Add caral documentation

flake.lock

@@ -27,11 +27,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734088167,
-        "narHash": "sha256-OIitVU+IstPbX/NWn2jLF+/sT9dVKcO2FKeRAzlyX6c=",
+        "lastModified": 1736165297,
+        "narHash": "sha256-OT+sF4eNDFN/OdyUfIQwyp28+CFQL7PAdWn0wGU7F0U=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "d32f2d1750d61a476a236526b725ec5a32e16342",
+        "rev": "76816af65d5294761636a838917e335992a52e0c",
         "type": "github"
       },
       "original": {
@@ -74,11 +74,11 @@
     },
     "nixpkgs-nixos-stable": {
       "locked": {
-        "lastModified": 1733808091,
-        "narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=",
+        "lastModified": 1736061677,
+        "narHash": "sha256-DjkQPnkAfd7eB522PwnkGhOMuT9QVCZspDpJJYyOj60=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e",
+        "rev": "cbd8ec4de4469333c82ff40d057350c30e9f7d36",
         "type": "github"
       },
       "original": {
@@ -90,11 +90,11 @@
     },
     "nixpkgs-nixos-unstable": {
       "locked": {
-        "lastModified": 1733940404,
-        "narHash": "sha256-Pj39hSoUA86ZePPF/UXiYHHM7hMIkios8TYG29kQT4g=",
+        "lastModified": 1736012469,
+        "narHash": "sha256-/qlNWm/IEVVH7GfgAIyP6EsVZI6zjAx1cV5zNyrs+rI=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "5d67ea6b4b63378b9c13be21e2ec9d1afc921713",
+        "rev": "8f3e1f807051e32d8c95cd12b9b421623850a34d",
         "type": "github"
       },
       "original": {
@@ -111,10 +111,10 @@
         ]
       },
       "locked": {
-        "lastModified": 1727954097,
-        "narHash": "sha256-Fmi1bGcyVLVMpSURwXnGCwWl5K0MVAJHuybDa/vYDis=",
-        "rev": "1d096ecce6a9b722dbdc70515375ec6798958c23",
-        "revCount": 6,
+        "lastModified": 1734984619,
+        "narHash": "sha256-D9awD3ArJ+8jCPr96HruGS4xpkJ7h2+V0Yiaay/9pyE=",
+        "rev": "18d3b3b703a6139b9ebd5ec64311717cf2a6f9bc",
+        "revCount": 7,
         "type": "git",
         "url": "file:./private"
       },
@@ -140,11 +140,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1733965552,
-        "narHash": "sha256-GZ4YtqkfyTjJFVCub5yAFWsHknG1nS/zfk7MuHht4Fs=",
+        "lastModified": 1736064798,
+        "narHash": "sha256-xJRN0FmX9QJ6+w8eIIIxzBU1AyQcLKJ1M/Gp6lnSD20=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "2d73fc6ac4eba4b9a83d3cb8275096fbb7ab4004",
+        "rev": "5dc08f9cc77f03b43aacffdfbc8316807773c930",
         "type": "github"
       },
       "original": {

nixos-configurations/cyprianspitz/README.md

@@ -1,4 +1,4 @@
-# Host: Cyprianspitz
+# Host: Cyprianspitz (+Router: Caral)
 
 ## Operations {#_operations}
 
@@ -25,6 +25,38 @@ TODO
 - [Mainboard Manual](docs/z790m-itx-wifi.pdf)
 
 
+### Networking: Caral Internet Router
+
+A [MikroTik `CCR2004-1G-2XS-PCIe`](https://mikrotik.com/product/ccr2004_1g_2xs_pcie#fndtn-downloads) is used for internet access.
+It's a fiber card with build in router, supporting 2x 25Gbit SFP28 cages and 1Gbit RJ45 eth.
+
+- [RouterOS Docs](https://help.mikrotik.com/docs/spaces/ROS/pages/328059/RouterOS)
+
+[The manual](docs/CCR2004-1G-2XS-PCIe_241138.pdf) states:
+
+> This form-factor does come with certain limitations that you should keep in mind.
+> The CCR NIC card needs some time to boot up compared to ASIC-based setups.
+> If the host system is up before the CCR card, it will not appear among the available devices.
+> You should add a PCIe device initialization delay after power-up in the BIOS.
+> Or you will need to re-initialize the PCIe devices from the HOST system.
+
+In our case, since networking is reinitialized after the LUKS password promt, this should not be a issue in practice. However, if networking would not be available, contact someone for a physical reboot and wait longer before entering the HDD password.
+
+To reload the card's virtual interfaces on a running system:
+
+```bash
+echo "1" > /sys/bus/pci/devices/0000\:01\:00.0/remove
+sleep 2
+echo "1" > /sys/bus/pci/rescan
+```
+
+To restart the card on a running system:
+
+```bash
+echo "1" > /sys/bus/pci/devices/0000\:01\:00.0/reset
+sleep 2m # Wait for reboot
+echo "1" > /sys/bus/pci/rescan
+```
 
 ### Top Overview
 

nixos-configurations/cyprianspitz/networking.nix

@@ -14,9 +14,25 @@ in
 
   networking.nameservers = [ calandaIp ];
   networking.useDHCP = false;
-  networking.interfaces.enp0s31f6.ipv4.addresses = [
-    (getNetV4Ip meta.network.physical.plessur-lan)
-  ];
+  networking.interfaces = {
+    # enp0s31f6: 1 Gbit mainboard interface
+    enp0s31f6.ipv4.addresses = [
+      (getNetV4Ip meta.network.physical.plessur-lan)
+    ];
+
+    # wlp0s20f3: Mainboard Wireless interface
+    # enp3s0: 2.5 Gbit mainboard interface: Connected to ether1
+    #enp3s0.useDHCP = true;
+
+    # enp1s0f0: mikrotik sfp28-1: ether-pcie1 passthrough
+    enp1s0f0.useDHCP = true;
+    # enp1s0f1: mikrotik sfp28-2: ether-pcie2 passthrough
+    enp1s0f1.useDHCP = true;
+    # enp1s0f2: mikrotik ether1/bridge1: ether-pcie3 bridge \
+    enp1s0f2.useDHCP = true;
+    # enp1s0f3: mikrotik ether1/bridge1: ether-pcie4 bridge  > connected to enp3s0
+    enp1s0f3.useDHCP = true;
+  };
 
   networking.defaultGateway = {
     address = calandaIp;

private

@@ -1 +1 @@
-Subproject commit 18d3b3b703a6139b9ebd5ec64311717cf2a6f9bc
+Subproject commit 90543f538fc13c3d291196a9769483c6c51ac84d