numbus/numbus-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Trying to get mirror setup working

Browse Source
This commit is contained in:
Raphaël Numbus
2026-01-25 09:40:01 +01:00
parent d4ea4ea1a8
commit 8d2ba2b978
2 changed files with 43 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy.sh
+21 -12
View File
@@ -617,22 +617,31 @@ echo "$REMOTE_PASS" | sudo -S mkdir -p /etc/secrets/disks/
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/boot-${i}" echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/boot-${i}"
EOF EOF
done done
for i in $(seq 1 "$CONTENT_DISK_NUMBER"); do if [[ ${CONTENT_DISK_NUMBER} -ne 1 && ${PARITY_DISK_NUMBER} -ne 1 ]]; then
PASS="$(xkcdpass)" for i in $(seq 1 "$CONTENT_DISK_NUMBER"); do
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/content-${i}" PASS="$(xkcdpass)"
chmod 600 "final-nix-config/etc/secrets/disks/content-${i}" echo -n "$PASS" > "final-nix-config/etc/secrets/disks/content-${i}"
ssh_to_host 'bash -s' << EOF chmod 600 "final-nix-config/etc/secrets/disks/content-${i}"
ssh_to_host 'bash -s' << EOF
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/content-${i}" echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/content-${i}"
EOF EOF
done done
for i in $(seq 1 "$PARITY_DISK_NUMBER"); do for i in $(seq 1 "$PARITY_DISK_NUMBER"); do
PASS="$(xkcdpass)" PASS="$(xkcdpass)"
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/parity-${i}" echo -n "$PASS" > "final-nix-config/etc/secrets/disks/parity-${i}"
chmod 600 "final-nix-config/etc/secrets/disks/parity-${i}" chmod 600 "final-nix-config/etc/secrets/disks/parity-${i}"
ssh_to_host 'bash -s' << EOF ssh_to_host 'bash -s' << EOF
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/parity-${i}" echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/parity-${i}"
EOF EOF
done done
else
PASS="$(xkcdpass)"
echo -n "$PASS" > "final-nix-config/etc/secrets/disks/mirror"
chmod 600 "final-nix-config/etc/secrets/disks/mirror"
ssh_to_host 'bash -s' << EOF
echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/mirror"
EOF
fi
### Generate disk keys <-- ### Generate disk keys <--
echo -e "\n ✅ Generating sops-nix keys..." echo -e "\n ✅ Generating sops-nix keys..."
templates/nix-config/disks/mirror.nix
+22 -30
View File
@@ -1,20 +1,14 @@
# Data mirror disks
"content-1" = { "content-1" = {
type = "disk"; type = "disk";
device = "/dev/disk/by-id/ata-FUJITSU_MHW2120BH_NZ2TT772DCN5"; device = "$CONTENT_DISK_ID";
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {
"data-1" = { mdadm = {
size = "$PARTITION_SIZE"; size = "$PARTITION_SIZE";
content = { content = {
type = "luks"; type = "mdraid";
name = "crypted-content-1"; name = "raid1";
settings.keyFile = "/etc/secrets/disks/content-1";
content = {
type = "mdraid";
name = "data-storage";
};
}; };
}; };
}; };
@@ -22,35 +16,33 @@
}; };
"parity-1" = { "parity-1" = {
type = "disk"; type = "disk";
device = "/dev/disk/by-id/ata-TOSHIBA_MQ04ABF100_X7CXT0D8T"; device = "$PARITY_DISK_ID";
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {
"parity-1" = { mdadm = {
size = "$PARTITION_SIZE"; size = "$PARTITION_SIZE";
content = { content = {
type = "luks"; type = "mdraid";
name = "crypted-parity-1"; name = "raid1";
settings.keyFile = "/etc/secrets/disks/parity-1";
content = {
type = "mdraid";
name = "data-storage";
};
}; };
}; };
}; };
}; };
}; };
}; disko.devices.mdadm = {
raid1 = {
# RAID 1 Configuration type = "mdadm";
mdadm = { level = 1;
"data-storage" = { content = {
type = "mdadm"; type = "luks";
level = 1; name = "crypted-mirror";
content = { settings.keyFile = "/etc/secrets/disks/mirror";
type = "filesystem"; content = {
format = "xfs"; type = "filesystem";
mountpoint = "/mnt/data-storage"; format = "xfs";
mountpoint = "/mnt/data";
};
};
}; };
}; };