Glom NAS machine vega

machines/vega/configuration.nix

@@ -0,0 +1,60 @@
+{
+  inputs,
+  config,
+  ...
+}:
+{
+  imports = [
+    (inputs.import-tree ./services)
+
+    (import ../../lib/auto-accept-zerotier-members.nix {
+      memberIds = [
+        "dbe44c0287" # Alex-gateway
+        "1b495eede9" # kurogeek-thinkpad
+      ];
+    })
+  ];
+
+  clan.core.sops.defaultGroups = [ "admins" ];
+
+  nixpkgs.hostPlatform = {
+    system = "x86_64-linux";
+  };
+
+  clan.core.vars.generators.vega-public-domain = {
+    files.name.secret = false;
+
+    prompts = {
+      name = {
+        persist = true;
+        type = "line";
+        description = "Base public domain for Vega machine. Default:(glomglom.fun)";
+      };
+    };
+
+    script = ''cat $prompts/name || echo -n "glomglom.fun" > $out/name'';
+  };
+
+  clan.core.vars.generators.vega-internal-domain = {
+    files.name.secret = false;
+
+    prompts = {
+      name = {
+        persist = true;
+        type = "line";
+        description = "Base internal domain for Vega machine. Default:(glom.newedge.house)";
+      };
+    };
+
+    script = ''cat $prompts/name || echo -n "glom.newedge.house" > $out/name'';
+  };
+
+  networking.fqdn = config.clan.core.vars.generators.vega-internal-domain.files.name.value;
+  system.stateVersion = "25.11";
+
+  # security.acme.defaults.email = "admin@b4l.co.th";
+  # security.acme.acceptTerms = true;
+  # services.nginx.virtualHosts."${config.networking.fqdn}" = {
+  #   enableACME = true;
+  # };
+}

machines/vega/disko.nix

@@ -0,0 +1,141 @@
+{ lib, ... }:
+let
+  hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}";
+  os = "/dev/disk/by-id/mmc-CUTB42_0x9d59499c";
+  vdev = [
+    "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG"
+    "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X"
+  ];
+in
+{
+
+  boot.loader = {
+    systemd-boot = {
+      enable = true;
+    };
+    efi = {
+      canTouchEfiVariables = true;
+    };
+  };
+
+  disko.devices = {
+    disk = {
+      "os-${hashDisk os}" = {
+        type = "disk";
+        device = os;
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              size = "1G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "nofail" ];
+              };
+            };
+            system = {
+              size = "100%";
+              content = {
+                type = "zfs";
+                pool = "zroot";
+              };
+            };
+            swap = {
+              size = "16G";
+              content = {
+                type = "swap";
+              };
+            };
+          };
+        };
+      };
+    }
+    // (lib.listToAttrs (
+      map (disk: {
+        name = "data-${hashDisk disk}";
+        value = {
+          type = "disk";
+          device = disk;
+          content = {
+            type = "zfs";
+            pool = "zdata";
+          };
+        };
+      }) vdev
+    ));
+    zpool = {
+      zroot = {
+        type = "zpool";
+        rootFsOptions = {
+          mountpoint = "none";
+          compression = "lz4";
+          acltype = "posixacl";
+          xattr = "sa";
+          "com.sun:auto-snapshot" = "true";
+        };
+        options.ashift = "12";
+        datasets = {
+          "root" = {
+            type = "zfs_fs";
+            options.mountpoint = "none";
+          };
+          "root/nixos" = {
+            type = "zfs_fs";
+            options.mountpoint = "/";
+            mountpoint = "/";
+          };
+          "root/home" = {
+            type = "zfs_fs";
+            options.mountpoint = "/home";
+            mountpoint = "/home";
+          };
+          "root/tmp" = {
+            type = "zfs_fs";
+            mountpoint = "/tmp";
+            options = {
+              mountpoint = "/tmp";
+              sync = "disabled";
+            };
+          };
+        };
+      };
+      zdata = {
+        type = "zpool";
+        options.ashift = "12";
+        rootFsOptions = {
+          mountpoint = "none";
+          compression = "lz4";
+          acltype = "posixacl";
+          xattr = "sa";
+          "com.sun:auto-snapshot" = "true";
+        };
+        mode = {
+          topology = {
+            type = "topology";
+            vdev = [
+              {
+                mode = "mirror";
+                members = vdev;
+              }
+            ];
+          };
+        };
+        datasets = {
+          "nas" = {
+            type = "zfs_fs";
+            mountpoint = "/mnt/hdd";
+            mountOptions = [ "nofail" ];
+          };
+          "service-data" = {
+            type = "zfs_fs";
+            mountpoint = "/var/lib";
+            mountOptions = [ "nofail" ];
+          };
+        };
+      };
+    };
+  };
+}

machines/vega/services/nextcloud.nix

@@ -0,0 +1,34 @@
+{ config, pkgs, ... }:
+let
+  # ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
+  ncDomain = "${config.networking.fqdn}";
+in
+{
+  clan.core.vars.generators.vega-nextcloud = {
+    files.subdomain.secret = false;
+
+    prompts = {
+      subdomain = {
+        persist = true;
+        type = "line";
+        description = "Sub-domain for Nextcloud app. Default:(cloud)";
+      };
+    };
+
+    script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
+
+  services.nextcloud = {
+    hostName = ncDomain;
+    package = pkgs.nextcloud31;
+  };
+  # services.nginx.virtualHosts."${ncDomain}" = {
+  #   # useACMEHost = "${config.networking.fqdn}";
+  #   # forceSSL = true;
+  # };
+}