Blame - cluster/machines/bc01n05.hswaw.net.nix - hscloud

blob: 84819f6b97fb9dad3f276fd59ce55ab1d13d568b [file] [log] [blame]

Bartosz Stebel	821b839	2023-03-05 23:21:37 +0100	[diff] [blame^]	1	{ config, pkgs, lib, ... }:
Serge Bazanski	712a5dc	2023-02-28 01:15:40 +0000	[diff] [blame]	2
				3	with builtins;
Bartosz Stebel	821b839	2023-03-05 23:21:37 +0100	[diff] [blame^]	4	let postgresPkg = pkgs.postgresql_14;
				5	in rec {
Serge Bazanski	712a5dc	2023-02-28 01:15:40 +0000	[diff] [blame]	6	networking.hostName = "bc01n05";
				7	# TODO: undefine fqdn and define domain after big nix change
				8	hscloud.base.fqdn = "${networking.hostName}.hswaw.net";
				9	#networking.domain = "hswaw.net";
				10	system.stateVersion = "22.05";
				11	nix.maxJobs = 16;
				12
Bartosz Stebel	821b839	2023-03-05 23:21:37 +0100	[diff] [blame^]	13	### zfs
				14	# randomly generated
				15	networking.hostId = "26dbfbcd";
				16	boot.supportedFilesystems = [ "zfs" ];
				17	boot.initrd.supportedFilesystems = [ "zfs" ];
				18	services.zfs.trim.enable = true;
				19
Serge Bazanski	712a5dc	2023-02-28 01:15:40 +0000	[diff] [blame]	20	boot.loader.grub.device = "/dev/sda";
Bartosz Stebel	821b839	2023-03-05 23:21:37 +0100	[diff] [blame^]	21	fileSystems = {
				22	"/" = {
				23	device = "rpool/nixos/root";
				24	fsType = lib.mkForce "zfs";
				25	options = [ "X-mount.mkdir" ];
				26	};
				27	"/home" = {
				28	device = "rpool/nixos/home";
				29	fsType = "zfs";
				30	options = [ "X-mount.mkdir" ];
				31	};
				32	"/var/lib/postgresql" = {
				33	device = "rpool/postgres";
				34	fsType = "zfs";
				35	options = [ "X-mount.mkdir" ];
				36	};
				37	"/boot" = {
				38	device = "/dev/disk/by-uuid/2a951c5d-0193-4ef3-9227-d8a5184cbd63";
				39	fsType = "ext4";
				40	};
Serge Bazanski	712a5dc	2023-02-28 01:15:40 +0000	[diff] [blame]	41	};
				42
				43	hscloud.base = {
				44	mgmtIf = "eno1";
				45	ipAddr = "185.236.240.37";
				46	ipAddrBits = 28;
				47	gw = "185.236.240.33";
				48	};
Bartosz Stebel	821b839	2023-03-05 23:21:37 +0100	[diff] [blame^]	49
				50	environment.systemPackages = [postgresPkg];
				51	services.postgresql = {
				52	enable = true;
				53	package = postgresPkg;
				54	enableTCPIP = true;
				55	initdbArgs = ["--encoding='UTF8'" "--lc-collate='C'" "--lc-ctype='C'"];
				56	ensureDatabases = ["synapse" "mediarepo"];
				57	ensureUsers = [
				58	{
				59	name = "synapse";
				60	ensurePermissions = {
				61	"DATABASE synapse" = "ALL PRIVILEGES";
				62	};
				63	}
				64	{
				65	name = "mediarepo";
				66	ensurePermissions = {
				67	"DATABASE mediarepo" = "ALL PRIVILEGES";
				68	};
				69	}
				70	];
				71	# TODO actually allow synapse to talk to us
				72	# also adjust firewall
				73	authentication = pkgs.lib.mkOverride 10 ''
				74	local all all trust
				75	host all all 127.0.0.1/32 trust
				76	host all all ::1/128 trust
				77	'';
				78	};
Serge Bazanski	712a5dc	2023-02-28 01:15:40 +0000	[diff] [blame]	79	}
				80