Chore: move more implementation details out of service definitions
This commit is contained in:
parent
0693336769
commit
45d0e19862
|
@ -93,7 +93,11 @@ in
|
||||||
gpu.amd.enable = true;
|
gpu.amd.enable = true;
|
||||||
|
|
||||||
# Enable support for primary RAID array
|
# Enable support for primary RAID array
|
||||||
raid.storage.enable = true;
|
raid.storage = {
|
||||||
|
enable = true;
|
||||||
|
keyFile = config.secrets.devices.storage.keyFile.path;
|
||||||
|
mailAddr = config.secrets.users.aires.email;
|
||||||
|
};
|
||||||
|
|
||||||
# Change how long old generations are kept for.
|
# Change how long old generations are kept for.
|
||||||
retentionPeriod = "30d";
|
retentionPeriod = "30d";
|
||||||
|
|
|
@ -31,6 +31,8 @@ in
|
||||||
allowRemoteGuiRpc = true;
|
allowRemoteGuiRpc = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.boinc.unitConfig.RequiresMountsFor = cfg.home;
|
||||||
|
|
||||||
# Allow connections via BOINC Manager
|
# Allow connections via BOINC Manager
|
||||||
networking.firewall.allowedTCPPorts = [ 31416 ];
|
networking.firewall.allowedTCPPorts = [ 31416 ];
|
||||||
};
|
};
|
||||||
|
|
|
@ -7,7 +7,21 @@ in
|
||||||
options = {
|
options = {
|
||||||
aux.system.raid = {
|
aux.system.raid = {
|
||||||
enable = lib.mkEnableOption "Enables RAID support.";
|
enable = lib.mkEnableOption "Enables RAID support.";
|
||||||
storage.enable = lib.mkEnableOption "Enables support for the storage array.";
|
storage = {
|
||||||
|
enable = lib.mkEnableOption "Enables support for the storage array.";
|
||||||
|
mailAddr = lib.mkOption {
|
||||||
|
default = "";
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "Address to email in case of issues.";
|
||||||
|
example = "admin@example.com";
|
||||||
|
};
|
||||||
|
keyFile = lib.mkOption {
|
||||||
|
default = "";
|
||||||
|
type = lib.types.path;
|
||||||
|
description = "Path to the key file to use to auto-unlock the array.";
|
||||||
|
example = /home/user/storage.key;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -17,12 +31,12 @@ in
|
||||||
aux.system.raid.enable = true;
|
aux.system.raid.enable = true;
|
||||||
boot.swraid.mdadmConf = ''
|
boot.swraid.mdadmConf = ''
|
||||||
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
|
ARRAY /dev/md/Sapana metadata=1.2 UUID=51076daf:efdb34dd:bce48342:3b549fcb
|
||||||
MAILADDR ${config.secrets.users.aires.email}
|
MAILADDR ${cfg.storage.mailAddr}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Auto-unlock RAID array with a key file
|
# Auto-unlock RAID array with a key file
|
||||||
environment.etc."crypttab".text = ''
|
environment.etc."crypttab".text = lib.mkIf (cfg.storage.keyFile != "") ''
|
||||||
storage /dev/md/Sapana ${config.secrets.devices.storage.keyFile.path} nofail,keyfile-timeout=5s
|
storage /dev/md/Sapana ${toString cfg.storage.keyFile} nofail,keyfile-timeout=5s
|
||||||
'';
|
'';
|
||||||
fileSystems."/storage" = {
|
fileSystems."/storage" = {
|
||||||
device = "/dev/mapper/storage";
|
device = "/dev/mapper/storage";
|
||||||
|
|
Loading…
Reference in a new issue