diff options
author | Ben Sima <ben@bsima.me> | 2019-11-06 22:21:48 -0800 |
---|---|---|
committer | Ben Sima <ben@bsima.me> | 2019-11-06 22:21:48 -0800 |
commit | 376430ca3f4065b35e97f97ed4aaa4062db41440 (patch) | |
tree | 631d52ca097f2b859ace29e8c090138f2b81624e /default.nix | |
parent | 7198d79be4d7d0040d768f395f11b19b05622a8d (diff) |
add a common buildOS function with preliminary vpn
Diffstat (limited to 'default.nix')
-rw-r--r-- | default.nix | 32 |
1 files changed, 13 insertions, 19 deletions
diff --git a/default.nix b/default.nix index a6aa0de..939302a 100644 --- a/default.nix +++ b/default.nix @@ -4,24 +4,23 @@ let nixos = import "${nixpkgs-tar}/nixos"; # TODO(bsima): buildNixOS should be split into multiple functions that each # return one thing, instead of a single function that returns multiple things - buildNixOS = opts: let full = (nixos opts); in { - system = full.system; - vm = full.vm; - }; + buildOS = import ./Com/Simatime/buildOS.nix nixos; buildHaskellApp = import ./Com/Simatime/buildHaskellApp.nix nixpkgs; nixos-mailserver = builtins.fetchTarball { url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; }; in { - Com.Simatime = buildNixOS { - system = "x86_64-linux"; + Com.Simatime = buildOS { + enableVpn = true; + ipAddress = "159.89.128.69"; + vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv"; + vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv"; configuration = { imports = [ ./Com/Simatime/hardware.nix ./Com/Simatime/networking.nix # common infra - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix # configured modules ./Com/Simatime/git.nix @@ -31,8 +30,6 @@ in { # third party nixos-mailserver ]; - # TODO(bsima): move more stuff here to a common module - nixpkgs.config.allowUnfree = true; programs.mosh = { enable = true; withUtempter = true; @@ -41,15 +38,16 @@ in { enable = true; passwordAuthentication = false; }; - security.sudo.wheelNeedsPassword = true; - boot.cleanTmpDir = true; }; } // { - dev = buildNixOS { - system = "x86_64-linux"; + dev = buildOS { + enableVpn = true; + ipAddress = "69.181.254.154"; + vpnConnectTo = "com.simatime"; + vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv"; + vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv"; configuration = { imports = [ - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix ./Com/Simatime/dev/hardware.nix ./Com/Simatime/dev/configuration.nix @@ -57,13 +55,11 @@ in { }; }; }; - Com.InfluencedByBooks = buildNixOS { - system = "x86_64-linux"; + Com.InfluencedByBooks = buildOS { configuration = { imports = [ ./Com/InfluencedByBooks/service.nix # common infra - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix ]; nixpkgs.config.allowUnfree = true; @@ -71,8 +67,6 @@ in { enable = true; passwordAuthentication = false; }; - security.sudo.wheelNeedsPassword = true; - boot.cleanTmpDir = true; boot.isContainer = true; networking.useDHCP = false; }; |