summaryrefslogtreecommitdiffstats
path: root/lass/1systems/blue
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2019-04-13 14:07:30 +0200
committertv <tv@krebsco.de>2019-04-13 14:07:30 +0200
commit0430fbbbfeef5f7d6188ec70d7f084ffa1cb1a46 (patch)
tree38daa64159448bc750de5b3c6692c7e2027ed4c7 /lass/1systems/blue
parent39fba33bed71c7553da47e56c5e34a0389950c71 (diff)
parentbb2f8b9b920287df33e194a3b62d86669d8e6ddd (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/blue')
-rw-r--r--lass/1systems/blue/config.nix31
-rw-r--r--lass/1systems/blue/physical.nix1
-rw-r--r--lass/1systems/blue/source.nix20
3 files changed, 26 insertions, 26 deletions
diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix
index a84bb37f6..a287f548b 100644
--- a/lass/1systems/blue/config.nix
+++ b/lass/1systems/blue/config.nix
@@ -8,21 +8,29 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/blue.nix>
+ <stockholm/lass/2configs/syncthing.nix>
];
krebs.build.host = config.krebs.hosts.blue;
+ krebs.syncthing.folders = [
+ { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; }
+ ];
+ lass.ensure-permissions = [
+ { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; }
+ ];
+
environment.shellAliases = {
deploy = pkgs.writeDash "deploy" ''
set -eu
export SYSTEM="$1"
- $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
+ $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
};
networking.nameservers = [ "1.1.1.1" ];
- lass.restic = genAttrs [
+ services.restic.backups = genAttrs [
"daedalus"
"icarus"
"littleT"
@@ -30,20 +38,19 @@ with import <stockholm/lib>;
"shodan"
"skynet"
] (dest: {
- dirs = [
- "/home/"
- "/var/lib"
+ initialize = true;
+ extraOptions = [
+ "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
];
+ repository = "sftp:backup@${dest}.r:/backups/blue";
passwordFile = (toString <secrets>) + "/restic/${dest}";
- repo = "sftp:backup@${dest}.r:/backups/blue";
- extraArguments = [
- "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
+ timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; };
+ paths = [
+ "/home/"
+ "/var/lib"
];
- timerConfig = {
- OnCalendar = "00:05";
- RandomizedDelaySec = "5h";
- };
});
+
time.timeZone = "Europe/Berlin";
users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ];
}
diff --git a/lass/1systems/blue/physical.nix b/lass/1systems/blue/physical.nix
index 7499ff723..b6aa3a894 100644
--- a/lass/1systems/blue/physical.nix
+++ b/lass/1systems/blue/physical.nix
@@ -4,5 +4,4 @@
];
boot.isContainer = true;
networking.useDHCP = false;
- environment.variables.NIX_REMOTE = "daemon";
}
diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix
index a52771a4d..21f3a8bd5 100644
--- a/lass/1systems/blue/source.nix
+++ b/lass/1systems/blue/source.nix
@@ -1,20 +1,14 @@
{ lib, pkgs, ... }:
{
nixpkgs = lib.mkForce {
- derivation = let
- rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
- sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
- in ''
- with import (builtins.fetchTarball {
- url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
- sha256 = "${sha256}";
- }) {};
- pkgs.fetchFromGitHub {
+ file = {
+ path = toString (pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs";
- rev = "${rev}";
- sha256 = "${sha256}";
- }
- '';
+ rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
+ sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
+ });
+ useChecksum = true;
+ };
};
}