Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
Loading items

Target

Select target project
  • tomprince/PrivateStorageio
  • privatestorage/PrivateStorageio
2 results
Select Git revision
Loading items
Show changes
Showing
with 372 additions and 0 deletions
Zq4OsMOTJ2NsVi00hB0x20mMqvoCrDUfleoI5rzIeEc=
9ThSUgSNrykQEULj70QQyjlvtvGTmMPqsRMz8hc9xHA=
fPUnFOzBZRJDBdSR6iS5AaC40KKy/2REiM16hx+woxk=
qS4rT+zjWrbXDhtEF4oyGv8/5oCIE1ZU9FF+O6AL8V4=
172.23.23.1.pub
\ No newline at end of file
let
flo = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII6EUU/KNDr7y3m5OVWBZAuPiMJ4us3YOBEhxpG29yPN flo@la"];
last-resort = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE1hy9mPkJI+7mY2Uq6CLpuFMMLOTfiY2sRJHwpihgRt cardno:26 269 859 - Last Resort A-Key"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJPYMUVNuWr2y+FL1GxW6S6jb3BWYhbzJ2zhvQVKu2ll cardno:23 845 763 - Last Resort C-key"
];
in {
"root" = flo ++ last-resort;
inherit flo last-resort;
}
{ "hostId" = "00000001";
"interface" = "eno1";
"publicIPv4" = "176.113.72.38";
"prefixLength" = 30;
"gateway" = "176.113.72.37";
"gatewayInterface" = "eno1";
"grubDeviceID" = "wwn-0x5000cca25cc08d27";
}
# NixOS configuration specific to this node
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.kernel.sysctl = { "vm.swappiness" = 1; };
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f72c1f46-6723-45bf-9ef7-92f31cc37589";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/cb3a16e1-d811-4659-be42-15e5e35cd37a";
fsType = "ext4";
};
# Manually created using:
# zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25cc06670,wwn-0x5000cca244c94a41,wwn-0x5000cca24ceb8bb4,wwn-0x500003983bd01315,wwn-0x500003983bd812b2,wwn-0x5000cca25cc09d0c,wwn-0x5000c500921dd6b6}
fileSystems."/storage" =
{ device = "root";
fsType = "zfs";
};
swapDevices = [ {
device = "/var/swapfile";
size = 8192; # megabytes
randomEncryption = true;
} ];
nix.settings.max-jobs = lib.mkDefault 24;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
{ "hostId" = "00000002";
"interface" = "eno1";
"publicIPv4" = "37.120.214.110";
"prefixLength" = 30;
"gateway" = "37.120.214.109";
"gatewayInterface" = "eno1";
"grubDeviceID" = "wwn-0x5000cca25dccb3dc";
}
# NixOS configuration specific to this node
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.kernel.sysctl = { "vm.swappiness" = 1; };
fileSystems."/" =
{ device = "/dev/disk/by-uuid/0e92ada9-effb-42e2-a26a-9cdb529bcdc7";
fsType = "ext4";
};
# Manually created using:
# zpool create -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25dcc966d,wwn-0x5000cca24cec02e3,wwn-0x5000cca25dcc7711,wwn-0x5000cca25dccca63,wwn-0x5000cca25dcc74b6,wwn-0x5000cca25dcc4591,wwn-0x5000cca25dcc4461}
fileSystems."/storage" = {
device = "root";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/50b73d78-12cd-4599-a774-57af14e6d9f7";
fsType = "ext4";
};
swapDevices = [ {
device = "/var/swapfile";
size = 8192; # megabytes
randomEncryption = true;
} ];
nix.settings.max-jobs = lib.mkDefault 24;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
{ "hostId" = "00000003";
"interface" = "eno1";
"publicIPv4" = "45.83.89.186";
"prefixLength" = 30;
"gateway" = "45.83.89.185";
"gatewayInterface" = "eno1";
"grubDeviceID" = "wwn-0x5000039a8bc00766";
}
# NixOS configuration specific to this node
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.supportedFilesystems = [ "zfs" ];
boot.kernel.sysctl = { "vm.swappiness" = 1; };
fileSystems."/" =
{ device = "/dev/disk/by-uuid/240fc1f6-cd55-48a3-ac80-5b3550a32ef5";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-label/boot";
fsType = "ext4";
};
# Manually created using:
# zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca249d43969,wwn-0x5000039a8bc0075e,wwn-0x5000cca249d44a67,wwn-0x5000cca249d46730,wwn-0x5000cca25dcc719c,wwn-0x5000cca25dcc0241,wwn-0x5000039a8bc00765}
fileSystems."/storage" =
{ device = "root";
fsType = "zfs";
};
swapDevices = [ {
device = "/var/swapfile";
size = 8192; # megabytes
randomEncryption = true;
} ];
nix.settings.max-jobs = lib.mkDefault 24;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
{ "hostId" = "00000004";
"interface" = "eno1";
"publicIPv4" = "87.101.93.198";
"prefixLength" = 30;
"gateway" = "87.101.93.197";
"gatewayInterface" = "eno1";
"grubDeviceID" = "wwn-0x5000cca249d45533";
}
# NixOS configuration specific to this node
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.kernel.sysctl = { "vm.swappiness" = 1; };
fileSystems."/" =
{ device = "/dev/disk/by-uuid/d628122e-05d9-4212-b6a5-4b9516d85dbe";
fsType = "ext4";
};
# Manually created using:
# zpool create -f -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25cc0b6f9,wwn-0x5000cca25cc073af,wwn-0x5000cca25dcca3b5,wwn-0x5000cca25cc0addc,wwn-0x5000cca25cc08772,wwn-0x5000cca25dcc6f5f,wwn-0x5000cca25dcc4491}
fileSystems."/storage" =
{ device = "root";
fsType = "zfs";
};
swapDevices = [ {
device = "/var/swapfile";
size = 8192; # megabytes
randomEncryption = true;
} ];
nix.settings.max-jobs = lib.mkDefault 32;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
{ "hostId" = "00000005";
"interface" = "eno1";
"publicIPv4" = "193.148.18.206";
"prefixLength" = 30;
"gateway" = "193.148.18.205";
"gatewayInterface" = "eno1";
"grubDeviceID" = "wwn-0x5000cca25dcc78b5";
}
# NixOS configuration specific to this node
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.kernel.sysctl = { "vm.swappiness" = 1; };
fileSystems."/" =
{ device = "/dev/disk/by-uuid/2653c6bb-396f-4911-b9ff-b68de8f9715d";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/68edb827-6750-483d-891e-462333f2dbc1";
fsType = "ext4";
};
# Manually created using:
# zpool create -m legacy -o ashift=12 root raidz /dev/disk/by-id/{wwn-0x5000cca25dcc7721,wwn-0x5000cca25dcb2ebe,wwn-0x5000cca25dcb1184,scsi-35000cca25dcca2bd,wwn-0x5000cca244c977af,wwn-0x5000cca244c97e6e,wwn-0x5000cca25cc0a136}
fileSystems."/storage" = {
device = "root";
fsType = "zfs";
};
swapDevices = [ {
device = "/var/swapfile";
size = 8192; # megabytes
randomEncryption = true;
} ];
nix.settings.max-jobs = lib.mkDefault 32;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
private-keys
{ "domain": "privatestorage-staging.com"
, "publicStoragePort": 8898
, "privateKeyPath": "./private-keys"
, "publicKeyPath": "./public-keys"
, "monitoringvpnEndpoint": "monitoring.privatestorage-staging.com:51820"
, "passValue": 1000000
, "issuerDomains": [
"payments.privatestorage-staging.com"
, "payments.extra.privatestorage-staging.com"
]
, "monitoringDomains": [
"monitoring.privatestorage-staging.com"
, "monitoring.extra.privatestorage-staging.com"
]
, "letsEncryptAdminEmail": "jean-paul@privatestorage.io"
, "allowedChargeOrigins": [
"http://localhost:5000"
, "https://privatestorage-staging.com"
]
, "monitoringGoogleOAuthClientID": "802959152038-6esn1c6u2lm3j82lf29jvmn8s63hi8dc.apps.googleusercontent.com"
}
# See morph/grid/local/grid.nix for additional commentary.
let
gridlib = import ../../lib;
grid-config = builtins.fromJSON (builtins.readFile ./config.json);
# Module with per-grid configuration
grid-module = {config, ...}: {
imports = [
gridlib.base
# Allow us to remotely trigger updates to this system.
../../../nixos/modules/deployment.nix
# Give it a good SSH configuration.
../../../nixos/modules/ssh.nix
];
services.private-storage.sshUsers = import ./public-keys/users.nix;
networking.domain = grid-config.domain;
# Convert relative paths to absolute so library code can resolve names
# correctly.
grid = {
publicKeyPath = toString ./. + "/${grid-config.publicKeyPath}";
privateKeyPath = toString ./. + "/${grid-config.privateKeyPath}";
inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail;
};
# Configure deployment management authorization for all systems in the grid.
services.private-storage.deployment = {
authorizedKey = builtins.readFile "${config.grid.publicKeyPath}/deploy_key.pub";
gridName = "testing";
};
};
payments = {
imports = [
gridlib.issuer
gridlib.hardware-aws
grid-module
];
config = {
grid.monitoringvpnIPv4 = "172.23.23.11";
grid.issuer = {
inherit (grid-config) issuerDomains allowedChargeOrigins;
};
};
};
storage001 = {
imports = [
gridlib.storage
gridlib.hardware-aws
./testing001-hardware.nix
grid-module
];
config = {
grid.monitoringvpnIPv4 = "172.23.23.12";
grid.storage = {
inherit (grid-config) passValue publicStoragePort;
};
system.stateVersion = "19.03";
};
};
monitoring = {
imports = [
gridlib.monitoring
gridlib.hardware-aws
grid-module
];
config = {
grid.monitoringvpnIPv4 = "172.23.23.1";
grid.monitoring = {
inherit paymentExporterTargets blackboxExporterHttpsTargets;
inherit (grid-config) monitoringDomains;
googleOAuthClientID = grid-config.monitoringGoogleOAuthClientID;
enableZulipAlert = true;
};
system.stateVersion = "19.09";
};
};
# TBD: derive these automatically:
paymentExporterTargets = [ "payments.monitoringvpn" ];
blackboxExporterHttpsTargets = [
"https://privatestorage-staging.com/"
"https://www.privatestorage-staging.com/"
"https://extra.privatestorage-staging.com/"
"https://www.extra.privatestorage-staging.com/"
"https://payments.privatestorage-staging.com/"
"https://payments.extra.privatestorage-staging.com/"
"https://monitoring.privatestorage-staging.com/"
"https://monitoring.extra.privatestorage-staging.com/"
];
in {
network = {
description = "PrivateStorage.io Testing Grid";
inherit (gridlib) pkgs;
};
inherit payments monitoring storage001;
}
p2kt6691@p2kt6691.repo.borgbase.com:repo