John Ogle
8bb20bf05e
Create configuration to migrate john-endesktop from Arch Linux to NixOS while maintaining existing ZFS pools (media JBOD and swarmvols mirror) and NFS exports for k3s cluster. Configuration includes: - ZFS support with automatic pool import - NFS server exporting both pools to 10.0.0.0/24 - Correct ZFS hostid (007f0101) to resolve hostid warnings - Btrfs root filesystem on nvme0n1p5 (810GB) - Comprehensive migration plan with rollback procedures The migration is designed to be safe with Arch Linux remaining bootable as a fallback until NixOS is verified stable.
113 lines
2.4 KiB
Nix
113 lines
2.4 KiB
Nix
# NixOS configuration for john-endesktop (ZFS/NFS server)
|
|
# Migrated from Arch Linux to provide ZFS pools via NFS to k3s cluster
|
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
];
|
|
|
|
# Boot configuration
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
# ZFS support
|
|
boot.supportedFilesystems = [ "zfs" ];
|
|
boot.zfs.forceImportRoot = false;
|
|
boot.zfs.extraPools = [ "media" "swarmvols" ];
|
|
|
|
# Set ZFS hostid to match current system (from Arch Linux)
|
|
# This resolves the hostid mismatch warnings
|
|
networking.hostId = "007f0101";
|
|
|
|
# Hostname
|
|
networking.hostName = "john-endesktop";
|
|
|
|
# Network configuration - using DHCP on enp0s31f6
|
|
networking.useDHCP = false;
|
|
networking.interfaces.enp0s31f6.useDHCP = true;
|
|
|
|
# NFS Server configuration
|
|
services.nfs.server = {
|
|
enable = true;
|
|
|
|
# NFS protocol versions
|
|
# v3 for broader compatibility, v4 for better performance
|
|
exports = ''
|
|
# These are managed by ZFS sharenfs properties
|
|
# but we enable the NFS server here
|
|
'';
|
|
};
|
|
|
|
# Enable NFS4 with proper configuration
|
|
services.rpcbind.enable = true;
|
|
|
|
# Firewall configuration for NFS
|
|
networking.firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [
|
|
111 # rpcbind
|
|
2049 # nfs
|
|
4000 # nfs callback
|
|
4001 # nlockmgr
|
|
4002 # mountd
|
|
20048 # mountd
|
|
];
|
|
allowedUDPPorts = [
|
|
111 # rpcbind
|
|
2049 # nfs
|
|
4000 # nfs callback
|
|
4001 # nlockmgr
|
|
4002 # mountd
|
|
20048 # mountd
|
|
];
|
|
# Allow NFS from local network
|
|
extraCommands = ''
|
|
iptables -A nixos-fw -p tcp -s 10.0.0.0/24 -j ACCEPT
|
|
iptables -A nixos-fw -p udp -s 10.0.0.0/24 -j ACCEPT
|
|
'';
|
|
};
|
|
|
|
# ZFS maintenance
|
|
services.zfs = {
|
|
autoScrub = {
|
|
enable = true;
|
|
interval = "monthly";
|
|
};
|
|
trim = {
|
|
enable = true;
|
|
interval = "weekly";
|
|
};
|
|
};
|
|
|
|
# Basic system packages
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
git
|
|
htop
|
|
tmux
|
|
zfs
|
|
];
|
|
|
|
# Enable SSH
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = true;
|
|
};
|
|
};
|
|
|
|
# User configuration
|
|
roles.users.enable = true;
|
|
|
|
# Time zone
|
|
time.timeZone = "America/Los_Angeles"; # Adjust as needed
|
|
|
|
# NixOS version
|
|
system.stateVersion = "25.11";
|
|
}
|