more configuration for shadowfax.

nixos/hosts/shadowfax/config/sanoid.nix

@@ -0,0 +1,17 @@
+{ ... }:
+{
+  outputs = {
+    # ZFS automated snapshots
+    templates = {
+      "production" = {
+        recursive = true;
+        autoprune = true;
+        autosnap = true;
+        hourly = 24;
+        daily = 7;
+        monthly = 12;
+      };
+    };
+    datasets = { };
+  };
+}

nixos/hosts/shadowfax/default.nix

@@ -2,6 +2,9 @@
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, inputs, ... }:
+let
+  sanoidConfig = import ./config/sanoid.nix { };
+in
 {
   imports =
     [
@@ -26,6 +29,7 @@
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBROTzSefJGJeCNUgNLbE5l4sHHg2fHUO4sCwqvP+zAd root@Gollum"
   ];
 
+
   # VSCode Compatibility Settings
   programs.nix-ld.enable = true;
   services.vscode-server = {
@@ -52,39 +56,23 @@
 
   # Network settings
   networking = {
-    hostName = "gandalf";
+    hostName = "shadowfax";
-    hostId = "e2fc95cd";
+    hostId = "a885fabe";
     useDHCP = false; # needed for bridge
     networkmanager.enable = true;
-    # TODO: Add ports specifically.
     firewall.enable = false;
     interfaces = {
-      "enp130s0f0".useDHCP = true;
+      "enp36s0f0".useDHCP = true;
-      "enp130s0f1".useDHCP = true;
+      "enp36s0f1".useDHCP = true;
     };
-
-    # For VMs
-    # bridges = {
-    #   "br0" = {
-    #     interfaces = [ "enp130s0f1" ];
-    #   };
-    # };
   };
 
   swapDevices = [ ];
 
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 
   sops = {
-    secrets = {
+    secrets = { };
-      "lego/dnsimple/token" = {
-        mode = "0444";
-        sopsFile = ./secrets.sops.yaml;
-      };
-      "borg/repository/passphrase" = {
-        sopsFile = ./secrets.sops.yaml;
-      };
-    };
   };
 
   # no de
@@ -100,38 +88,27 @@
   mySystem = {
     purpose = "Production";
     system = {
-      motd.networkInterfaces = [ "enp130s0f0" "enp130s0f1" ];
+      motd.networkInterfaces = [ "enp36s0f0" "enp36s0f1" ];
       # Incus
       incus = {
         enable = true;
       };
+
       # ZFS
       zfs.enable = true;
-      zfs.mountPoolsAtBoot = [ "eru" ];
+      # zfs.mountPoolsAtBoot = [ "eru" ];
+
       # NFS
       nfs.enable = true;
-      # Samba
+
-      samba = {
-        enable = true;
-        shares = import ./config/samba-shares.nix { };
-        extraConfig = import ./config/samba-config.nix { };
-      };
       resticBackup = {
         local.enable = false;
         remote.enable = false;
         local.noWarning = true;
         remote.noWarning = true;
       };
-      # Borg
-      # My only borg backup was for the Unifi controller. I've since installed a UDM SE.
-      # borgbackup = {
-      #   enable = true;
-      #   paths = [ "/eru/containers/volumes/unifi/" ];
-      #   exclude = [ ];
-      #   repo = "ssh://t3zvn0dd@t3zvn0dd.repo.borgbase.com/./repo";
-      #   repoKeyPath = config.sops.secrets."borg/repository/passphrase".path;
-      # };
     };
+
     services = {
       podman.enable = true;
       libvirt-qemu.enable = true;
@@ -141,16 +118,6 @@
         enable = true;
         inherit (sanoidConfig.outputs) templates datasets;
       };
-
-      # Unifi & Lego-Auto
-      # unifi.enable = true;
-      lego-auto = {
-        enable = true;
-        dnsimpleTokenPath = "${config.sops.secrets."lego/dnsimple/token".path}";
-        domains = "gandalf.jahanson.tech";
-        email = "joe@veri.dev";
-        provider = "dnsimple";
-      };
     };
   };
 }

nixos/profiles/hw-threadripperpro.nix

@@ -28,5 +28,4 @@
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   # not supported
   services.smartd.enable = false;
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }