Richie/dotfiles
1
0
Fork 0
mirror of https://github.com/RichieCahill/dotfiles.git synced 2026-04-17 13:08:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

created storage/secrets

Browse Source
This commit is contained in:
Richie Cahill
2024-10-08 20:48:23 -04:00
parent 14b6f14532
commit ee72ea2cee
6 changed files with 23 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
systems/jeeves/docker/internal.nix
View File

@@ -52,7 +52,7 @@ in
DELUGE_DAEMON_LOG_LEVEL = "debug"; DELUGE_DAEMON_LOG_LEVEL = "debug";
DELUGE_WEB_LOG_LEVEL = "debug"; DELUGE_WEB_LOG_LEVEL = "debug";
}; };
environmentFiles = [/root/secrets/docker/qbitvpn]; environmentFiles = ["${vars.storage_secrets}/docker/qbitvpn"];
autoStart = true; autoStart = true;
}; };
bazarr = { bazarr = {

4
systems/jeeves/docker/photoprism.nix
View File

@@ -52,7 +52,7 @@ in
PHOTOPRISM_GID="600"; PHOTOPRISM_GID="600";
# PHOTOPRISM_UMASK: 0000 # PHOTOPRISM_UMASK: 0000
}; };
environmentFiles = [/root/secrets/docker/photoprism]; environmentFiles = ["${vars.storage_secrets}/docker/photoprism"];
autoStart = true; autoStart = true;
dependsOn = [ "photoprism_mariadb" ]; dependsOn = [ "photoprism_mariadb" ];
extraOptions = [ "--network=web" ]; extraOptions = [ "--network=web" ];
@@ -66,7 +66,7 @@ in
MARIADB_DATABASE = "photoprism"; MARIADB_DATABASE = "photoprism";
MARIADB_USER = "photoprism"; MARIADB_USER = "photoprism";
}; };
environmentFiles = [/root/secrets/docker/photoprism]; environmentFiles = ["${vars.storage_secrets}/docker/photoprism"];
cmd = [ "--innodb-buffer-pool-size=512M" "--transaction-isolation=READ-COMMITTED" "--character-set-server=utf8mb4" "--collation-server=utf8mb4_unicode_ci" "--max-connections=512" "--innodb-rollback-on-timeout=OFF" "--innodb-lock-wait-timeout=120" ]; cmd = [ "--innodb-buffer-pool-size=512M" "--transaction-isolation=READ-COMMITTED" "--character-set-server=utf8mb4" "--collation-server=utf8mb4_unicode_ci" "--max-connections=512" "--innodb-rollback-on-timeout=OFF" "--innodb-lock-wait-timeout=120" ];
autoStart = true; autoStart = true;
extraOptions = [ "--network=web" ]; extraOptions = [ "--network=web" ];

4
systems/jeeves/docker/web.nix
View File

@@ -26,7 +26,7 @@ in
TZ = "Etc/EST"; TZ = "Etc/EST";
}; };
volumes = [ volumes = [
"/root/secrets/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem" "${vars.storage_secrets}/docker/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
"${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg" "${./haproxy.cfg}:/usr/local/etc/haproxy/haproxy.cfg"
]; ];
dependsOn = [ dependsOn = [
@@ -47,7 +47,7 @@ in
"tunnel" "tunnel"
"run" "run"
]; ];
environmentFiles = [/root/secrets/docker/cloud_flare_tunnel]; environmentFiles = ["${vars.storage_secrets}/docker/cloud_flare_tunnel"];
dependsOn = [ "haproxy" ]; dependsOn = [ "haproxy" ];
extraOptions = [ "--network=web" ]; extraOptions = [ "--network=web" ];
autoStart = true; autoStart = true;

15
systems/jeeves/scripts/datasets.sh
View File

@@ -2,27 +2,34 @@
# zpools # zpools
# media
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/media media mirror sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/media media mirror
sudo zpool add media -o ashift=12 special mirror sudo zpool add media -o ashift=12 special mirror
# storage
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/storage storage sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/storage storage
sudo zpool add storage -o ashift=12 special mirror sudo zpool add storage -o ashift=12 special mirror
sudo zpool add storage -o ashift=12 logs mirror sudo zpool add storage -o ashift=12 logs mirror
# torrenting
sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/torrenting torrenting sudo zpool create -o ashift=12 -O acltype=posixacl -O atime=off -O dnodesize=auto -O xattr=sa -O zstd -m /zfs/torrenting torrenting
# media datasets # media datasets
sudo zfs create -o compression=zstd-9 media/plex
sudo zfs create -o compression=zstd-9 media/docker sudo zfs create -o compression=zstd-9 media/docker
sudo zfs create -o exec=off media/mirror
sudo zfs create -o exec=off media/minio sudo zfs create -o exec=off media/minio
sudo zfs create -o exec=off media/mirror
sudo zfs create -o copies=3 media/notes sudo zfs create -o copies=3 media/notes
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/postgres media/postgres
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/photoprism_mariadb media/photoprism_mariadb sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/photoprism_mariadb media/photoprism_mariadb
sudo zfs create -o compression=zstd-9 media/plex
sudo zfs create -o recordsize=16k -o primarycache=metadata -o mountpoint=/zfs/media/database/postgres media/postgres
# storage datasets # storage datasets
sudo zfs create -o recordsize=16K -o compression=zstd-19 -o copies=2 storage/photos
sudo zfs create -o recordsize=1M -o compression=zstd-19 storage/archive sudo zfs create -o recordsize=1M -o compression=zstd-19 storage/archive
sudo zfs create -o compression=zstd-19 storage/main
sudo zfs create -o recordsize=16K -o compression=zstd-19 -o copies=2 storage/photos
sudo zfs create -o recordsize=1M -o compression=zstd-19 storage/plex
sudo zfs create -o compression=zstd-19 -o copies=3 storage/secrets
sudo zfs create -o compression=zstd-19 storage/syncthing
# torrenting datasets # torrenting datasets
sudo zfs create -o recordsize=16K -o exec=off -o sync=disabled torrenting/qbit sudo zfs create -o recordsize=16K -o exec=off -o sync=disabled torrenting/qbit

5
systems/jeeves/services.nix
View File

@@ -3,6 +3,9 @@
pkgs, pkgs,
... ...
}: }:
let
vars = import ../vars.nix;
in
{ {
systemd = { systemd = {
services = { services = {
@@ -20,7 +23,7 @@
description = "validates startup"; description = "validates startup";
path = [ pkgs.zfs ]; path = [ pkgs.zfs ];
serviceConfig = { serviceConfig = {
EnvironmentFile = "/root/secrets/services/server-validation"; EnvironmentFile = "${vars.storage_secrets}/services/server-validation";
Type = "oneshot"; Type = "oneshot";
ExecStart = "${inputs.system_tools.packages.x86_64-linux.default}/bin/validate_jeeves"; ExecStart = "${inputs.system_tools.packages.x86_64-linux.default}/bin/validate_jeeves";
}; };

5
systems/jeeves/vars.nix
View File

@@ -14,9 +14,10 @@ in
media_plex = "${zfs_media}/plex"; media_plex = "${zfs_media}/plex";
# storage # storage
storage_main = "${zfs_storage}/main"; storage_main = "${zfs_storage}/main";
storage_plex = "${zfs_storage}/plex";
storage_syncthing = "${zfs_storage}/syncthing";
storage_photos = "${zfs_storage}/photos"; storage_photos = "${zfs_storage}/photos";
storage_plex = "${zfs_storage}/plex";
storage_secrets = "${zfs_storage}/secrets";
storage_syncthing = "${zfs_storage}/syncthing";
# torrenting # torrenting
torrenting_qbit = "${zfs_torrenting}/qbit"; torrenting_qbit = "${zfs_torrenting}/qbit";
torrenting_qbitvpn = "${zfs_torrenting}/qbitvpn"; torrenting_qbitvpn = "${zfs_torrenting}/qbitvpn";