summaryrefslogtreecommitdiff
path: root/default.nix
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2019-11-06 22:21:48 -0800
committerBen Sima <ben@bsima.me>2019-11-06 22:21:48 -0800
commit376430ca3f4065b35e97f97ed4aaa4062db41440 (patch)
tree631d52ca097f2b859ace29e8c090138f2b81624e /default.nix
parent7198d79be4d7d0040d768f395f11b19b05622a8d (diff)
add a common buildOS function with preliminary vpn
Diffstat (limited to 'default.nix')
-rw-r--r--default.nix32
1 files changed, 13 insertions, 19 deletions
diff --git a/default.nix b/default.nix
index a6aa0de..939302a 100644
--- a/default.nix
+++ b/default.nix
@@ -4,24 +4,23 @@ let
nixos = import "${nixpkgs-tar}/nixos";
# TODO(bsima): buildNixOS should be split into multiple functions that each
# return one thing, instead of a single function that returns multiple things
- buildNixOS = opts: let full = (nixos opts); in {
- system = full.system;
- vm = full.vm;
- };
+ buildOS = import ./Com/Simatime/buildOS.nix nixos;
buildHaskellApp = import ./Com/Simatime/buildHaskellApp.nix nixpkgs;
nixos-mailserver = builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
};
in {
- Com.Simatime = buildNixOS {
- system = "x86_64-linux";
+ Com.Simatime = buildOS {
+ enableVpn = true;
+ ipAddress = "159.89.128.69";
+ vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv";
+ vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv";
configuration = {
imports = [
./Com/Simatime/hardware.nix
./Com/Simatime/networking.nix
# common infra
- ./Com/Simatime/users.nix
./Com/Simatime/packages.nix
# configured modules
./Com/Simatime/git.nix
@@ -31,8 +30,6 @@ in {
# third party
nixos-mailserver
];
- # TODO(bsima): move more stuff here to a common module
- nixpkgs.config.allowUnfree = true;
programs.mosh = {
enable = true;
withUtempter = true;
@@ -41,15 +38,16 @@ in {
enable = true;
passwordAuthentication = false;
};
- security.sudo.wheelNeedsPassword = true;
- boot.cleanTmpDir = true;
};
} // {
- dev = buildNixOS {
- system = "x86_64-linux";
+ dev = buildOS {
+ enableVpn = true;
+ ipAddress = "69.181.254.154";
+ vpnConnectTo = "com.simatime";
+ vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv";
+ vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv";
configuration = {
imports = [
- ./Com/Simatime/users.nix
./Com/Simatime/packages.nix
./Com/Simatime/dev/hardware.nix
./Com/Simatime/dev/configuration.nix
@@ -57,13 +55,11 @@ in {
};
};
};
- Com.InfluencedByBooks = buildNixOS {
- system = "x86_64-linux";
+ Com.InfluencedByBooks = buildOS {
configuration = {
imports = [
./Com/InfluencedByBooks/service.nix
# common infra
- ./Com/Simatime/users.nix
./Com/Simatime/packages.nix
];
nixpkgs.config.allowUnfree = true;
@@ -71,8 +67,6 @@ in {
enable = true;
passwordAuthentication = false;
};
- security.sudo.wheelNeedsPassword = true;
- boot.cleanTmpDir = true;
boot.isContainer = true;
networking.useDHCP = false;
};