coace/aegis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: coace:c8a54817b72eb7fdc388d9350e2b38f01a339ebc
Branches Tags
coace:master
...
compare: coace:master
Branches Tags
coace:master

7 Commits
c8a54817b7 ... master

Author SHA1 Message Date
coolneng
c33c04987f Remove duplicate definition of hostname 2021-09-07 21:44:04 +02:00
coolneng
7e74ff0892 Update README 2021-08-03 12:27:45 +01:00
coolneng
87f35f3bb3 Spin down the HDDs when not in use 2021-05-26 11:53:07 +02:00
coolneng
76c49857db Remove redundant inotify configuration 2021-05-25 12:31:28 +02:00
coolneng
1b2f799d77 Add SSH key for znapzend 2021-04-06 15:09:54 +02:00
coolneng
4b105b0517 Remove zeroconf and firewall configuration 2021-04-06 12:56:28 +02:00
coolneng
79fe0645a0 Add zpool to system 2021-04-06 12:31:08 +02:00
5 changed files with 35 additions and 26 deletions
Expand all files Collapse all files

10
README.org
View File

@@ -1,3 +1,13 @@
* Aegis
Declarative configuration for the ZFS backup server, using [[https://nixos.org][NixOS]]
** Modules
The configuration is sliced into different files, per category:
- ZFS pool configuration: hardware-configuration.nix
- Network configuration: networking.nix
- Systemd services and timers: periodic.nix
All the modules are imported in *configuration.nix*

13
configuration.nix
View File

@@ -33,9 +33,6 @@
# Cleanup tmp on startup
boot.cleanTmpDir = true;
# Set hostname
networking.hostName = "aegis";
# Create coace user
users.users.coace = {
isNormalUser = true;
@@ -89,16 +86,18 @@
shell = "${pkgs.fish}/bin/fish";
openssh.authorizedKeys.keys = [''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNmNckWBxa2fQkUjWLHgQd32C272yB+f9kTcnooszd5 coolneng@panacea
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICo/y05fFCh8VkDN40cgTR5ZqcbxWvzp0+OzaGIn6vEQ root@unit
''];
};
# Rotate logs after 7 days
services.journald.extraConfig = "SystemMaxFiles=7";
# Increase inotify limits
boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
# Import other configuration modules
imports = [ ./modules/hardware-configuration.nix ./modules/networking.nix ];
imports = [
./modules/hardware-configuration.nix
./modules/networking.nix
./modules/periodic.nix
];
}

7
modules/hardware-configuration.nix
View File

@@ -8,7 +8,7 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "usbhid" ];
boot.initrd.availableKernelModules = [ "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
@@ -18,6 +18,11 @@
fsType = "ext4";
};
fileSystems."/shield/unit" =
{ device = "shield/unit";
fsType = "zfs";
};
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";

18
modules/networking.nix
View File

@@ -19,22 +19,4 @@
nameservers = [ "1.1.1.1" "8.8.8.8" ];
enableIPv6 = false;
};
# Enable zeroconf
services.avahi = {
enable = true;
nssmdns = true;
publish = {
enable = true;
addresses = true;
domain = true;
};
};
# Firewall configuration
networking.firewall = {
allowedTCPPorts = [ ];
allowedUDPPorts = [ ];
};
}

13
modules/periodic.nix Normal file
View File

@@ -0,0 +1,13 @@
{ config, lib, pkgs, ... }:
{
# Idle HDDs when not used
systemd.services.hd-idle = {
description = "Idle HDDs when not in use";
wantedBy = [ "default.target" ];
path = with pkgs; [ hd-idle ];
script = "${pkgs.hd-idle}/bin/hd-idle";
serviceConfig.Type = "simple";
after = [ "shield-unit.mount" ];
};
}