deployment = {
targetUser = "root";
targetHost = lib.head config.hostEnv.ips.main.ip4;
- substituteOnDestination = true;
};
# ssh-keyscan eldiron | nix-shell -p ssh-to-age --run ssh-to-age
secrets.ageKeys = [ "age1dxr5lhvtnjssfaqpnf6qx80h8gfwkxg3tdf35m6n9wljmk7wadfs3kmahj" ];
};
supportedFilesystems = [ "zfs" ];
kernelParams = ["zfs.zfs_arc_max=6442450944"];
- kernelPackages = pkgs.linuxPackages_latest;
+ kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
initrd.availableKernelModules = [ "ahci" "sd_mod" ];
initrd.secrets = {
"/boot/pass.key" = "/boot/pass.key";
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="c8:60:00:56:a0:88", NAME="eth0"
'';
- nix.maxJobs = 8;
+ nix.settings.max-jobs = 8;
powerManagement.cpuFreqGovernor = "powersave";
myEnv = import ../../../nixops/secrets/environment.nix;
services.netdata.config.health."enabled" = "no";
services.netdata.config.web.mode = "none";
users.users."${config.services.netdata.user}".extraGroups = [ "keys" ];
- environment.etc."netdata/stream.conf".source = config.secrets.fullPaths."netdata-stream.conf";
+ services.netdata.configDir."stream.conf" = config.secrets.fullPaths."netdata-stream.conf";
secrets.keys = {
"netdata-stream.conf" = {
user = config.services.netdata.user;
};
};
programs.ssh.knownHosts.dilion = {
- hostNames = ["dilion.immae.eu"];
+ extraHostNames = ["dilion.immae.eu"];
publicKey = let
profile = config.myEnv.rsync_backup.profiles.dilion;
in
environment.systemPackages = [ pkgs.bindfs ];
- services.zrepl = {
+ immaeServices.zrepl = {
enable = true;
config = let
redis_dump = pkgs.writeScript "redis-dump" ''