From 0be91e4803da51d7ec5a1d2f94dc40dd26aec486 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Wed, 26 Jun 2024 22:25:40 +0200 Subject: [PATCH] fix(web02): Use the correct fs configuration --- machines/web02/_configuration.nix | 7 +++++-- machines/web02/_hardware-configuration.nix | 14 ++++++++++++-- machines/web02/monitoring.nix | 1 - 3 files changed, 17 insertions(+), 5 deletions(-) delete mode 100644 machines/web02/monitoring.nix diff --git a/machines/web02/_configuration.nix b/machines/web02/_configuration.nix index f205973..7ff7dc1 100644 --- a/machines/web02/_configuration.nix +++ b/machines/web02/_configuration.nix @@ -8,7 +8,6 @@ lib.extra.mkConfig { enabledServices = [ # List of services to enable - "monitoring" ]; extraConfig = { @@ -17,7 +16,11 @@ lib.extra.mkConfig { "sshd-timeout" ]; - services.netbird.enable = true; + # Restrict access to this node + dgn-access-control.users.root = [ "thubrecht" ]; + + # Disable monitoring + dgn-node-monitoring.enable = false; }; root = ./.; diff --git a/machines/web02/_hardware-configuration.nix b/machines/web02/_hardware-configuration.nix index 58de3d3..b7283ca 100644 --- a/machines/web02/_hardware-configuration.nix +++ b/machines/web02/_hardware-configuration.nix @@ -17,6 +17,11 @@ "virtio_blk" ]; kernelModules = [ ]; + + luks.devices."main" = { + device = "/dev/disk/by-uuid/0092c3d6-97ce-40aa-9773-6b85fa0dfec8"; + tryEmptyPassphrase = true; + }; }; kernelModules = [ "kvm-intel" ]; @@ -25,13 +30,18 @@ fileSystems = { "/" = { - device = "/dev/disk/by-uuid/8725c242-144d-495b-8ce4-6f0cef7c8ee3"; - fsType = "btrfs"; + device = "/dev/disk/by-uuid/f7f94fec-cdd3-4e61-b93f-18447a395018"; + fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-uuid/84F6-E7A3"; fsType = "vfat"; + + options = [ + "fmask=0022" + "dmask=0022" + ]; }; }; diff --git a/machines/web02/monitoring.nix b/machines/web02/monitoring.nix deleted file mode 100644 index a956127..0000000 --- a/machines/web02/monitoring.nix +++ /dev/null @@ -1 +0,0 @@ -{ dgn-node-monitoring.enable = false; }