diff options
| author | makefu <github@syntax-fehler.de> | 2019-04-12 19:28:17 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2019-04-12 19:28:17 +0200 |
| commit | 8bea69348ae0f286b395e9087db7d70e6f1a375a (patch) | |
| tree | 956a2dfb39f0ca1bb00ba40bd21e18037f1093fb /lass/1systems/blue | |
| parent | 179e95d0bfc985940d4970d6c1365c2c8e000d0d (diff) | |
| parent | 72cd01d104bb61b5a5e28c2c10e0bd2bd55ce681 (diff) | |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/1systems/blue')
| -rw-r--r-- | lass/1systems/blue/config.nix | 31 | ||||
| -rw-r--r-- | lass/1systems/blue/physical.nix | 1 | ||||
| -rw-r--r-- | lass/1systems/blue/source.nix | 20 |
3 files changed, 26 insertions, 26 deletions
diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index a84bb37f6..a287f548b 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -8,21 +8,29 @@ with import <stockholm/lib>; <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/blue.nix> + <stockholm/lass/2configs/syncthing.nix> ]; krebs.build.host = config.krebs.hosts.blue; + krebs.syncthing.folders = [ + { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; } + ]; + lass.ensure-permissions = [ + { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; } + ]; + environment.shellAliases = { deploy = pkgs.writeDash "deploy" '' set -eu export SYSTEM="$1" - $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) + $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) ''; }; networking.nameservers = [ "1.1.1.1" ]; - lass.restic = genAttrs [ + services.restic.backups = genAttrs [ "daedalus" "icarus" "littleT" @@ -30,20 +38,19 @@ with import <stockholm/lib>; "shodan" "skynet" ] (dest: { - dirs = [ - "/home/" - "/var/lib" + initialize = true; + extraOptions = [ + "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" ]; + repository = "sftp:backup@${dest}.r:/backups/blue"; passwordFile = (toString <secrets>) + "/restic/${dest}"; - repo = "sftp:backup@${dest}.r:/backups/blue"; - extraArguments = [ - "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" + timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; }; + paths = [ + "/home/" + "/var/lib" ]; - timerConfig = { - OnCalendar = "00:05"; - RandomizedDelaySec = "5h"; - }; }); + time.timeZone = "Europe/Berlin"; users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ]; } diff --git a/lass/1systems/blue/physical.nix b/lass/1systems/blue/physical.nix index 7499ff723..b6aa3a894 100644 --- a/lass/1systems/blue/physical.nix +++ b/lass/1systems/blue/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index a52771a4d..21f3a8bd5 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,20 +1,14 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - derivation = let - rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; - sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; - in '' - with import (builtins.fetchTarball { - url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; - sha256 = "${sha256}"; - }) {}; - pkgs.fetchFromGitHub { + file = { + path = toString (pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs"; - rev = "${rev}"; - sha256 = "${sha256}"; - } - ''; + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + }); + useChecksum = true; + }; }; } |