cluster/machines/bc01n05.hswaw.net.nix - hscloud - Gitiles

 { config, pkgs, lib, ... }:

 with builtins;
 let
   postgresPkg = pkgs.postgresql_14;
   numCPUs = 16;
 in rec {
   networking.hostName = "bc01n05";
   # TODO: undefine fqdn and define domain after big nix change
   hscloud.base.fqdn = "${networking.hostName}.hswaw.net";
   #networking.domain = "hswaw.net";
   system.stateVersion = "22.05";
   nix.maxJobs = numCPUs;

   ### zfs
   # randomly generated
   networking.hostId = "26dbfbcd";
   boot.supportedFilesystems = [ "zfs" ];
   boot.initrd.supportedFilesystems = [ "zfs" ];
   services.zfs.trim.enable = true;

   boot.loader.grub.device = "/dev/sda";
   fileSystems = {
     "/" = {
       device = "rpool/nixos/root";
       fsType = lib.mkForce "zfs";
       options = [ "X-mount.mkdir" ];
     };
     "/home" = {
       device = "rpool/nixos/home";
       fsType = "zfs";
       options = [ "X-mount.mkdir" ];
     };
     "/var/lib/postgresql" = {
       device = "rpool/postgres";
       fsType = "zfs";
       options = [ "X-mount.mkdir" ];
     };
     "/boot" = {
       device = "/dev/disk/by-uuid/2a951c5d-0193-4ef3-9227-d8a5184cbd63";
       fsType = "ext4";
     };
   };

   hscloud.base = {
     mgmtIf = "eno1";
     ipAddr = "185.236.240.37";
     ipAddrBits = 28;
     gw = "185.236.240.33";
   };

   networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];

   environment.systemPackages = [postgresPkg];
   services.postgresql = {
     enable = true;
     package = postgresPkg;
     enableTCPIP = true;
     initdbArgs = ["--encoding='UTF8'" "--lc-collate='C'" "--lc-ctype='C'"];
     settings = {
       max_connections = 300;
       shared_buffers = "8GB";
       temp_buffers = "128MB";
       work_mem = "128MB";
       maintenance_work_mem = "258MB";
       effective_io_concurrency = 10;  # ssd, guess
       maintenance_io_concurrency = 100; # ssd, guess
       max_worker_processes = numCPUs;
       max_parallel_workers = numCPUs;
       max_parallel_maintenance_workers = 4;
       wal_level = "logical";
       wal_sync_method = "fsync"; # slightly faster (per pg_test_fsync) AND safer
       full_page_writes = "off"; # partial writes impossible on zfs
       wal_init_zero = "off"; # useless on CoW
       wal_recycle = "off";  # same
       random_page_cost = 2.0; # ssd, TODO maybe even lower?
     };
     ensureDatabases = ["synapse" "mediarepo"];
     ensureUsers = [
       {
         name = "synapse";
         ensurePermissions = {
           "DATABASE synapse" = "ALL PRIVILEGES";
         };
       }
       {
         name = "mediarepo";
         ensurePermissions = {
           "DATABASE mediarepo" = "ALL PRIVILEGES";
         };
       }
     ];
     authentication = pkgs.lib.mkOverride 10 ''
       local   all               all                                 trust
       host    all               all               127.0.0.1/32      trust
       host    all               all               ::1/128           trust
       host    synapse,mediarepo synapse,mediarepo 185.236.240.0/24  scram-sha-256
     '';
   };
 }
	{ config, pkgs, lib, ... }:

	with builtins;
	let
	postgresPkg = pkgs.postgresql_14;
	numCPUs = 16;
	in rec {
	networking.hostName = "bc01n05";
	# TODO: undefine fqdn and define domain after big nix change
	hscloud.base.fqdn = "${networking.hostName}.hswaw.net";
	#networking.domain = "hswaw.net";
	system.stateVersion = "22.05";
	nix.maxJobs = numCPUs;

	### zfs
	# randomly generated
	networking.hostId = "26dbfbcd";
	boot.supportedFilesystems = [ "zfs" ];
	boot.initrd.supportedFilesystems = [ "zfs" ];
	services.zfs.trim.enable = true;

	boot.loader.grub.device = "/dev/sda";
	fileSystems = {
	"/" = {
	device = "rpool/nixos/root";
	fsType = lib.mkForce "zfs";
	options = [ "X-mount.mkdir" ];
	};
	"/home" = {
	device = "rpool/nixos/home";
	fsType = "zfs";
	options = [ "X-mount.mkdir" ];
	};
	"/var/lib/postgresql" = {
	device = "rpool/postgres";
	fsType = "zfs";
	options = [ "X-mount.mkdir" ];
	};
	"/boot" = {
	device = "/dev/disk/by-uuid/2a951c5d-0193-4ef3-9227-d8a5184cbd63";
	fsType = "ext4";
	};
	};

	hscloud.base = {
	mgmtIf = "eno1";
	ipAddr = "185.236.240.37";
	ipAddrBits = 28;
	gw = "185.236.240.33";
	};

	networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];

	environment.systemPackages = [postgresPkg];
	services.postgresql = {
	enable = true;
	package = postgresPkg;
	enableTCPIP = true;
	initdbArgs = ["--encoding='UTF8'" "--lc-collate='C'" "--lc-ctype='C'"];
	settings = {
	max_connections = 300;
	shared_buffers = "8GB";
	temp_buffers = "128MB";
	work_mem = "128MB";
	maintenance_work_mem = "258MB";
	effective_io_concurrency = 10; # ssd, guess
	maintenance_io_concurrency = 100; # ssd, guess
	max_worker_processes = numCPUs;
	max_parallel_workers = numCPUs;
	max_parallel_maintenance_workers = 4;
	wal_level = "logical";
	wal_sync_method = "fsync"; # slightly faster (per pg_test_fsync) AND safer
	full_page_writes = "off"; # partial writes impossible on zfs
	wal_init_zero = "off"; # useless on CoW
	wal_recycle = "off"; # same
	random_page_cost = 2.0; # ssd, TODO maybe even lower?
	};
	ensureDatabases = ["synapse" "mediarepo"];
	ensureUsers = [
	{
	name = "synapse";
	ensurePermissions = {
	"DATABASE synapse" = "ALL PRIVILEGES";
	};
	}
	{
	name = "mediarepo";
	ensurePermissions = {
	"DATABASE mediarepo" = "ALL PRIVILEGES";
	};
	}
	];
	authentication = pkgs.lib.mkOverride 10 ''
	local all all trust
	host all all 127.0.0.1/32 trust
	host all all ::1/128 trust
	host synapse,mediarepo synapse,mediarepo 185.236.240.0/24 scram-sha-256
	'';
	};
	}