aboutsummaryrefslogtreecommitdiff
path: root/systems/dilion
diff options
context:
space:
mode:
Diffstat (limited to 'systems/dilion')
-rw-r--r--systems/dilion/base.nix12
-rw-r--r--systems/dilion/flake.lock14
2 files changed, 7 insertions, 19 deletions
diff --git a/systems/dilion/base.nix b/systems/dilion/base.nix
index ac4bdaf..c2778e3 100644
--- a/systems/dilion/base.nix
+++ b/systems/dilion/base.nix
@@ -30,7 +30,6 @@
30 "/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; }; 30 "/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; };
31 "/etc" = { fsType = "zfs"; device = "zpool/root/etc"; }; 31 "/etc" = { fsType = "zfs"; device = "zpool/root/etc"; };
32 "/home" = { fsType = "zfs"; device = "zpool/root/home"; }; 32 "/home" = { fsType = "zfs"; device = "zpool/root/home"; };
33 "/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; };
34 "/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; }; 33 "/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; };
35 "/var" = { fsType = "zfs"; device = "zpool/root/var"; }; 34 "/var" = { fsType = "zfs"; device = "zpool/root/var"; };
36 "/data" = { fsType = "ext4"; label = "data"; }; 35 "/data" = { fsType = "ext4"; label = "data"; };
@@ -147,23 +146,12 @@
147 in 146 in
148 ["command=\"${pkgs.zrepl}/bin/zrepl stdinserver --config ${zreplConfig} eldiron\",restrict ${config.myEnv.zrepl_backup.ssh_key.public}"]; 147 ["command=\"${pkgs.zrepl}/bin/zrepl stdinserver --config ${zreplConfig} eldiron\",restrict ${config.myEnv.zrepl_backup.ssh_key.public}"];
149 }; 148 };
150 security.sudo.extraRules = pkgs.lib.mkAfter [
151 {
152 commands = [
153 { command = "/home/immae/.nix-profile/root_scripts/*"; options = [ "NOPASSWD" ]; }
154 ];
155 users = [ "immae" ];
156 runAs = "root";
157 }
158 ];
159 149
160 virtualisation.docker.enable = true; 150 virtualisation.docker.enable = true;
161 virtualisation.docker.storageDriver = "zfs"; 151 virtualisation.docker.storageDriver = "zfs";
162 virtualisation.libvirtd.enable = true; 152 virtualisation.libvirtd.enable = true;
163 virtualisation.libvirtd.qemu.package = pkgs-no-overlay.qemu; 153 virtualisation.libvirtd.qemu.package = pkgs-no-overlay.qemu;
164 systemd.services.libvirtd.path = lib.mkAfter [ config.boot.zfs.package ]; 154 systemd.services.libvirtd.path = lib.mkAfter [ config.boot.zfs.package ];
165 users.groups.immae = {};
166 users.extraUsers.immae.extraGroups = [ "immae" "libvirtd" "docker" ];
167 systemd.services.libvirtd.postStart = '' 155 systemd.services.libvirtd.postStart = ''
168 install -m 0770 -g libvirtd -d /var/lib/libvirt/images 156 install -m 0770 -g libvirtd -d /var/lib/libvirt/images
169 ''; 157 '';
diff --git a/systems/dilion/flake.lock b/systems/dilion/flake.lock
index ecaa2d6..8accc4e 100644
--- a/systems/dilion/flake.lock
+++ b/systems/dilion/flake.lock
@@ -59,7 +59,7 @@
59 "environment": { 59 "environment": {
60 "locked": { 60 "locked": {
61 "lastModified": 1, 61 "lastModified": 1,
62 "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", 62 "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=",
63 "path": "../../flakes/private/environment", 63 "path": "../../flakes/private/environment",
64 "type": "path" 64 "type": "path"
65 }, 65 },
@@ -71,7 +71,7 @@
71 "environment_2": { 71 "environment_2": {
72 "locked": { 72 "locked": {
73 "lastModified": 1, 73 "lastModified": 1,
74 "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", 74 "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=",
75 "path": "../environment", 75 "path": "../environment",
76 "type": "path" 76 "type": "path"
77 }, 77 },
@@ -83,7 +83,7 @@
83 "environment_3": { 83 "environment_3": {
84 "locked": { 84 "locked": {
85 "lastModified": 1, 85 "lastModified": 1,
86 "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", 86 "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=",
87 "path": "../environment", 87 "path": "../environment",
88 "type": "path" 88 "type": "path"
89 }, 89 },
@@ -95,7 +95,7 @@
95 "environment_4": { 95 "environment_4": {
96 "locked": { 96 "locked": {
97 "lastModified": 1, 97 "lastModified": 1,
98 "narHash": "sha256-SukW363CI7QkbzoWtogiuh1IOUQNRZgj7fwxtIqU9Us=", 98 "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=",
99 "path": "../environment", 99 "path": "../environment",
100 "type": "path" 100 "type": "path"
101 }, 101 },
@@ -219,7 +219,7 @@
219 }, 219 },
220 "locked": { 220 "locked": {
221 "lastModified": 1, 221 "lastModified": 1,
222 "narHash": "sha256-wQqciZXrwEBaeiBKJ3KMxx3hw89nlSCxT8tWf0apgHQ=", 222 "narHash": "sha256-rybO4c9UB9a34Xgoh+ToYz36Dz2OM1sgYxi3m00+W+E=",
223 "path": "../../flakes/private/monitoring", 223 "path": "../../flakes/private/monitoring",
224 "type": "path" 224 "type": "path"
225 }, 225 },
@@ -605,7 +605,7 @@
605 }, 605 },
606 "locked": { 606 "locked": {
607 "lastModified": 1, 607 "lastModified": 1,
608 "narHash": "sha256-zTBAHZAowKOG9MUCEkBhOuAdEEgCAMQIQRafgbi0bWw=", 608 "narHash": "sha256-Xr6wtT00fyC0QhwHb6+nHcwlSPlHBShzPNZFxBaC83Y=",
609 "path": "../../flakes/private/ssh", 609 "path": "../../flakes/private/ssh",
610 "type": "path" 610 "type": "path"
611 }, 611 },
@@ -640,7 +640,7 @@
640 }, 640 },
641 "locked": { 641 "locked": {
642 "lastModified": 1, 642 "lastModified": 1,
643 "narHash": "sha256-biwf4E+pVKyOync6HNfiAMOsiyc20qbVM4ruqzGxupA=", 643 "narHash": "sha256-gxXgjqYGC3Nv6g42OOdU1d+HideZ4vXBZbbpBjlKsvg=",
644 "path": "../../flakes/private/system", 644 "path": "../../flakes/private/system",
645 "type": "path" 645 "type": "path"
646 }, 646 },
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-16 13:40:01 +0000