diff options
author | mv <mv@ni.r> | 2017-08-29 21:00:46 +0200 |
---|---|---|
committer | mv <mv@ni.r> | 2017-08-29 21:05:25 +0200 |
commit | 48c75276c5a5ed8e7ea33ccb330f8ee6b7a6a927 (patch) | |
tree | b4663bb8a6f49a62ef3c9ab5362df4ba19e98daf /mv | |
parent | d6aee94277e4329db12d0dfd78fbd6ab58fdeab7 (diff) |
mv: the future is now!
Diffstat (limited to 'mv')
-rw-r--r-- | mv/1systems/stro/config.nix (renamed from mv/1systems/stro.nix) | 23 | ||||
-rw-r--r-- | mv/1systems/stro/source.nix | 3 | ||||
-rw-r--r-- | mv/source.nix | 23 |
3 files changed, 31 insertions, 18 deletions
diff --git a/mv/1systems/stro.nix b/mv/1systems/stro/config.nix index bb37aedda..669655eec 100644 --- a/mv/1systems/stro.nix +++ b/mv/1systems/stro/config.nix @@ -8,18 +8,6 @@ with import <stockholm/lib>; build = { user = config.krebs.users.mv; host = config.krebs.hosts.stro; - source = let - HOME = getEnv "HOME"; - host = config.krebs.build.host; - in { - nixos-config.symlink = "stockholm/mv/1systems/${host.name}.nix"; - secrets.file = "${HOME}/secrets/${host.name}"; - stockholm.file = "${HOME}/stockholm"; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "8bf31d7d27cae435d7c1e9e0ccb0a320b424066f"; - }; - }; }; }; @@ -27,7 +15,7 @@ with import <stockholm/lib>; <secrets> <stockholm/krebs> <stockholm/tv/2configs/audit.nix> - <stockholm/tv/2configs/bash.nix> + <stockholm/tv/2configs/bash> <stockholm/tv/2configs/exim-retiolum.nix> <stockholm/tv/2configs/hw/x220.nix> <stockholm/tv/2configs/im.nix> @@ -40,7 +28,6 @@ with import <stockholm/lib>; <stockholm/tv/2configs/xdg.nix> <stockholm/tv/2configs/xserver> <stockholm/tv/3modules> - <stockholm/tv/5pkgs> ]; boot.kernel.sysctl = { @@ -124,13 +111,13 @@ with import <stockholm/lib>; nix = { binaryCaches = ["https://cache.nixos.org"]; - # TODO check if both are required: - chrootDirs = [ "/etc/protocols" pkgs.iana_etc.outPath ]; requireSignedBinaryCaches = true; - useChroot = true; + # TODO check if both are required: + sandboxPaths = [ "/etc/protocols" pkgs.iana_etc.outPath ]; + useSandbox = true; }; - nixpkgs.config.allowUnfree = false; + nixpkgs.config.packageOverrides = import <stockholm/tv/5pkgs> pkgs; users = { defaultUserShell = "/run/current-system/sw/bin/bash"; diff --git a/mv/1systems/stro/source.nix b/mv/1systems/stro/source.nix new file mode 100644 index 000000000..888d616c8 --- /dev/null +++ b/mv/1systems/stro/source.nix @@ -0,0 +1,3 @@ +import <stockholm/mv/source.nix> { + name = "stro"; +} diff --git a/mv/source.nix b/mv/source.nix new file mode 100644 index 000000000..8b1563914 --- /dev/null +++ b/mv/source.nix @@ -0,0 +1,23 @@ +with import <stockholm/lib>; +host@{ name, override ? {} }: let + builder = if getEnv "dummy_secrets" == "true" + then "buildbot" + else "mv"; + _file = <stockholm> + "/mv/1systems/${name}/source.nix"; +in + evalSource (toString _file) [ + { + nixos-config.symlink = "stockholm/mv/1systems/${name}/config.nix"; + nixpkgs.git = { + # nixos-17.03 + ref = mkDefault "94941cb0455bfc50b1bf63186cfad7136d629f78"; + url = https://github.com/NixOS/nixpkgs; + }; + secrets.file = getAttr builder { + buildbot = toString <stockholm/mv/dummy_secrets>; + mv = "/home/mv/secrets/${name}"; + }; + stockholm.file = toString <stockholm>; + } + override + ] |