Richie/dotfiles
1
0
Fork 0
mirror of https://github.com/RichieCahill/dotfiles.git synced 2026-04-17 04:58:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

created storage/secrets

Browse Source
This commit is contained in:
Richie Cahill
2024-10-08 20:48:23 -04:00
parent 14b6f14532
commit ee72ea2cee
6 changed files with 23 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
systems/jeeves/docker/internal.nix
View File

@@ -52,7 +52,7 @@ in
DELUGE_DAEMON_LOG_LEVEL = "debug";
DELUGE_WEB_LOG_LEVEL = "debug";
};
environmentFiles = [/root/secrets/docker/qbitvpn];
environmentFiles = ["${vars.storage_secrets}/docker/qbitvpn"];
autoStart = true;
};
bazarr = {

4
systems/jeeves/docker/photoprism.nix
View File

@@ -52,7 +52,7 @@ in
PHOTOPRISM_GID="600";
# PHOTOPRISM_UMASK: 0000
};
environmentFiles = [/root/secrets/docker/photoprism];
environmentFiles = ["${vars.storage_secrets}/docker/photoprism"];
autoStart = true;
dependsOn = [ "photoprism_mariadb" ];
extraOptions = [ "--network=web" ];
@@ -66,7 +66,7 @@ in
MARIADB_DATABASE = "photoprism";
MARIADB_USER = "photoprism";
};
environmentFiles = [/root/secrets/docker/photoprism];
environmentFiles = ["${vars.storage_secrets}/docker/photoprism"];
cmd = [ "--innodb-buffer-pool-size=512M" "--transaction-isolation=READ-COMMITTED" "--character-set-server=utf8mb4" "--collation-server=utf8mb4_unicode_ci" "--max-connections=512" "--innodb-rollback-on-timeout=OFF" "--innodb-lock-wait-timeout=120" ];
autoStart = true;
extraOptions = [ "--network=web" ];

4
systems/jeeves/docker/web.nix
View File

@@ -26,7 +26,7 @@ in
TZ = "Etc/EST";
};
volumes = [
"/root/secrets/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
"${vars.storage_secrets}/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
"${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
];
dependsOn = [
@@ -47,7 +47,7 @@ in
"tunnel"
"run"
];
environmentFiles = [/root/secrets/docker/cloud_flare_tunnel];
environmentFiles = ["${vars.storage_secrets}/docker/cloud_flare_tunnel"];
dependsOn = [ "haproxy" ];
extraOptions = [ "--network=web" ];
autoStart = true;

15
systems/jeeves/scripts/datasets.sh
View File

@@ -2,27 +2,34 @@
# zpools
# media
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/media media mirror
sudo zpool add media -o ashift=12 special mirror
# storage
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/storage storage
sudo zpool add storage -o ashift=12 special mirror
sudo zpool add storage -o ashift=12 logs mirror
# torrenting
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/torrenting torrenting
# media datasets
sudo zfs create -o compression=zstd-9 media/plex
sudo zfs create -o compression=zstd-9 media/docker
sudo zfs create -o exec=off media/mirror
sudo zfs create -o exec=off media/minio
sudo zfs create -o exec=off media/mirror
sudo zfs create -o copies=3 media/notes
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/postgres media/postgres
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/photoprism_mariadb media/photoprism_mariadb
sudo zfs create -o compression=zstd-9 media/plex
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/postgres media/postgres
# storage datasets
sudo zfs create -o recordsize=16K -o compression=zstd-19 -o copies=2 storage/photos
sudo zfs create -o recordsize=1M -o compression=zstd-19 storage/archive
sudo zfs create -o compression=zstd-19 storage/main
sudo zfs create -o recordsize=16K -o compression=zstd-19 -o copies=2 storage/photos
sudo zfs create -o recordsize=1M -o compression=zstd-19 storage/plex
sudo zfs create -o compression=zstd-19 -o copies=3 storage/secrets
sudo zfs create -o compression=zstd-19 storage/syncthing
# torrenting datasets
sudo zfs create -o recordsize=16K -o exec=off -o sync=disabled torrenting/qbit

5
systems/jeeves/services.nix
View File

@@ -3,6 +3,9 @@
pkgs,
...
}:
let
vars = import ../vars.nix;
in
{
systemd = {
services = {
@@ -20,7 +23,7 @@
description = "validates startup";
path = [ pkgs.zfs ];
serviceConfig = {
EnvironmentFile = "/root/secrets/services/server-validation";
EnvironmentFile = "${vars.storage_secrets}/services/server-validation";
Type = "oneshot";
ExecStart = "${inputs.system_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
};

5
systems/jeeves/vars.nix
View File

@@ -14,9 +14,10 @@ in
media_plex = "${zfs_media}/plex";
# storage
storage_main = "${zfs_storage}/main";
storage_plex = "${zfs_storage}/plex";
storage_syncthing = "${zfs_storage}/syncthing";
storage_photos = "${zfs_storage}/photos";
storage_plex = "${zfs_storage}/plex";
storage_secrets = "${zfs_storage}/secrets";
storage_syncthing = "${zfs_storage}/syncthing";
# torrenting
torrenting_qbit = "${zfs_torrenting}/qbit";
torrenting_qbitvpn = "${zfs_torrenting}/qbitvpn";