tristan/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Migrate pulse from raid1 to single

Browse source
This commit is contained in:
Tristan D. 2024-06-20 15:01:58 +02:00
parent f6355c85b2
commit a02606a625
Signed by: tristan
SSH key fingerprint: SHA256:U7y6eMb7CQDaTHv9XoX6/BaQnPqyxxKc+Xnfcefi6rY
2 changed files with 61 additions and 151 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
systems/nixos-pulse/default.nix
View file

@ -24,7 +24,6 @@
../../os-mods/ryzenapu
../../os-mods/virt
../../users
./disko.nix
];
programs.corectrl.gpuOverclock.enable = lib.mkForce false;
@ -42,6 +41,9 @@
kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos;
kernelPatches = [ ];
kernelParams = [
# "systemd.unit=emergency.target"
"systemd.setenv=SYSTEMD_SULOGIN_FORCE=1"
# "rescue"
# "pcie_aspm=force"
# "pcie_aspm.policy=powersupersave"
# "rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups
@ -50,20 +52,42 @@
loader = {
systemd-boot = {
enable = true;
configurationLimit = 8;
configurationLimit = 16;
};
efi.canTouchEfiVariables = true;
};
supportedFilesystems = [ "btrfs" "vfat" ];
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ ];
systemd.enable = true;
supportedFilesystems = [ "btrfs" "vfat" ];
luks.devices = {
"crypted_1" = {
device = "/dev/disk/by-uuid/9cca6269-6afa-4f77-92ff-2e9eb8fc9bc7";
allowDiscards = true;
bypassWorkqueues = true;
crypttabExtraOpts = [ "nofail" ];
};
"crypted_swap_1" = {
device = "/dev/disk/by-uuid/7b19e61a-20cd-47ae-9da2-0f40c9be86fe";
allowDiscards = true;
bypassWorkqueues = true;
crypttabExtraOpts = [ "nofail" ];
};
};
};
extraModulePackages = [ ];
};
swapDevices = [
{ device = "/dev/disk/by-uuid/83b6aa0a-ff9f-40ef-b728-6540bd5c9365"; }
];
services.btrfs.autoScrub.enable = true;
networking = {
@ -78,6 +102,10 @@
192.168.0.180 vewasmb.oekonzept.de
192.168.0.91 puppet.oekonzept.de
192.168.0.245 camt.oekonzept.net
192.168.0.245 camt-cbg.oekonzept.net
192.168.0.245 camt-eth.oekonzept.net
192.168.0.245 camt-pro.oekonzept.net
192.168.0.245 camt-swbfk.oekonzept.net
192.168.0.245 cloud.oekonzept.net
192.168.0.245 office.oekonzept.net
192.168.0.245 llama.oekonzept.net
@ -113,6 +141,7 @@
let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
perm_opts = "uid=1000,gid=100";
btrfs_opts = "autodefrag,compress=zstd,discard=async,noatime,space_cache=v2,ssd";
smb_opts = [
"vers=2.0,credentials=/home/tristand/.smb-secrets"
perm_opts
@ -125,6 +154,36 @@
];
in
{
"/" = {
device = "/dev/mapper/crypted_1";
fsType = "btrfs";
options = [
btrfs_opts
"subvol=_active/root"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/3226-7E38";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/home" = {
device = "/dev/mapper/crypted_1";
fsType = "btrfs";
options = [
btrfs_opts
"subvol=_active/home"
];
};
"/nix" = {
device = "/dev/mapper/crypted_1";
fsType = "btrfs";
options = [
btrfs_opts
"subvol=_active/nix"
];
};
"/mnt/ServerF" = {
# device = "//srv-nas-01.local/Server_F";
device = "//192.168.0.1/Server_F";

149
systems/nixos-pulse/disko.nix
View file

@ -1,149 +0,0 @@
let
cryptOpenArgs = [
"--allow-discards"
"--perf-same_cpu_crypt"
"--perf-submit_from_crypt_cpus"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
in
{
disko.devices = {
disk = {
cryptroot_0 = {
type = "disk";
device = "/dev/disk/by-id/nvme-eui.0000000623072487caf25b0310000017";
content = {
type = "gpt";
partitions = {
ESP = {
label = "fake_EFI";
name = "fake_ESP";
size = "512M";
type = "8300";
};
luks = {
end = "-256G";
content = {
type = "luks";
name = "crypted_0";
extraOpenArgs = cryptOpenArgs;
passwordFile = "/tmp/secret.key";
additionalKeyFiles = [ ];
# content is empty here as the btrfs partition will be created via extraArgs of the cryptroot_1 partition def
};
};
luksSwap = {
# size = "64G"
end = "-192G";
content = {
type = "luks";
name = "crypted_swap_0";
extraOpenArgs = cryptOpenArgs;
passwordFile = "/tmp/secret.key";
additionalKeyFiles = [ ];
content = {
type = "swap";
};
};
};
};
};
};
cryptroot_1 = {
type = "disk";
device = "/dev/disk/by-id/nvme-eui.0000000623072487caf25b031000000d";
content = {
type = "gpt";
partitions = {
ESP = {
label = "real_EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
end = "-256G";
content = {
type = "luks";
name = "crypted_1";
extraOpenArgs = cryptOpenArgs;
passwordFile = "/tmp/secret.key";
additionalKeyFiles = [ ];
content = {
# this partiton needs to be in the last parent part alphabetically to ensure the referenced /crypted_0 dev already exists
type = "btrfs";
extraArgs = [
"-L btrfs_vault"
"-f"
"-m raid1"
"-d raid1"
"/dev/mapper/crypted_0"
];
subvolumes = {
"/_active" = { };
"/_active/root" = {
mountpoint = "/";
mountOptions = [
"autodefrag"
"compress=zstd"
"discard=async"
"noatime"
"space_cache=v2"
"ssd"
];
};
"/_active/home" = {
mountpoint = "/home";
mountOptions = [
"autodefrag"
"compress=zstd"
"discard=async"
"relatime"
"space_cache=v2"
"ssd"
];
};
"/_active/nix" = {
mountpoint = "/nix";
mountOptions = [
"autodefrag"
"compress=zstd"
"discard=async"
"noatime"
"space_cache=v2"
"ssd"
];
};
};
};
};
};
luksSwap = {
end = "-192G";
content = {
type = "luks";
name = "crypted_swap_1";
extraOpenArgs = cryptOpenArgs;
passwordFile = "/tmp/secret.key";
additionalKeyFiles = [ ];
content = {
type = "swap";
resumeDevice = true;
};
};
};
};
};
};
};
};
}