diff --git a/build01/configuration.nix b/build01/configuration.nix
index 7814668..bee86a5 100644
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@@ -12,9 +12,7 @@
{
imports = [
../roles/common.nix
- ../roles/hetzner/amd.nix
- ../roles/hetzner/network.nix
- ../roles/raid.nix
+ ../roles/zfs-raid.nix
../roles/builder
../roles/remote-builder/aarch64-nixos-community.nix
];
@@ -30,7 +28,7 @@
# Emulate armv7 until we have proper builders
boot.binfmt.emulatedSystems = [ "armv7l-linux" ];
- networking.nix-community.ipv6.address = "2a01:4f8:13b:2ceb::1";
+ systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:13b:2ceb::1/64";
system.stateVersion = "20.03";
}
diff --git a/build02/configuration.nix b/build02/configuration.nix
index b626553..b2d242b 100644
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@@ -3,9 +3,7 @@
{
imports = [
../roles/common.nix
- ../roles/hetzner/amd.nix
- ../roles/hetzner/network.nix
- ../roles/raid.nix
+ ../roles/zfs-raid.nix
../roles/remote-builder/aarch64-build04.nix
];
@@ -19,10 +17,9 @@
networking.hostName = "build02";
networking.hostId = "af9ccc71";
- networking.useDHCP = false;
networking.nameservers = [ "1.1.1.1" "1.0.0.1" ];
- networking.nix-community.ipv6.address = "2a01:4f9:4a:2b02::1";
+ systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:4a:2b02::1/64";
system.stateVersion = "20.09";
}
diff --git a/build03/configuration.nix b/build03/configuration.nix
index 504d7db..b18bf18 100644
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@@ -11,10 +11,8 @@
# $ nixos-enter
imports = [
../roles/common.nix
- ../roles/hetzner/amd.nix
- ../roles/hetzner/network.nix
../roles/hercules-ci
- ../roles/raid.nix
+ ../roles/zfs-raid.nix
../roles/remote-builder/aarch64-build04.nix
../services/hound
@@ -27,7 +25,7 @@
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
- networking.nix-community.ipv6.address = "2a01:4f9:3a:3b16::1";
+ systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3a:3b16::1/64";
networking.hostName = "build03";
networking.hostId = "8daf74c0";
diff --git a/flake.lock b/flake.lock
index fafc3b7..3fc144b 100644
--- a/flake.lock
+++ b/flake.lock
@@ -255,11 +255,11 @@
]
},
"locked": {
- "lastModified": 1672348966,
- "narHash": "sha256-72Ejzcyx47eMrzGYW9deVbirB8JpPRU0UpoBpFW03PA=",
+ "lastModified": 1672603492,
+ "narHash": "sha256-2ihfON0EhEeL8yO8IbnD38QUAC+NmpLKQw2y6Y4+47E=",
"owner": "numtide",
"repo": "srvos",
- "rev": "0b3a8aa5d6d54684161bc1752933fc1dc2445aef",
+ "rev": "791e64c72c6c1b878654ff36bc95d64ae6b4b41e",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index 1fab8a6..d11f497 100644
--- a/flake.nix
+++ b/flake.nix
@@ -64,7 +64,7 @@
inputs.sops-nix.nixosModules.sops
inputs.srvos.nixosModules.server
- inputs.srvos.nixosModules.telegraf
+ inputs.srvos.nixosModules.mixins-telegraf
{ networking.firewall.allowedTCPPorts = [ 9273 ]; }
];
in
@@ -75,6 +75,7 @@
common
++ [
./build01/configuration.nix
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
];
};
@@ -92,7 +93,8 @@
;
})
./build02/configuration.nix
- inputs.srvos.nixosModules.nginx
+ inputs.srvos.nixosModules.mixins-nginx
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
];
};
@@ -105,7 +107,8 @@
inherit (inputs) nur-update;
})
./build03/configuration.nix
- inputs.srvos.nixosModules.nginx
+ inputs.srvos.nixosModules.mixins-nginx
+ inputs.srvos.nixosModules.hardware-hetzner-online-amd
];
};
diff --git a/roles/hetzner/network.nix b/roles/hetzner/network.nix
deleted file mode 100644
index 112c96f..0000000
--- a/roles/hetzner/network.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
- cfg = config.networking.nix-community;
-in
-{
- options = {
- networking.nix-community.ipv6.address = mkOption {
- type = types.str;
- };
-
- networking.nix-community.ipv6.cidr = mkOption {
- type = types.str;
- default = "64";
- };
-
- networking.nix-community.ipv6.gateway = mkOption {
- type = types.str;
- default = "fe80::1";
- };
- };
-
- config = {
- networking.usePredictableInterfaceNames = false;
- networking.dhcpcd.enable = false;
- # Don't take down the network for too long, this will use `systemctl
- # restart` rather than stopping it with `systemctl stop` followed by a
- # delayed `systemctl start`
- systemd.services.systemd-networkd.stopIfChanged = true;
-
- systemd.network = {
- enable = true;
- networks."ethernet".extraConfig = ''
- [Match]
- Type = ether
- [Network]
- DHCP = ipv4
- Address = ${cfg.ipv6.address}/${cfg.ipv6.cidr}
- Gateway = ${cfg.ipv6.gateway}
- '';
- };
- };
-}
diff --git a/roles/hetzner/amd.nix b/roles/zfs-raid.nix
similarity index 60%
rename from roles/hetzner/amd.nix
rename to roles/zfs-raid.nix
index 5d0cd75..1a45475 100644
--- a/roles/hetzner/amd.nix
+++ b/roles/zfs-raid.nix
@@ -1,21 +1,7 @@
-{ modulesPath, ... }:
-
{
- imports = [
- "${modulesPath}/installer/scan/not-detected.nix"
- ];
-
- boot.initrd.availableKernelModules = [
- "xhci_pci"
- "ahci"
- # SATA ssd (only build01)
- "sd_mod"
- # NVME
- "nvme"
- ];
- boot.kernelModules = [
- "kvm-amd"
- ];
+ # for mdraid 1.1
+ boot.loader.grub.extraConfig = "insmod mdraid1x";
+ services.telegraf.extraConfig.inputs.mdstat = { };
fileSystems."/" = {
device = "zroot/root/nixos";
diff --git a/treefmt.nix b/treefmt.nix
index 86e66d3..e31f8c4 100644
--- a/treefmt.nix
+++ b/treefmt.nix
@@ -17,13 +17,22 @@
''
# First deadnix
${pkgs.lib.getExe pkgs.deadnix} --edit "$@"
+
+ for i in "$@"; do
+ ${pkgs.lib.getExe pkgs.statix} fix "$i"
+ done
+
# Then nixpkgs-fmt
${pkgs.lib.getExe pkgs.nixpkgs-fmt} "$@"
''
"--"
];
includes = [ "*.nix" ];
- excludes = [ "nix/sources.nix" ];
+ excludes = [
+ "nix/sources.nix"
+ # vendored from external source
+ "build02/packages-with-update-script.nix"
+ ];
};
python = {