From 376430ca3f4065b35e97f97ed4aaa4062db41440 Mon Sep 17 00:00:00 2001 From: Ben Sima Date: Wed, 6 Nov 2019 22:21:48 -0800 Subject: add a common buildOS function with preliminary vpn --- default.nix | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) (limited to 'default.nix') diff --git a/default.nix b/default.nix index a6aa0de..939302a 100644 --- a/default.nix +++ b/default.nix @@ -4,24 +4,23 @@ let nixos = import "${nixpkgs-tar}/nixos"; # TODO(bsima): buildNixOS should be split into multiple functions that each # return one thing, instead of a single function that returns multiple things - buildNixOS = opts: let full = (nixos opts); in { - system = full.system; - vm = full.vm; - }; + buildOS = import ./Com/Simatime/buildOS.nix nixos; buildHaskellApp = import ./Com/Simatime/buildHaskellApp.nix nixpkgs; nixos-mailserver = builtins.fetchTarball { url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; }; in { - Com.Simatime = buildNixOS { - system = "x86_64-linux"; + Com.Simatime = buildOS { + enableVpn = true; + ipAddress = "159.89.128.69"; + vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv"; + vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv"; configuration = { imports = [ ./Com/Simatime/hardware.nix ./Com/Simatime/networking.nix # common infra - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix # configured modules ./Com/Simatime/git.nix @@ -31,8 +30,6 @@ in { # third party nixos-mailserver ]; - # TODO(bsima): move more stuff here to a common module - nixpkgs.config.allowUnfree = true; programs.mosh = { enable = true; withUtempter = true; @@ -41,15 +38,16 @@ in { enable = true; passwordAuthentication = false; }; - security.sudo.wheelNeedsPassword = true; - boot.cleanTmpDir = true; }; } // { - dev = buildNixOS { - system = "x86_64-linux"; + dev = buildOS { + enableVpn = true; + ipAddress = "69.181.254.154"; + vpnConnectTo = "com.simatime"; + vpnRsaPrivateKeyFile = "/etc/tinc/rsa_key.priv"; + vpnEd25519PrivateKeyFile = "/etc/tinc/ed25519_key.priv"; configuration = { imports = [ - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix ./Com/Simatime/dev/hardware.nix ./Com/Simatime/dev/configuration.nix @@ -57,13 +55,11 @@ in { }; }; }; - Com.InfluencedByBooks = buildNixOS { - system = "x86_64-linux"; + Com.InfluencedByBooks = buildOS { configuration = { imports = [ ./Com/InfluencedByBooks/service.nix # common infra - ./Com/Simatime/users.nix ./Com/Simatime/packages.nix ]; nixpkgs.config.allowUnfree = true; @@ -71,8 +67,6 @@ in { enable = true; passwordAuthentication = false; }; - security.sudo.wheelNeedsPassword = true; - boot.cleanTmpDir = true; boot.isContainer = true; networking.useDHCP = false; }; -- cgit v1.2.3