diff --git a/fstab.metal b/fstab.metal new file mode 100644 index 0000000..10f4837 --- /dev/null +++ b/fstab.metal @@ -0,0 +1,5 @@ +/dev/md/root / xfs defaults 0 0 +/dev/md/boot /boot vfat rw,nosuid,nodev,noexec,fmask=0077,dmask=0077 0 2 + +/dev/mapper/swap none swap defaults 0 0 +tmpfs /etc/nginx/session-ticket-keys tmpfs size=1M,mode=700,noswap,x-systemd.before=nginx-create-session-ticket-keys.service,x-systemd.required-by=nginx-create-session-ticket-keys.service 0 0 diff --git a/fstab b/fstab.virtual similarity index 100% rename from fstab rename to fstab.virtual diff --git a/hosts.sh b/hosts.sh index 28204aa..23bcbdc 100644 --- a/hosts.sh +++ b/hosts.sh @@ -22,6 +22,7 @@ declare -Ar hosts_hostname=( [5.releases.grapheneos.org]=5-releases [6.releases.grapheneos.org]=6-releases [7.releases.grapheneos.org]=7-releases + [8.releases.grapheneos.org]=8-releases [staging.attestation.app]=staging-attestation [attestation.app]=attestation [matrix.grapheneos.org]=matrix @@ -29,6 +30,18 @@ declare -Ar hosts_hostname=( [grapheneos.social]=social ) +declare -Ar hosts_uefi=( + [8.releases.grapheneos.org]=true +) + +declare -Ar hosts_metal=( + [8.releases.grapheneos.org]=true +) + +declare -Ar hosts_hardware_watchdog=( + [8.releases.grapheneos.org]=true +) + declare -Ar hosts_firewall=( [ns1.staging.grapheneos.org]=ns1 [ns1.grapheneos.org]=ns1 @@ -56,6 +69,7 @@ declare -Ar hosts_swap=( [5.releases.grapheneos.org]=8192 [6.releases.grapheneos.org]=8192 [7.releases.grapheneos.org]=8192 + [8.releases.grapheneos.org]=32768 [attestation.app]=4096 [matrix.grapheneos.org]=8192 [discuss.grapheneos.org]=4096 @@ -71,6 +85,7 @@ declare -Ar hosts_agcount=( [5.releases.grapheneos.org]=8 [6.releases.grapheneos.org]=8 [7.releases.grapheneos.org]=8 + [8.releases.grapheneos.org]=32 ) declare -Ar hosts_reserved_ports=( @@ -92,6 +107,7 @@ declare -Ar hosts_tcp_wmem_max=( [5.releases.grapheneos.org]=16777216 [6.releases.grapheneos.org]=16777216 [7.releases.grapheneos.org]=16777216 + [8.releases.grapheneos.org]=16777216 [matrix.grapheneos.org]=16777216 ) @@ -119,6 +135,7 @@ declare -Ar hosts_conntrack_size=( [5.releases.grapheneos.org]=262144 [6.releases.grapheneos.org]=262144 [7.releases.grapheneos.org]=262144 + [8.releases.grapheneos.org]=4194304 [staging.attestation.app]=65536 [attestation.app]=131072 [matrix.grapheneos.org]=131072 @@ -149,6 +166,7 @@ declare -Ar hosts_journald_system_max_use=( [5.releases.grapheneos.org]=8G [6.releases.grapheneos.org]=8G [7.releases.grapheneos.org]=8G + [8.releases.grapheneos.org]=8G ) declare -Ar hosts_journald_system_max_file_size=( @@ -167,6 +185,7 @@ declare -Ar hosts_journald_system_max_file_size=( [5.releases.grapheneos.org]=1G [6.releases.grapheneos.org]=1G [7.releases.grapheneos.org]=1G + [8.releases.grapheneos.org]=1G [matrix.grapheneos.org]=512M [discuss.grapheneos.org]=512M [grapheneos.social]=512M @@ -208,6 +227,7 @@ declare -Ar hosts_ipv4_address=( [5.releases.grapheneos.org]=141.94.71.72 [6.releases.grapheneos.org]=135.125.183.155 [7.releases.grapheneos.org]=141.95.0.242 + [8.releases.grapheneos.org]=45.90.185.33 [staging.attestation.app]=198.98.57.157 [attestation.app]=51.79.66.27 [matrix.grapheneos.org]=51.79.51.42 @@ -239,6 +259,7 @@ declare -Ar hosts_ipv6_address=( [5.releases.grapheneos.org]=2001:41d0:304:200::a687 [6.releases.grapheneos.org]=2001:41d0:701:1100::2ec9 [7.releases.grapheneos.org]=2001:41d0:701:1100::3e56 + [8.releases.grapheneos.org]=2a14:3f87:6920:250::100 [staging.attestation.app]=2605:6400:10:aa9:1c0f:44d3:da15:c0ec [attestation.app]=2607:5300:205:200::7e9 [matrix.grapheneos.org]=2607:5300:205:200::26e1 @@ -246,9 +267,6 @@ declare -Ar hosts_ipv6_address=( [grapheneos.social]=2607:5300:205:200::5e3f ) -declare -Ar hosts_hardware_watchdog=( -) - readonly hosts_dns=( ns1.staging.grapheneos.org ns1.grapheneos.org @@ -296,7 +314,7 @@ readonly hosts_grapheneos_all=( ) readonly hosts_releases=( - {0..7}.releases.grapheneos.org + {0..8}.releases.grapheneos.org ) readonly hosts_network=( diff --git a/packages/8.releases.grapheneos.org b/packages/8.releases.grapheneos.org new file mode 100644 index 0000000..5ef5bf9 --- /dev/null +++ b/packages/8.releases.grapheneos.org @@ -0,0 +1,40 @@ +amd-ucode +base +chrony +cloud-guest-utils +conntrack-tools +cpupower +dmidecode +dosfstools +efibootmgr +fish +htop +ioping +iperf +linux-firmware +linux-lts +logrotate +man-db +mdadm +moreutils +mtr +neovim +nftables +nginx +nginx-mod-brotli +nmap +openssh +pacman-contrib +pacutils +plocate +pv +rsync +smartmontools +strace +stress +sysstat +tinyxxd +tree +turbostat +unbound +xfsprogs diff --git a/systemd/network/8.releases.grapheneos.org.link b/systemd/network/8.releases.grapheneos.org.link new file mode 100644 index 0000000..e5b4d97 --- /dev/null +++ b/systemd/network/8.releases.grapheneos.org.link @@ -0,0 +1,5 @@ +[Match] +MACAddress=50:7c:6f:7d:4c:93 + +[Link] +Name=public diff --git a/systemd/network/8.releases.grapheneos.org.network b/systemd/network/8.releases.grapheneos.org.network new file mode 100644 index 0000000..2db51ed --- /dev/null +++ b/systemd/network/8.releases.grapheneos.org.network @@ -0,0 +1,29 @@ +[Match] +Name=public + +[Network] +LinkLocalAddressing=no +Address=45.90.185.33/24 +Address=2a14:3f87:6920:250::100/60 + +[Route] +Destination=0.0.0.0/0 +Gateway=45.90.185.1 +PreferredSource=45.90.185.33 + +[Route] +Destination=::/0 +Gateway=2a14:3f87:6920:250::1 +PreferredSource=2a14:3f87:6920:250::100 + +[Route] +Destination=2a14:3f87:6920:250::1 +PreferredSource=2a14:3f87:6920:250::100 + +[DHCP] +UseMTU=true + +#[CAKE] +#Bandwidth=25000M +#PriorityQueueingPreset=besteffort +#SplitGSO=false