|
|
|
|
@@ -191,7 +191,7 @@ in
|
|
|
|
|
# ###################################################
|
|
|
|
|
|
|
|
|
|
samba = {
|
|
|
|
|
enable = true;
|
|
|
|
|
enable = false;
|
|
|
|
|
hostsAllow = "10.0.1.";
|
|
|
|
|
enableTimeMachine = true;
|
|
|
|
|
timeMachinePath = "/media/nas/main/timemachine";
|
|
|
|
|
@@ -269,96 +269,43 @@ in
|
|
|
|
|
# ###################################################
|
|
|
|
|
# # Mounts # #
|
|
|
|
|
# ###################################################
|
|
|
|
|
# fileSystems."/media/nas/main" = {
|
|
|
|
|
# label = "nas_pool";
|
|
|
|
|
# # device = "/dev/sde:/dev/sdf:/dev/sdh:/dev/sdi:/dev/sdj:/dev/nmve0n1:/dev/nvme1n1";
|
|
|
|
|
# fsType = "bcachefs";
|
|
|
|
|
# mountPoint = "/media/nas/main";
|
|
|
|
|
# options = [
|
|
|
|
|
# # "noauto"
|
|
|
|
|
# "nofail"
|
|
|
|
|
# # "x-systemd.mount-timeout=0"
|
|
|
|
|
# # "x-systemd.device-timeout=0"
|
|
|
|
|
# ];
|
|
|
|
|
# };
|
|
|
|
|
|
|
|
|
|
fileSystems = {
|
|
|
|
|
"/media/nas/main" = {
|
|
|
|
|
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
|
|
|
|
|
device = "/dev/disk/by-uuid/d179ff8d-151d-4e62-9890-e13b5e006fdc";
|
|
|
|
|
fsType = "bcachefs";
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
options = [
|
|
|
|
|
"nofail"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
# "/media/nas/test" = {
|
|
|
|
|
# device = "UUID=621706d6-e3a8-48d6-9560-58b01129a846";
|
|
|
|
|
# fsType = "bcachefs";
|
|
|
|
|
# };
|
|
|
|
|
};
|
|
|
|
|
fileSystems."/etc".neededForBoot = true;
|
|
|
|
|
|
|
|
|
|
environment.etc = {
|
|
|
|
|
"crypttab".text = ''
|
|
|
|
|
hdd1-cryptroot UUID="295d4c78-41f0-4792-bd97-ac88b2455cdc" none tpm2-device=auto
|
|
|
|
|
hdd2-cryptroot UUID="7c9c2179-351c-40a5-9257-e9ee2a1e794a" none tpm2-device=auto
|
|
|
|
|
ssd1-cryptroot UUID="d78fa862-212c-4d4f-ad86-bfeead5cc054" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
ssd2-cryptroot UUID="1661c173-3809-4517-9ab8-ad94c229048d" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
ssd3-cryptroot UUID="cfea125e-90b1-4248-834d-16dcaf310783" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
ssd4-cryptroot UUID="96055401-6d1a-4308-9e4e-2211e1e23635" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
ssd5-cryptroot UUID="055e27e0-c96a-4899-8ee7-cb1cd5f21476" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
ssd6-cryptroot UUID="6e830abd-2555-4558-81a3-4a990507b5a7" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
|
|
|
|
|
'';
|
|
|
|
|
"/media/nas/test" = {
|
|
|
|
|
device = "/dev/disk/by-uuid/621706d6-e3a8-48d6-9560-58b01129a846";
|
|
|
|
|
fsType = "bcachefs";
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
options = [
|
|
|
|
|
"nofail"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
"/etc".neededForBoot = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
boot.initrd = {
|
|
|
|
|
luks.devices = {
|
|
|
|
|
# "621706d6-e3a8-48d6-9560-58b01129a846" = {
|
|
|
|
|
# device = "/dev/disk/by-uuid/621706d6-e3a8-48d6-9560-58b01129a846";
|
|
|
|
|
# };
|
|
|
|
|
hdd1-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/295d4c78-41f0-4792-bd97-ac88b2455cdc";
|
|
|
|
|
};
|
|
|
|
|
hdd2-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/7c9c2179-351c-40a5-9257-e9ee2a1e794a";
|
|
|
|
|
};
|
|
|
|
|
ssd1-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/d78fa862-212c-4d4f-ad86-bfeead5cc054";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
ssd2-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/1661c173-3809-4517-9ab8-ad94c229048d";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
ssd3-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/cfea125e-90b1-4248-834d-16dcaf310783";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
ssd4-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/96055401-6d1a-4308-9e4e-2211e1e23635";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
ssd5-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/055e27e0-c96a-4899-8ee7-cb1cd5f21476";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
ssd6-cryptroot = {
|
|
|
|
|
device = "/dev/disk/by-uuid/6e830abd-2555-4558-81a3-4a990507b5a7";
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
bypassWorkqueues = true;
|
|
|
|
|
};
|
|
|
|
|
supportedFilesystems = {
|
|
|
|
|
bcachefs = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# clevis = {
|
|
|
|
|
# enable = true;
|
|
|
|
|
# devices = {
|
|
|
|
|
# "621706d6-e3a8-48d6-9560-58b01129a846".secretFile = ../../../test.jwe;
|
|
|
|
|
# };
|
|
|
|
|
# };
|
|
|
|
|
clevis = {
|
|
|
|
|
enable = lib.mkForce true;
|
|
|
|
|
devices = {
|
|
|
|
|
"/dev/disk/by-uuid/621706d6-e3a8-48d6-9560-58b01129a846".secretFile = ../../../test.jwe; # config.sops.secrets."disk-key".path;
|
|
|
|
|
"/dev/disk/by-uuid/d179ff8d-151d-4e62-9890-e13b5e006fdc".secretFile = ../../../test.jwe; # config.sops.secrets."disk-key".path;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-partlabel/disk-main-jallen-nas-cryptroot";
|
|
|
|
|
|
|
|
|
|
# Configure environment
|
|
|
|
|
environment = {
|
|
|
|
|
systemPackages = with pkgs; [
|
|
|
|
|
@@ -386,12 +333,7 @@ in
|
|
|
|
|
persistence."/media/nas/main/persist" = {
|
|
|
|
|
hideMounts = true;
|
|
|
|
|
directories = [
|
|
|
|
|
# {
|
|
|
|
|
# directory = "/var/lib/redis-ccache";
|
|
|
|
|
# user = "redis-ccache";
|
|
|
|
|
# group = "redis-ccache";
|
|
|
|
|
# mode = "u=rwx,g=,o=";
|
|
|
|
|
# }
|
|
|
|
|
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
mjallen18