Compare commits
3 commits
92175a2020
...
cbfd905378
Author | SHA1 | Date | |
---|---|---|---|
cbfd905378 | |||
52fccdd546 | |||
1818f85bdc |
4 changed files with 122 additions and 8 deletions
16
nixos/hosts/gandalf/config/disks.nix
Normal file
16
nixos/hosts/gandalf/config/disks.nix
Normal file
|
@ -0,0 +1,16 @@
|
|||
[
|
||||
"/dev/disk/by-id/ata-Seagate_IronWolfPro_ZA240NX10001-2ZH100_7TF002RA"
|
||||
"/dev/disk/by-id/nvme-Samsung_SSD_960_EVO_250GB_S3ESNX0K308438J"
|
||||
"/dev/disk/by-id/scsi-350000c0f01da4b40"
|
||||
"/dev/disk/by-id/scsi-350000c0f01e7d190"
|
||||
"/dev/disk/by-id/scsi-350000c0f01ea443c"
|
||||
"/dev/disk/by-id/scsi-350000c0f01f8230c"
|
||||
"/dev/disk/by-id/scsi-35000c500586e5057"
|
||||
"/dev/disk/by-id/scsi-35000c500624a0ddb"
|
||||
"/dev/disk/by-id/scsi-35000c500624a1a8b"
|
||||
"/dev/disk/by-id/scsi-35000cca046135ad8"
|
||||
"/dev/disk/by-id/scsi-35000cca04613722c"
|
||||
"/dev/disk/by-id/scsi-35000cca0461810f8"
|
||||
"/dev/disk/by-id/scsi-35000cca04618b930"
|
||||
"/dev/disk/by-id/scsi-35000cca04618cec4"
|
||||
]
|
|
@ -1,9 +1,12 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# Do not modify this file! It was generated by 'nixos-generate-config'
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, modulesPath, inputs, ... }:
|
||||
let
|
||||
sanoidConfig = import ./config/sanoid.nix { };
|
||||
disks = import ./config/disks.nix;
|
||||
smartdDevices = map (device: { inherit device; }) disks;
|
||||
|
||||
in
|
||||
{
|
||||
imports =
|
||||
|
@ -86,12 +89,9 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
# no de
|
||||
services = {
|
||||
xserver = {
|
||||
enable = false;
|
||||
displayManager.gdm.enable = false;
|
||||
desktopManager.gnome.enable = false;
|
||||
smartd = {
|
||||
devices = smartdDevices;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -128,14 +128,22 @@ in
|
|||
podman.enable = true;
|
||||
libvirt-qemu.enable = true;
|
||||
|
||||
# Scrutiny
|
||||
scrutiny = {
|
||||
enable = true;
|
||||
devices = disks;
|
||||
extraCapabilities = [ "SYS_RAWIO" ];
|
||||
containerVolumeLocation = "/eru/containers/volumes/scrutiny";
|
||||
port = 8585;
|
||||
};
|
||||
|
||||
# Sanoid
|
||||
sanoid = {
|
||||
enable = true;
|
||||
inherit (sanoidConfig.outputs) templates datasets;
|
||||
};
|
||||
|
||||
# Unifi & Lego-Auto
|
||||
# unifi.enable = true;
|
||||
# Lego-Auto for SSL Certificates
|
||||
lego-auto = {
|
||||
enable = true;
|
||||
dnsimpleTokenPath = "${config.sops.secrets."lego/dnsimple/token".path}";
|
||||
|
|
|
@ -3,5 +3,6 @@
|
|||
./backrest
|
||||
./lego-auto
|
||||
./unifi
|
||||
./scrutiny
|
||||
];
|
||||
}
|
||||
|
|
89
nixos/modules/nixos/containers/scrutiny/default.nix
Normal file
89
nixos/modules/nixos/containers/scrutiny/default.nix
Normal file
|
@ -0,0 +1,89 @@
|
|||
{ lib, config, ... }:
|
||||
with lib;
|
||||
let
|
||||
app = "scrutiny";
|
||||
# renovate: depName=AnalogJ/scrutiny datasource=github-releases
|
||||
version = "v0.8.1";
|
||||
cfg = config.mySystem.services.${app};
|
||||
in
|
||||
{
|
||||
options.mySystem.services.${app} = {
|
||||
enable = mkEnableOption "${app}";
|
||||
|
||||
# Port to expose the web ui on.
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 8080;
|
||||
description = ''
|
||||
Port to expose the web ui on.
|
||||
'';
|
||||
example = 8080;
|
||||
};
|
||||
# Location where the container will store its data.
|
||||
containerVolumeLocation = mkOption {
|
||||
type = types.str;
|
||||
default = "/mnt/data/containers/${app}";
|
||||
description = ''
|
||||
The location where the container will store its data.
|
||||
'';
|
||||
example = "/mnt/data/containers/${app}";
|
||||
};
|
||||
|
||||
# podman equivalent:
|
||||
# --device /dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
devices = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
description = ''
|
||||
Devices to monitor on Scrutiny.
|
||||
'';
|
||||
example = [
|
||||
"/dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
|
||||
];
|
||||
};
|
||||
|
||||
# podman equivalent:
|
||||
# --cap-add SYS_RAWIO
|
||||
extraCapabilities = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [
|
||||
"SYS_RAWIO"
|
||||
];
|
||||
description = ''
|
||||
Extra capabilities to add to the container.
|
||||
'';
|
||||
example = [
|
||||
"SYS_RAWIO"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
virtualisation.oci-containers.containers.${app} = {
|
||||
image = "ghcr.io/analogj/scrutiny:${version}-omnibus";
|
||||
autoStart = true;
|
||||
|
||||
ports = [
|
||||
"${toString cfg.port}:8080" # web ui
|
||||
"8086:8086" # influxdb2
|
||||
];
|
||||
|
||||
environment = {
|
||||
TZ = "America/Chicago";
|
||||
};
|
||||
|
||||
volumes = [
|
||||
"${cfg.containerVolumeLocation}:/opt/scrutiny/config"
|
||||
"${cfg.containerVolumeLocation}/influxdb2:/opt/scrutiny/influxdb"
|
||||
"/run/udev:/run/udev:ro"
|
||||
];
|
||||
|
||||
# Merge the devices and extraCapabilities into the extraOptions property
|
||||
# using the --device and --cap-add flags
|
||||
extraOptions =
|
||||
(map (disk: "--device=${toString disk}") cfg.devices)
|
||||
++
|
||||
(map (cap: "--cap-add=${cap}") cfg.extraCapabilities);
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue