updates for garage

add garage tank mount
open up the firewall on the k3s agents for now
apply this to xerneas (yveltal doesn't have an hdd)

hosts/xerneas.nix

@@ -9,6 +9,7 @@
     [ # Include the results of the hardware scan.
       ../types/server.nix
       ../modules/k3s-agent.nix
+      ../modules/garage-lvm-data.nix
     ];
   config = lib.mkMerge [
     {

modules/garage-lvm-data.nix

@@ -0,0 +1,14 @@
+{ config, ... }:
+{
+  # make an LV for the tank.  add VGs to it.
+  #  parted /dev/sda
+  #    stuff to make this for lvm.
+  #  vgcreate xerneas-tank-hdd /dev/sda1
+  #  lvcreate -l 50%FREE xerneas-tank-hdd --name garage-data
+  #  mkfs.xfs -L xerneas-gdat /dev/mapper/xerneas--tank--hdd-garage--data
+
+  fileSystems."/var/lib/garage/data" = {
+      device = "/dev/mapper/xerneas--tank--hdd-garage--data";
+      fsType = "xfs";
+  };
+}

modules/k3s-agent.nix

@@ -37,12 +37,12 @@ with lib;
     53 80 443 5432 5001 9898 9999 6443 4222 6222 8222 2379 2380 8472 10250
   ];
   networking.firewall.allowedUDPPortRanges = [
-    { from = 5000; to = 32767; }
+    { from = 1; to = 65535; }
   ];
   networking.firewall.allowedTCPPorts = [
     53 80 443 5432 5001 9898 9999 6443 4222 6222 8222 2379 2380 10250
   ];
   networking.firewall.allowedTCPPortRanges = [
-    { from = 5000; to = 32767; }
+    { from = 1; to = 65535; }
   ];
 }

modules/server.nix

@@ -33,7 +33,13 @@
   services.openssh.enable = true;
   networking.firewall.enable = true;
 
-  environment.systemPackages = [ pkgs.nfs-utils ];
+  environment.systemPackages = with pkgs; [
+    neovim
+    htop
+    parted
+    nfs-utils
+    xfsprogs
+  ];
   services.openiscsi = {
     enable = true;
     name = "${config.networking.hostName}-initiatorhost";