summaryrefslogtreecommitdiffstats
path: root/tv/2configs/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'tv/2configs/default.nix')
-rw-r--r--tv/2configs/default.nix18
1 files changed, 13 insertions, 5 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 57c4620c4..c4a2d6baa 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,21 +1,18 @@
{ config, lib, pkgs, ... }:
-with lib;
+with config.krebs.lib;
{
krebs.enable = true;
krebs.build = {
user = config.krebs.users.tv;
- target = mkDefault "root@${config.krebs.build.host.name}";
source = mapAttrs (_: mkDefault) ({
nixos-config = "symlink:stockholm/tv/1systems/${config.krebs.build.host.name}.nix";
- nixpkgs = symlink:stockholm/nixpkgs;
secrets = "/home/tv/secrets/${config.krebs.build.host.name}";
secrets-common = "/home/tv/secrets/common";
stockholm = "/home/tv/stockholm";
- stockholm-user = "symlink:stockholm/tv";
- upstream-nixpkgs = {
+ nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "77f8f35d57618c1ba456d968524f2fb2c3448295";
dev = "/home/tv/nixpkgs";
@@ -45,6 +42,7 @@ with lib;
tv = {
isNormalUser = true;
uid = 1337;
+ extraGroups = [ "tv" ];
};
};
};
@@ -165,6 +163,7 @@ with lib;
{
tv.iptables.enable = true;
+ tv.iptables.accept-echo-request = "internet";
}
{
@@ -184,6 +183,15 @@ with lib;
];
}
{
+ environment.systemPackages = [
+ pkgs.get
+ pkgs.krebszones
+ pkgs.nix-prefetch-scripts
+ pkgs.push
+ ];
+ }
+
+ {
systemd.tmpfiles.rules = let
forUsers = flip map users;
isUser = { name, group, ... }:
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-15 20:18:47 +0000