From f93a4d7db20babf51d9a8a4697d972606b6de0f4 Mon Sep 17 00:00:00 2001
From: jehadbaeth <jehad@leastauthority.com>
Date: Fri, 19 Mar 2021 13:46:45 +0300
Subject: [PATCH] HRO grid configs
---
.../privatestorageio-testing-stripe.secret | 1 +
.../production-users.nix | 6 +++
.../ristretto.signing-key | 0
morph/PrivateStorageSecrets/stripe.secret | 1 +
morph/grid/production/config.json | 8 ++--
morph/grid/production/grid.nix | 37 +++++++------------
morph/grid/production/storage001-config.nix | 13 ++++---
morph/grid/production/storage001-hardware.nix | 19 +++++-----
morph/grid/production/storage002-config.nix | 9 +++--
morph/grid/production/storage002-hardware.nix | 29 +++++++--------
morph/grid/production/storage003-config.nix | 15 ++++----
morph/grid/production/storage003-hardware.nix | 24 +++++++-----
morph/grid/production/storage004-config.nix | 8 ----
morph/grid/production/storage004-hardware.nix | 32 ----------------
morph/grid/production/storage005-config.nix | 8 ----
morph/grid/production/storage005-hardware.nix | 37 -------------------
morph/lib/bootstrap-configuration.nix | 2 +-
morph/lib/issuer-ovh.nix | 6 +++
morph/lib/issuer.nix | 6 +++
morph/lib/make-grid.nix | 2 +-
morph/lib/make-storage.nix | 6 +++
nixos/modules/issuer.nix | 2 +-
22 files changed, 104 insertions(+), 167 deletions(-)
create mode 100644 morph/PrivateStorageSecrets/privatestorageio-testing-stripe.secret
create mode 100644 morph/PrivateStorageSecrets/production-users.nix
create mode 100644 morph/PrivateStorageSecrets/ristretto.signing-key
create mode 100644 morph/PrivateStorageSecrets/stripe.secret
delete mode 100644 morph/grid/production/storage004-config.nix
delete mode 100644 morph/grid/production/storage004-hardware.nix
delete mode 100644 morph/grid/production/storage005-config.nix
delete mode 100644 morph/grid/production/storage005-hardware.nix
create mode 100644 morph/lib/issuer-ovh.nix
diff --git a/morph/PrivateStorageSecrets/privatestorageio-testing-stripe.secret b/morph/PrivateStorageSecrets/privatestorageio-testing-stripe.secret
new file mode 100644
index 00000000..31b44aca
--- /dev/null
+++ b/morph/PrivateStorageSecrets/privatestorageio-testing-stripe.secret
@@ -0,0 +1 @@
+dummy value
\ No newline at end of file
diff --git a/morph/PrivateStorageSecrets/production-users.nix b/morph/PrivateStorageSecrets/production-users.nix
new file mode 100644
index 00000000..d28ae9d2
--- /dev/null
+++ b/morph/PrivateStorageSecrets/production-users.nix
@@ -0,0 +1,6 @@
+let
+ jehad = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2ME4kxDgS5KtwdITfq4hKuB6mQDv2zYsPcUlhXhZkS jehad@nixos";
+in {
+ root = jehad;
+ inherit jehad;
+}
diff --git a/morph/PrivateStorageSecrets/ristretto.signing-key b/morph/PrivateStorageSecrets/ristretto.signing-key
new file mode 100644
index 00000000..e69de29b
diff --git a/morph/PrivateStorageSecrets/stripe.secret b/morph/PrivateStorageSecrets/stripe.secret
new file mode 100644
index 00000000..31b44aca
--- /dev/null
+++ b/morph/PrivateStorageSecrets/stripe.secret
@@ -0,0 +1 @@
+dummy value
\ No newline at end of file
diff --git a/morph/grid/production/config.json b/morph/grid/production/config.json
index ec60acc7..ec0e86bb 100644
--- a/morph/grid/production/config.json
+++ b/morph/grid/production/config.json
@@ -1,11 +1,11 @@
{ "publicStoragePort": 8898
-, "ristrettoSigningKeyPath": "../../PrivateStorageSecrets/ristretto.signing-key"
+, "ristrettoSigningKeyPath": "/run/media/jehad/keys/ristretto.key"
, "stripeSecretKeyPath": "../../PrivateStorageSecrets/stripe.secret"
, "passValue": 1000000
-, "issuerDomain": "payments.privatestorage.io"
+, "issuerDomain": "payments.deerfield.leastauthority.com"
, "letsEncryptAdminEmail": "jean-paul@privatestorage.io"
, "allowedChargeOrigins": [
- "https://privatestorage.io"
- , "https://www.privatestorage.io"
+ "https://leastauthority.com"
+ , "https://www.leastauthority.com"
]
}
diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix
index 7b056146..acc36512 100644
--- a/morph/grid/production/grid.nix
+++ b/morph/grid/production/grid.nix
@@ -6,7 +6,7 @@ import ../../lib/make-grid.nix {
config = ./config.json;
nodes = cfg:
let
- sshUsers = import ../../../../PrivateStorageSecrets/production-users.nix;
+ sshUsers = import ../../PrivateStorageSecrets/production-users.nix;
in {
# Here are the hosts that are in this morph network. This is sort of like
# a server manifest. We try to keep as many of the specific details as
@@ -20,41 +20,30 @@ import ../../lib/make-grid.nix {
# doesn't specify one.
#
# The names must be unique!
- "payments.privatestorage.io" = import ../../lib/issuer.nix ({
+ "payments.deerfield.leastauthority.com" = import ../../lib/issuer.nix ({
inherit sshUsers;
- hardware = ../../lib/issuer-aws.nix;
- stateVersion = "19.03";
+ hardware = ../../lib/issuer-ovh.nix;
+ stateVersion = "19.09";
} // cfg);
- "storage001" = import ../../lib/make-storage.nix ({
- cfg = import ./storage001-config.nix;
- inherit sshUsers;
- hardware = ./storage001-hardware.nix;
- stateVersion = "19.09";
- } // cfg);
- "storage002" = import ../../lib/make-storage.nix ({
+ #"storage001.deerfield.leastauthority.com" = import ../../lib/make-storage.nix ({
+ # cfg = import ./storage001-config.nix;
+ # inherit sshUsers;
+ # hardware = ./storage001-hardware.nix;
+ # stateVersion = "19.09";
+ #} // cfg);
+ "storage002.deerfield.leastauthority.com" = import ../../lib/make-storage.nix ({
cfg = import ./storage002-config.nix;
inherit sshUsers;
hardware = ./storage002-hardware.nix;
stateVersion = "19.09";
} // cfg);
- "storage003" = import ../../lib/make-storage.nix ({
+ "storage003.deerfield.leastauthority.com" = import ../../lib/make-storage.nix ({
cfg = import ./storage003-config.nix;
inherit sshUsers;
hardware = ./storage003-hardware.nix;
stateVersion = "19.09";
} // cfg);
- "storage004" = import ../../lib/make-storage.nix ({
- cfg = import ./storage004-config.nix;
- inherit sshUsers;
- hardware = ./storage004-hardware.nix;
- stateVersion = "19.09";
- } // cfg);
- "storage005" = import ../../lib/make-storage.nix ({
- cfg = import ./storage005-config.nix;
- inherit sshUsers;
- hardware = ./storage005-hardware.nix;
- stateVersion = "19.03";
- } // cfg);
+
};
}
diff --git a/morph/grid/production/storage001-config.nix b/morph/grid/production/storage001-config.nix
index 63b0e876..46c16833 100644
--- a/morph/grid/production/storage001-config.nix
+++ b/morph/grid/production/storage001-config.nix
@@ -1,8 +1,9 @@
+#OVH
{ "hostId" = "00000001";
- "interface" = "eno1";
- "publicIPv4" = "176.113.72.38";
- "prefixLength" = 30;
- "gateway" = "176.113.72.37";
- "gatewayInterface" = "eno1";
- "grubDeviceID" = "wwn-0x5000cca25cc08d27";
+ "interface" = "eno3";
+ "publicIPv4" = "149.202.210.20";
+ "prefixLength" = 24;
+ "gateway" = "149.202.210.254";
+ "gatewayInterface" = "eno3";
+ "grubDeviceID" = "nvme-eui.e8238fa6bf530001001b444a445259f0";
}
diff --git a/morph/grid/production/storage001-hardware.nix b/morph/grid/production/storage001-hardware.nix
index 4cd9f59b..f1f150f5 100644
--- a/morph/grid/production/storage001-hardware.nix
+++ b/morph/grid/production/storage001-hardware.nix
@@ -1,39 +1,40 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, modulesPath, ... }:
{
imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ [ (modulesPath + "/installer/scan/not-detected.nix")
];
- boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "sd_mod" ];
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
- { device = "/dev/disk/by-uuid/f72c1f46-6723-45bf-9ef7-92f31cc37589";
+ { device = "/dev/disk/by-uuid/f04b2abe-3639-407d-af51-3f9a96397c75";
fsType = "ext4";
};
fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/cb3a16e1-d811-4659-be42-15e5e35cd37a";
- fsType = "ext4";
+ { device = "/dev/disk/by-uuid/2C07-8823";
+ fsType = "vfat";
};
+
# Manually created using:
- # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25cc06670,wwn-0x5000cca244c94a41,wwn-0x5000cca24ceb8bb4,wwn-0x500003983bd01315,wwn-0x500003983bd812b2,wwn-0x5000cca25cc09d0c,wwn-0x5000c500921dd6b6}
+ # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca097d000d6,wwn-0x5000cca097d01947,wwn-0x5000cca097d019a0,wwn-0x5000cca097d01ace}
+
fileSystems."/storage" =
{ device = "root";
fsType = "zfs";
};
swapDevices =
- [ { device = "/dev/disk/by-uuid/f986a811-4912-4e9a-8bc3-01cb6926c4c6"; }
+ [ { device = "/dev/disk/by-uuid/b7daa128-c9cb-4446-a6ff-4b78dff16482"; }
];
- nix.maxJobs = lib.mkDefault 24;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
diff --git a/morph/grid/production/storage002-config.nix b/morph/grid/production/storage002-config.nix
index d74a99ec..760c4734 100644
--- a/morph/grid/production/storage002-config.nix
+++ b/morph/grid/production/storage002-config.nix
@@ -1,8 +1,9 @@
+#Servermania
{ "hostId" = "00000002";
"interface" = "eno1";
- "publicIPv4" = "37.120.214.110";
- "prefixLength" = 30;
- "gateway" = "37.120.214.109";
+ "publicIPv4" = "104.144.74.50";
+ "prefixLength" = 29;
+ "gateway" = "104.144.74.49";
"gatewayInterface" = "eno1";
- "grubDeviceID" = "wwn-0x5000cca25dccb3dc";
+ "grubDeviceID" = "wwn-0x5000cca0becd9847";
}
diff --git a/morph/grid/production/storage002-hardware.nix b/morph/grid/production/storage002-hardware.nix
index 4fc3a409..ed326741 100644
--- a/morph/grid/production/storage002-hardware.nix
+++ b/morph/grid/production/storage002-hardware.nix
@@ -1,39 +1,38 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, modulesPath, ... }:
{
imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ [ (modulesPath + "/installer/scan/not-detected.nix")
];
- boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
- { device = "/dev/disk/by-uuid/0e92ada9-effb-42e2-a26a-9cdb529bcdc7";
+ { device = "/dev/disk/by-uuid/2b24e075-6dc6-44b5-98a8-b87032fb906a";
fsType = "ext4";
};
- # Manually created using:
- # zpool create -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25dcc966d,wwn-0x5000cca24cec02e3,wwn-0x5000cca25dcc7711,wwn-0x5000cca25dccca63,wwn-0x5000cca25dcc74b6,wwn-0x5000cca25dcc4591,wwn-0x5000cca25dcc4461}
- fileSystems."/storage" = {
- device = "root";
- fsType = "zfs";
- };
-
fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/50b73d78-12cd-4599-a774-57af14e6d9f7";
- fsType = "ext4";
+ { device = "/dev/disk/by-uuid/168E-E901";
+ fsType = "vfat";
};
+ # Manually created using:
+ # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca0becd9847-part4,wwn-0x5000cca0bec360b1}
+ fileSystems."/storage" =
+ { device = "root";
+ fsType = "zfs";
+ };
swapDevices =
- [ { device = "/dev/disk/by-uuid/f762b5e2-bbdd-4a02-bbd9-0bf6b11e0ab5"; }
+ [ { device = "/dev/disk/by-uuid/f808eacd-5a1f-426a-a0f3-e1a2bbdf535c"; }
];
- nix.maxJobs = lib.mkDefault 24;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
diff --git a/morph/grid/production/storage003-config.nix b/morph/grid/production/storage003-config.nix
index e83546ad..f5be748f 100644
--- a/morph/grid/production/storage003-config.nix
+++ b/morph/grid/production/storage003-config.nix
@@ -1,8 +1,9 @@
-{ "hostId" = "00000003";
- "interface" = "eno1";
- "publicIPv4" = "45.83.89.186";
- "prefixLength" = 30;
- "gateway" = "45.83.89.185";
- "gatewayInterface" = "eno1";
- "grubDeviceID" = "wwn-0x5000cca248c31469";
+#OVH
+{ "hostId" = "00000001";
+ "interface" = "eno3";
+ "publicIPv4" = "151.80.28.108";
+ "prefixLength" = 24;
+ "gateway" = "151.80.28.254";
+ "gatewayInterface" = "eno3";
+ "grubDeviceID" = "nvme-eui.e8238fa6bf530001001b448b463b77bf";
}
diff --git a/morph/grid/production/storage003-hardware.nix b/morph/grid/production/storage003-hardware.nix
index 607943b1..69e688d3 100644
--- a/morph/grid/production/storage003-hardware.nix
+++ b/morph/grid/production/storage003-hardware.nix
@@ -1,37 +1,41 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, modulesPath, ... }:
{
imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ [ (modulesPath + "/installer/scan/not-detected.nix")
];
- boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "sd_mod" ];
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
- { device = "/dev/disk/by-uuid/daf0b345-97da-46bc-b9df-500d771ec375";
+ { device = "/dev/disk/by-uuid/56a050e2-daee-40e2-becb-17d1f7908ceb";
fsType = "ext4";
};
fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/a1843705-f4e9-4805-924c-19f464d23da7";
- fsType = "ext4";
+ { device = "/dev/disk/by-uuid/B89B-F110";
+ fsType = "vfat";
};
+
+
# Manually created using:
- # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca249d43969,wwn-0x5000cca248dd1f83,wwn-0x5000cca249d44a67,wwn-0x5000cca249d46730,wwn-0x5000cca25dcc719c,wwn-0x5000cca25dcc0241,wwn-0x5000cca24ac2b2df}
+ # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca250dad38f,wwn-0x5000cca249da097e,wwn-0x5000cca249d11d1a,wwn-0x5000cca249cf8922}
+
fileSystems."/storage" =
{ device = "root";
fsType = "zfs";
};
- swapDevices = [ ];
-
- nix.maxJobs = lib.mkDefault 24;
+ swapDevices =
+ [ { device = "/dev/disk/by-uuid/e47cfddc-485c-46fb-9004-c9b8619b81ff"; }
+ ];
+ nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
diff --git a/morph/grid/production/storage004-config.nix b/morph/grid/production/storage004-config.nix
deleted file mode 100644
index 8201391c..00000000
--- a/morph/grid/production/storage004-config.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ "hostId" = "00000004";
- "interface" = "eno1";
- "publicIPv4" = "87.101.93.198";
- "prefixLength" = 30;
- "gateway" = "87.101.93.197";
- "gatewayInterface" = "eno1";
- "grubDeviceID" = "wwn-0x5000cca249d45533";
-}
diff --git a/morph/grid/production/storage004-hardware.nix b/morph/grid/production/storage004-hardware.nix
deleted file mode 100644
index 07de74e2..00000000
--- a/morph/grid/production/storage004-hardware.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
-
-{
- imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
- ];
-
- boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "sd_mod" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/d628122e-05d9-4212-b6a5-4b9516d85dbe";
- fsType = "ext4";
- };
-
- # Manually created using:
- # zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25cc0b6f9,wwn-0x5000cca25cc073af,wwn-0x5000cca25dcca3b5,wwn-0x5000cca25cc0addc,wwn-0x5000cca25cc08772,wwn-0x5000cca25dcc6f5f,wwn-0x5000cca25dcc4491}
- fileSystems."/storage" =
- { device = "root";
- fsType = "zfs";
- };
-
- swapDevices = [ ];
-
- nix.maxJobs = lib.mkDefault 32;
- powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-}
diff --git a/morph/grid/production/storage005-config.nix b/morph/grid/production/storage005-config.nix
deleted file mode 100644
index 42ac495a..00000000
--- a/morph/grid/production/storage005-config.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ "hostId" = "00000005";
- "interface" = "eno1";
- "publicIPv4" = "193.148.18.206";
- "prefixLength" = 30;
- "gateway" = "193.148.18.205";
- "gatewayInterface" = "eno1";
- "grubDeviceID" = "wwn-0x5000cca25dcc78b5";
-}
diff --git a/morph/grid/production/storage005-hardware.nix b/morph/grid/production/storage005-hardware.nix
deleted file mode 100644
index 9a5ad027..00000000
--- a/morph/grid/production/storage005-hardware.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
-
-{
- imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
- ];
-
- boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/2653c6bb-396f-4911-b9ff-b68de8f9715d";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/68edb827-6750-483d-891e-462333f2dbc1";
- fsType = "ext4";
- };
-
- # Manually created using:
- # zpool create -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25dcc7721,wwn-0x5000cca25dcb2ebe,wwn-0x5000cca25dcb1184,scsi-35000cca25dcca2bd,wwn-0x5000cca244c977af,wwn-0x5000cca244c97e6e,wwn-0x5000cca25cc0a136}
- fileSystems."/storage" = {
- device = "root";
- fsType = "zfs";
- };
-
- swapDevices = [ ];
-
- nix.maxJobs = lib.mkDefault 32;
- powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-}
diff --git a/morph/lib/bootstrap-configuration.nix b/morph/lib/bootstrap-configuration.nix
index c639fb97..c745ca11 100644
--- a/morph/lib/bootstrap-configuration.nix
+++ b/morph/lib/bootstrap-configuration.nix
@@ -62,7 +62,7 @@ let
# This is whatever ssh public key is appropriate at the time. I'm leaving
# mine here for now.
- rootPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN4GenAY/YLGuf1WoMXyyVa3S9i4JLQ0AG+pt7nvcLlQ exarkun@baryon";
+ rootPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2ME4kxDgS5KtwdITfq4hKuB6mQDv2zYsPcUlhXhZkS jehad@nixos";
# Stop! I hope you're done when you get here. If you have to modify
# anything below this point the expression should probably be refactored and
diff --git a/morph/lib/issuer-ovh.nix b/morph/lib/issuer-ovh.nix
new file mode 100644
index 00000000..97cb238e
--- /dev/null
+++ b/morph/lib/issuer-ovh.nix
@@ -0,0 +1,6 @@
+{ modulesPath, ... }:
+{
+ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+ boot.loader.grub.device = "/dev/sda";
+ fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+}
diff --git a/morph/lib/issuer.nix b/morph/lib/issuer.nix
index 33c87f70..b665836d 100644
--- a/morph/lib/issuer.nix
+++ b/morph/lib/issuer.nix
@@ -9,6 +9,12 @@
, ...
}: {
deployment = {
+ healthChecks = {
+ cmd = [{
+ cmd = ["sleep" "2" "&&" "sudo" "systemctl" "is-active" "--quiet" "zkapissuer.service"]; #sleep for 2 seconds to avoid false positives during startup.
+ description = "Testing that 'zkapissuer.service' works.";
+ }];
+ };
secrets = {
"ristretto-signing-key" = {
source = ristrettoSigningKeyPath;
diff --git a/morph/lib/make-grid.nix b/morph/lib/make-grid.nix
index de10df1e..d7dbb440 100644
--- a/morph/lib/make-grid.nix
+++ b/morph/lib/make-grid.nix
@@ -14,6 +14,6 @@ in
# Make all of the hosts in this network use the nixpkgs we pinned above.
inherit pkgs;
# This is just for human consumption as far as I can tell.
- description = "PrivateStorage.io ${name} Grid";
+ description = "HRO.Storage ${name} Grid";
};
} // (nodes cfg)
diff --git a/morph/lib/make-storage.nix b/morph/lib/make-storage.nix
index a9c968c2..a8ea7d68 100644
--- a/morph/lib/make-storage.nix
+++ b/morph/lib/make-storage.nix
@@ -14,6 +14,12 @@
, ...
}: rec {
deployment = {
+ healthChecks = {
+ cmd = [{
+ cmd = ["sleep" "2" "&&" "sudo" "systemctl" "is-active" "--quiet" "tahoe.storage.service"]; #sleep for 2 seconds to avoid false positives during startup.
+ description = "Testing that 'tahoe.storage.service' works.";
+ }];
+ };
secrets = {
"ristretto-signing-key" = {
source = ristrettoSigningKeyPath;
diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix
index 7654bf1f..7964874c 100644
--- a/nixos/modules/issuer.nix
+++ b/nixos/modules/issuer.nix
@@ -21,7 +21,7 @@ in {
'';
};
services.private-storage-issuer.domain = lib.mkOption {
- default = "payments.privatestorage.io";
+ default = "payments.deerfield.leastauthority.com";
type = lib.types.str;
example = lib.literalExample "payments.example.com";
description = ''
--
GitLab