diff options
Diffstat (limited to 'modules/private/system/dilion.nix')
-rw-r--r-- | modules/private/system/dilion.nix | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix index 5b01a53..ab135b2 100644 --- a/modules/private/system/dilion.nix +++ b/modules/private/system/dilion.nix | |||
@@ -51,7 +51,7 @@ | |||
51 | in | 51 | in |
52 | ["command=\"${pkgs.rrsync_sudo}/bin/rrsync /var/lib/backup/eldiron/\" ${config.myEnv.rsync_backup.ssh_key.public}"]; | 52 | ["command=\"${pkgs.rrsync_sudo}/bin/rrsync /var/lib/backup/eldiron/\" ${config.myEnv.rsync_backup.ssh_key.public}"]; |
53 | }; | 53 | }; |
54 | security.sudo.extraRules = [ | 54 | security.sudo.extraRules = pkgs.lib.mkAfter [ |
55 | { | 55 | { |
56 | commands = [ | 56 | commands = [ |
57 | { command = "${pkgs.rsync}/bin/rsync"; options = [ "NOPASSWD" ]; } | 57 | { command = "${pkgs.rsync}/bin/rsync"; options = [ "NOPASSWD" ]; } |
@@ -59,6 +59,13 @@ | |||
59 | users = [ "backup" ]; | 59 | users = [ "backup" ]; |
60 | runAs = "root"; | 60 | runAs = "root"; |
61 | } | 61 | } |
62 | { | ||
63 | commands = [ | ||
64 | { command = "/home/immae/.nix-profile/root_scripts/*"; options = [ "NOPASSWD" ]; } | ||
65 | ]; | ||
66 | users = [ "immae" ]; | ||
67 | runAs = "root"; | ||
68 | } | ||
62 | ]; | 69 | ]; |
63 | 70 | ||
64 | system.activationScripts.backup_home = '' | 71 | system.activationScripts.backup_home = '' |
@@ -83,11 +90,20 @@ | |||
83 | ''; | 90 | ''; |
84 | }; | 91 | }; |
85 | 92 | ||
93 | security.pki.certificateFiles = [ | ||
94 | (pkgs.fetchurl { | ||
95 | url = "http://downloads.e.eriomem.net/eriomemca.pem"; | ||
96 | sha256 = "1ixx4c6j3m26j8dp9a3dkvxc80v1nr5aqgmawwgs06bskasqkvvh"; | ||
97 | }) | ||
98 | ]; | ||
99 | |||
86 | # This is equivalent to setting environment.sessionVariables.NIX_PATH | 100 | # This is equivalent to setting environment.sessionVariables.NIX_PATH |
87 | nix.nixPath = [ | 101 | nix.nixPath = [ |
88 | "home-manager=https://github.com/rycee/home-manager/archive/release-19.03.tar.gz" | 102 | "home-manager=https://github.com/rycee/home-manager/archive/release-19.03.tar.gz" |
89 | "nixpkgs=https://nixos.org/channels/nixos-19.03/nixexprs.tar.xz" | 103 | "nixpkgs=https://nixos.org/channels/nixos-19.03/nixexprs.tar.xz" |
90 | ]; | 104 | ]; |
105 | nix.binaryCaches = [ "https://hydra.iohk.io" ]; | ||
106 | nix.binaryCachePublicKeys = [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; | ||
91 | 107 | ||
92 | # This value determines the NixOS release with which your system is | 108 | # This value determines the NixOS release with which your system is |
93 | # to be compatible, in order to avoid breaking some software such as | 109 | # to be compatible, in order to avoid breaking some software such as |