# Dell Local Node Manager running on nodes['home.nas'] = { 'hostname': '172.19.138.20', 'bundles': { 'backup-server', 'netdata', 'nfs-server', 'smartd', 'vmhost', 'zfs', }, 'groups': { 'debian-bullseye', }, 'metadata': { 'interfaces': { 'br0.42': { 'ips': { '172.19.138.20/24', }, 'gateway4': '172.19.138.1', }, }, 'apt': { 'unattended_upgrades': { 'day': 6, }, }, 'backups': { # This *is* the backup server 'exclude_from_backups': True, }, 'backup-server': { 'clients': { 'kunsi-t470': { 'user': 'kunsi-t470', }, }, 'zfs-base': 'storage/backups', }, 'cron': { # Ensure every user is able to read and write to the NAS dataset. 'chown_nas': '0 3 * * * root chown -R :nas /storage/nas/', 'chmod_nas_directories': '0 4 * * * root find /storage/nas/ -type d -exec chmod 0775 {} \;', 'chmod_nas_files': '0 4 * * * root find /storage/nas/ -type f -exec chmod 0664 {} \;', }, 'groups': { 'nas': {}, }, 'iptables': { 'custom_rules': [ # Dell ULNM 'iptables -A INPUT -p tcp --dport 4679 -j ACCEPT', # mosquitto 'iptables_both -A INPUT -p tcp --dport 1883 -j ACCEPT', 'iptables_both -A INPUT -p tcp --dport 8083 -j ACCEPT', ], }, 'nfs-server': { 'shares': { '/storage/nas': { '172.19.138.0/24(ro,all_squash,anonuid=65534,anongid=65534,no_subtree_check)', }, '/storage/download': { '172.19.138.27/32(rw,all_squash,anonuid=65534,anongid=1012,no_subtree_check)', }, }, }, 'smartd': { 'disks': { '/dev/nvme0', # ZFS cache disks '/dev/disk/by-id/ata-TS64GSSD370_B807810503', '/dev/disk/by-id/ata-TS64GSSD370_B807810527', }, }, 'systemd-networkd': { 'bonds': { 'bond0': { 'match': { 'enp8*', 'enp9*', }, }, }, 'bridges': { 'br0': { 'match': { 'bond0', }, }, }, }, 'openssh': { 'allowed_users': { 'kunsi-t470', # backup user }, }, 'users': { 'f2k1de': { 'ssh_pubkey': { 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrvhqC/tZzpLMs/qy+1xNSVi2mfn8LXPIEhh7dcGn9e', 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDH5+j2vDW1FHSSEEI/Sf5qiKJq1uoxGO5BPv84mqohvol7GxDFObv69tn7g6HYfZY/SaS75C4ZXy+cKa0xy8UCpF0SBa2xHASkenS9v55oweDL4rYSPARzn2XKt3RFJG/d8V5NOWtcyq5DFSzewUF35E4hx1pUc/CIxgJEem5ZvzvN0hlIKXUN2djkVUx+mz6RryBysLTJEFBamjJxIkvDG/PZU73W4SHaKAYV4Ojz2NY7T5/NYKePfIU5F9pkE3RU0LRj58usvA1eP0PvEArWlGNCd8EJU+HQ5xr2dZ6MKPpEyG0KJkC88DuapeF5RwUV53ZhNpF+QgzpI72fH5up', }, }, 'kunsi': { 'groups': { 'libvirt', 'nas', }, }, 'sophie': { 'groups': { 'libvirt', 'nas', }, }, }, 'zfs': { 'pools': { # Configured manually. Don't touch! 'storage': { 'raidz2': { '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8GE15GR', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJ406R', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJBTLR', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJGN6R', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJU4NR', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR', }, }, }, 'datasets': { 'storage/backups': {}, 'storage/opt-yate': { 'mountpoint': '/opt/yate', }, 'storage/f2k1de': { 'mountpoint': '/storage/f2k1de', }, 'storage/download': { 'mountpoint': '/storage/download', }, 'storage/nas': { 'mountpoint': '/storage/nas', }, }, 'snapshots': { 'retain_per_dataset': { 'storage/download': { 'hourly': 48, 'daily': 0, 'weekly': 0, 'monthly': 0, }, }, }, }, 'vm': { 'cpu': 8, 'ram': 16, }, }, }