Fix things

joinemm · Nov 2, 2024 · 027aa3d · 027aa3d
1 parent 3ee500b
commit 027aa3d
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -14,7 +14,8 @@ Shell scripts are built from the flake at <https://github.com/joinemm/bin>
 - `athens` - Thinkpad X1 Carbon gen11 (work laptop)
 - `byzantium` - Hetzner box running grafana and prometheus for monitoring
 - `alexandria` - Hetzner box acting as syncthing node and hosting web services
-- `kyoto` - Raspberry Pi 4B, mainly for blocky DNS server
+- `kyoto` - Raspberry Pi 4B, mainly used as a DNS server
+- `thebes` - Aoostar WTR PRO, my NAS and home server
 
 ## Installing a configuration
 

diff --git a/hosts/alexandria/default.nix b/hosts/alexandria/default.nix
@@ -212,7 +212,7 @@ in
       };
       dns = {
         override_local_dns = true;
-        base_domain = "portal.joinemm.dev";
+        base_domain = "t.s";
         magic_dns = true;
         nameservers.global = [ "100.64.0.3" ];
       };

diff --git a/hosts/kyoto/default.nix b/hosts/kyoto/default.nix
@@ -25,6 +25,8 @@
     ./monitoring.nix
   ];
 
+  boot.kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
+
   hardware = {
     raspberry-pi."4" = {
       apply-overlays-dtmerge.enable = true;

diff --git a/hosts/thebes/default.nix b/hosts/thebes/default.nix
@@ -19,6 +19,7 @@
     ])
     inputs.disko.nixosModules.disko
     inputs.sops-nix.nixosModules.sops
+    ./disk-config.nix
   ];
 
   networking.hostName = "thebes";
@@ -49,6 +50,11 @@
 
   # MOUNTS
 
+  systemd.tmpfiles.rules = [
+    "d /data 0755 root root"
+    "d /srv/nfs 0775 nfs users"
+  ];
+
   fileSystems = {
 
     # Storage drives are formatted by hand
@@ -88,7 +94,7 @@
     uid = 1001;
   };
 
-  services.nfs = {
+  services.nfs.server = {
     enable = true;
     exports = ''
       /srv/nfs  192.168.1.0/24(rw,sync,no_subtree_check,root_squash,all_squash,anonuid=1001,anongid=100,fsid=0)
@@ -104,11 +110,11 @@
         111
         2049
       ]
-      ++ builtins.attrVals [
+      ++ lib.attrVals [
         "statdPort"
         "lockdPort"
         "mountdPort"
-      ] config.services.nfs;
+      ] config.services.nfs.server;
 
     allowedUDPPorts = allowedTCPPorts;
   };
@@ -118,5 +124,8 @@
   services.scrutiny = {
     enable = true;
     openFirewall = true;
+    collector.enable = true;
   };
+
+  services.vnstat.enable = true;
 }
diff --git a/nix/deployments.nix b/nix/deployments.nix
@@ -17,6 +17,13 @@ let
         path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.byzantium;
       };
     };
+    thebes = {
+      hostname = "192.168.1.4";
+      profiles.system = {
+        user = "root";
+        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.thebes;
+      };
+    };
   };
 
   aarch64 = {

diff --git a/nix/devshell.nix b/nix/devshell.nix
@@ -1,3 +1,4 @@
+{ self, ... }:
 {
   perSystem =
     { pkgs, ... }:
@@ -11,9 +12,9 @@
           deploy-rs
 
           # add scripts to path
-          (pkgs.writeScriptBin "list-nodes" ../scripts/list-nodes.sh)
-          (pkgs.writeScriptBin "install" ../scripts/install.sh)
-          (pkgs.writeScriptBin "init-secrets" ../scripts/init-secrets.sh)
+          (pkgs.writeScriptBin "node-list" (builtins.readFile (self + /scripts/list.sh)))
+          (pkgs.writeScriptBin "node-install" (builtins.readFile (self + /scripts/install.sh)))
+          (pkgs.writeScriptBin "node-init-secrets" (builtins.readFile (self + /scripts/init-secrets.sh)))
         ];
       };
     };

diff --git a/scripts/list-nodes.sh → scripts/list.sh b/scripts/list-nodes.sh → scripts/list.sh