From d629bee9546fa6ed6a018f2b6d491a851ad12738 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Jul 2015 13:39:49 +0200 Subject: "rebase" --- old/modules/cloudkrebs/default.nix | 8 +++++--- old/modules/cloudkrebs/retiolum.nix | 21 +++++++++++++++++++++ 2 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 old/modules/cloudkrebs/retiolum.nix (limited to 'old/modules/cloudkrebs') diff --git a/old/modules/cloudkrebs/default.nix b/old/modules/cloudkrebs/default.nix index 938447e0..135b662f 100644 --- a/old/modules/cloudkrebs/default.nix +++ b/old/modules/cloudkrebs/default.nix @@ -3,7 +3,7 @@ { imports = [ ../tv/base-cac-CentOS-7-64bit.nix - ../lass/retiolum-cloudkrebs.nix + ./retiolum.nix ./networking.nix ../../secrets/cloudkrebs-pw.nix ../lass/sshkeys.nix @@ -18,8 +18,10 @@ nix.maxJobs = 1; - #activationScripts - #split up and move into base + #tmpfiles Unknown group 'lock' workaround: + users.extraGroups = { + lock.gid = 10001; + }; #TODO move into modules users.extraUsers = { diff --git a/old/modules/cloudkrebs/retiolum.nix b/old/modules/cloudkrebs/retiolum.nix new file mode 100644 index 00000000..1caa9246 --- /dev/null +++ b/old/modules/cloudkrebs/retiolum.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../tv/retiolum + ]; + + tv.retiolum = { + enable = true; + hosts = ../../hosts; + privateKeyFile = "/etc/nixos/secrets/cloudkrebs.retiolum.rsa_key.priv"; + connectTo = [ + "fastpoke" + "gum" + "ire" + ]; + }; + + networking.firewall.allowedTCPPorts = [ 655 ]; + networking.firewall.allowedUDPPorts = [ 655 ]; +} -- cgit v1.2.3