forceImportRoot = false;
networking.hostId = "c97cef07";
boot.zfs.extraPools = [ "pool" ];
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
};
programs.msmtp = {
enable = true;
setSendmail = true;
defaults = {
aliases = "/etc/aliases";
port = 465;
tls_trust_file = "/etc/ssl/certs/ca-certificates.crt";
tls = "on";
auth = "login";
tls_starttls = "off";
};
accounts = {
default = {
host = extraInfo.mail.zfs.smtpServer;
passwordeval = "cat ${config.age.secrets.zfsMail.path}";
user = extraInfo.mail.zfs.address;
from = extraInfo.mail.zfs.address;
};
};
};
services.zfs.zed.settings = {
ZED_DEBUG_LOG = "/tmp/zed.debug.log";
ZED_EMAIL_ADDR = [ "root" ];
ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
ZED_EMAIL_OPTS = extraInfo.mail.personal.address;
ZED_NOTIFY_INTERVAL_SECS = 3600;
ZED_NOTIFY_VERBOSE = true;
ZED_USE_ENCLOSURE_LEDS = true;
ZED_SCRUB_AFTER_RESILVER = true;
};
}

8
flake.lock
View file

@ -79,11 +79,11 @@
}, },
"extra-config": { "extra-config": {
"locked": { "locked": {
"lastModified": 1735909779, "lastModified": 1736683904,
"narHash": "sha256-Io0thwq2X2M5jiw9SQO+VAbxS+hP6OJqxgI/qi2LkrI=", "narHash": "sha256-HgTgHiWmGxaolrZpHE+1Z7CdOWgD0k/T31AZusxMIdw=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "aa3e249bbc51649702359af9ea6e8dc9f5ac4e66", "rev": "8a54c1cda37f0e2ad6696053e93d0c84f43d6da2",
"revCount": 11, "revCount": 12,
"type": "git", "type": "git",
"url": "ssh://forgejo@git.dalaran.fr/dala/nixos-config-extra.git" "url": "ssh://forgejo@git.dalaran.fr/dala/nixos-config-extra.git"
}, },

4
secrets/secrets.nix
View file

@ -46,4 +46,8 @@ in
fuyuki fuyuki
london london
]; ];
"zfs-mail.age".publicKeys = [
camelot
];
} }

5
secrets/zfs-mail.age Normal file
View file

@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 1urzmQ kyj7ofD6U9RnLEBttrTB/+HmuCzRVEwnQ5I0fvU8lWY
WKy7iO7PjQurvG+VCV0bfVsNqbTAtODPuIWC0BNSu/A
--- +7QEzVzqxGrMhUDz+joaeAyf/JweahvIqdfmuLf6zIw
¹¢Â=x"2À…9ñ²þQ¥‡]ý¿Ž;4Gë<18>5>2ß-ðiL4kMûIV ˦L