{ privateFiles }:
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
{
+ boot.supportedFilesystems = [ "zfs" ];
+ boot.kernelParams = ["zfs.zfs_arc_max=6442450944"];
boot.kernelPackages = pkgs.linuxPackages_latest;
myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
+ fileSystems = {
+ "/" = lib.mkForce { fsType = "zfs"; device = "zpool/root"; };
+ "/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/e6bb18fb-ff56-4b5f-ae9f-e60d40dc0622"; };
+ "/etc" = { fsType = "zfs"; device = "zpool/root/etc"; };
+ "/nix" = { fsType = "zfs"; device = "zpool/root/nix"; };
+ "/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; };
+ "/var" = { fsType = "zfs"; device = "zpool/root/var"; };
+ };
+ boot.initrd.secrets = {
+ "/boot/pass.key" = "/boot/pass.key";
+ };
+
+ services.zfs = {
+ autoSnapshot = {
+ enable = true;
+ };
+ autoScrub = {
+ enable = true;
+ };
+ };
networking = {
+ hostId = "8262ca33"; # generated with head -c4 /dev/urandom | od -A none -t x4
firewall.enable = true;
# 176.9.151.89 declared in nixops -> infra / tools
interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
];
};
+ fileSystems."/var/lib/pub/immae/devtools" = {
+ device = "/run/current-system/sw/bin/bindfs#/var/lib/ftp/devtools.immae.eu/";
+ fsType = "fuse";
+ options = [ "force-user=pub" "create-for-user=wwwrun" "create-for-group=wwwrun" ];
+ };
+ environment.systemPackages = [ pkgs.bindfs pkgs.pv pkgs.smartmontools ];
+
# This value determines the NixOS release with which your system is
# to be compatible, in order to avoid breaking some software such as
# database servers. You should change this only after NixOS release
projects / perso / Immae / Config / Nix.git / blobdiff