Merge branch 'master' of prism.r:stockholm

This commit is contained in:
jeschli 2018-01-06 21:36:32 +01:00
commit 1967d8b04f
5 changed files with 35 additions and 21 deletions

View File

@ -184,14 +184,17 @@ in {
} }
{ {
#hotdog #hotdog
systemd.services."container@hotdog".reloadIfChanged = mkForce false;
containers.hotdog = { containers.hotdog = {
config = { ... }: { config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ]; environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey config.krebs.users.lass.pubkey
]; ];
}; };
autoStart = true;
enableTun = true; enableTun = true;
privateNetwork = true; privateNetwork = true;
hostAddress = "10.233.2.1"; hostAddress = "10.233.2.1";
@ -200,8 +203,10 @@ in {
} }
{ {
#kaepsele #kaepsele
systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
containers.kaepsele = { containers.kaepsele = {
config = { ... }: { config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ]; environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [ users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
@ -209,6 +214,7 @@ in {
tv.pubkey tv.pubkey
]; ];
}; };
autoStart = true;
enableTun = true; enableTun = true;
privateNetwork = true; privateNetwork = true;
hostAddress = "10.233.2.3"; hostAddress = "10.233.2.3";
@ -217,8 +223,10 @@ in {
} }
{ {
#onondaga #onondaga
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = { containers.onondaga = {
config = { ... }: { config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ]; environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
@ -226,6 +234,7 @@ in {
config.krebs.users.nin.pubkey config.krebs.users.nin.pubkey
]; ];
}; };
autoStart = true;
enableTun = true; enableTun = true;
privateNetwork = true; privateNetwork = true;
hostAddress = "10.233.2.5"; hostAddress = "10.233.2.5";

View File

@ -57,6 +57,10 @@ in {
restartIfChanged = false; restartIfChanged = false;
path = [
pkgs.rxvt_unicode.terminfo
];
serviceConfig = { serviceConfig = {
User = "chat"; User = "chat";
RemainAfterExit = true; RemainAfterExit = true;

View File

@ -11,24 +11,6 @@ with import <stockholm/lib>;
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
}; };
}; };
services.dnsmasq = { services.resolved.enable = true;
enable = true; services.resolved.fallbackDns = [ "127.1.0.1" ];
resolveLocalQueries = false;
extraConfig = ''
server=127.1.0.1
#no-resolv
cache-size=1000
min-cache-ttl=3600
bind-dynamic
all-servers
dnssec
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
rebind-domain-ok=/onion/
server=/.onion/127.0.0.1#9053
port=53
'';
};
networking.extraResolvconfConf = ''
name_servers='127.0.0.1'
'';
} }

View File

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
systemd.services.rebuild-on-boot = {
wantedBy = [ "multi-user.target" ];
environment = {
NIX_REMOTE = "daemon";
HOME = "/var/empty";
};
serviceConfig = {
ExecStart = pkgs.writeScript "rebuild" ''
#!${pkgs.bash}/bin/bash
(/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) &
'';
ExecStop = "${pkgs.coreutils}/bin/sleep 10";
};
};
}

View File

@ -13,8 +13,9 @@ let
then "buildbot" then "buildbot"
else "makefu"; else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix"; _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
ref = "3e8d708"; # nixos-17.09 @ 2018-01-05 ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
# + do_sqlite3 ruby: 55a952be5b5 # + do_sqlite3 ruby: 55a952be5b5
# + signal: 0f19beef3
in in
evalSource (toString _file) [ evalSource (toString _file) [