-{ name, config, lib, pkgs, secrets, ... }:
+{ name, config, lib, pkgs, secrets, pkgs-no-overlay, ... }:
let
# udev rules to be able to boot from qemu in a rescue
udev-qemu-rules =
'') (builtins.attrNames disks));
in
{
+ imports = [
+ secrets.nixosModules.users-config-zoldene
+ ./virtualisation.nix
+ ./certificates.nix
+ ];
+
services.openssh = {
settings.KbdInteractiveAuthentication = false;
hostKeys = [
secrets.decryptKey = "/persist/zpool/etc/ssh/ssh_host_ed25519_key";
# ssh-keyscan zoldene | nix-shell -p ssh-to-age --run ssh-to-age
secrets.ageKeys = [ "age1rqr7qdpjm8fy9nf3x07fa824v87n40g0ljrgdysuayuklnvhcynq4c8en8" ];
+
+ system.activationScripts.wrappers = {
+ text = ''
+ # wrappers was migrated to systemd, which happens before activation
+ '';
+ };
+
+ nixpkgs.overlays = [
+ (self: super: {
+ postgresql_system = self.postgresql_16;
+ })
+ ];
}
projects / perso / Immae / Config / Nix.git / blobdiff