flake.nix: add old channel, Marisa: downgrade to cgroupv1
This commit is contained in:
17
flake.lock
generated
17
flake.lock
generated
@@ -461,6 +461,22 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"old": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1642244250,
|
||||||
|
"narHash": "sha256-vWpUEqQdVP4srj+/YLJRTN9vjpTs4je0cdWKXPbDItc=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "0fd9ee1aa36ce865ad273f4f07fdc093adeb5c00",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixos-21.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
@@ -474,6 +490,7 @@
|
|||||||
"nixpkgs": "nixpkgs_7",
|
"nixpkgs": "nixpkgs_7",
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
"nvim": "nvim",
|
"nvim": "nvim",
|
||||||
|
"old": "old",
|
||||||
"rust": "rust",
|
"rust": "rust",
|
||||||
"stable": "stable",
|
"stable": "stable",
|
||||||
"utils": "utils_4"
|
"utils": "utils_4"
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
{
|
{
|
||||||
inputs = {
|
inputs = {
|
||||||
stable.url = github:nixos/nixpkgs/nixos-21.11;
|
stable.url = github:nixos/nixpkgs/nixos-21.11;
|
||||||
|
old.url = github:nixos/nixpkgs/nixos-21.05;
|
||||||
nixpkgs.url = github:nixos/nixpkgs/nixpkgs-unstable;
|
nixpkgs.url = github:nixos/nixpkgs/nixpkgs-unstable;
|
||||||
master.url = github:nixos/nixpkgs/master;
|
master.url = github:nixos/nixpkgs/master;
|
||||||
home-manager.url = github:nix-community/home-manager;
|
home-manager.url = github:nix-community/home-manager;
|
||||||
@@ -16,7 +17,7 @@
|
|||||||
rust.url = github:oxalica/rust-overlay;
|
rust.url = github:oxalica/rust-overlay;
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{self, nixpkgs, stable, master, ... }:
|
outputs = inputs@{self, nixpkgs, stable, master, old, ... }:
|
||||||
inputs.utils.lib.eachDefaultSystem (system:
|
inputs.utils.lib.eachDefaultSystem (system:
|
||||||
let
|
let
|
||||||
mkPkgs = channel: system: import channel {
|
mkPkgs = channel: system: import channel {
|
||||||
@@ -27,6 +28,7 @@
|
|||||||
stable = mkPkgs stable prev.system;
|
stable = mkPkgs stable prev.system;
|
||||||
unstable = mkPkgs nixpkgs prev.system;
|
unstable = mkPkgs nixpkgs prev.system;
|
||||||
master = mkPkgs master prev.system;
|
master = mkPkgs master prev.system;
|
||||||
|
old = mkPkgs old prev.system;
|
||||||
};
|
};
|
||||||
overlays = [
|
overlays = [
|
||||||
(import ./overlays/overridesandshit.nix)
|
(import ./overlays/overridesandshit.nix)
|
||||||
@@ -64,10 +66,10 @@
|
|||||||
./modules/vault-agent.nix
|
./modules/vault-agent.nix
|
||||||
];
|
];
|
||||||
serverModules = [
|
serverModules = [
|
||||||
./modules/builder.nix
|
|
||||||
./modules/min-pkgs.nix
|
./modules/min-pkgs.nix
|
||||||
./modules/min-stuff.nix
|
./modules/min-stuff.nix
|
||||||
];
|
];
|
||||||
|
builder = [ ./modules/builder.nix ];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
hm-configs = {
|
hm-configs = {
|
||||||
@@ -131,7 +133,8 @@
|
|||||||
}
|
}
|
||||||
]
|
]
|
||||||
++ commonModules
|
++ commonModules
|
||||||
++ serverModules;
|
++ serverModules
|
||||||
|
++ builder;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
networking = {
|
networking = {
|
||||||
hostName = "Marisa";
|
hostName = "Marisa";
|
||||||
firewall = {
|
firewall = {
|
||||||
allowedTCPPorts = [ 22 80 6060 5001 8800 7777 4444 4646 8500 8888 22001 ];
|
allowedTCPPorts = [ 22 80 6060 5001 8800 5555 4444 4646 8500 22001 ];
|
||||||
allowedUDPPorts = [ 17840 ];
|
allowedUDPPorts = [ 17840 ];
|
||||||
};
|
};
|
||||||
wireless = {
|
wireless = {
|
||||||
|
|||||||
@@ -2,6 +2,7 @@
|
|||||||
{
|
{
|
||||||
|
|
||||||
# Add secrets to nomad, consul and vault
|
# Add secrets to nomad, consul and vault
|
||||||
|
systemd.enableUnifiedCgroupHierarchy = false;
|
||||||
systemd.tmpfiles.rules = lib.singleton "d /run/vault - vault vault 1h";
|
systemd.tmpfiles.rules = lib.singleton "d /run/vault - vault vault 1h";
|
||||||
systemd.services.vault.preStart =
|
systemd.services.vault.preStart =
|
||||||
let
|
let
|
||||||
@@ -11,7 +12,7 @@
|
|||||||
path = "vault";
|
path = "vault";
|
||||||
token = "+++vault_consul_token+++";
|
token = "+++vault_consul_token+++";
|
||||||
};
|
};
|
||||||
api_addr = "https://127.0.0.1:8800";
|
api_addr = "https://10.55.0.2:8800";
|
||||||
ui = true;
|
ui = true;
|
||||||
});
|
});
|
||||||
in
|
in
|
||||||
@@ -216,6 +217,7 @@
|
|||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPX1HDzWpoaOcU8GDEGuDzXgxkCpyeqxRR6gLs/8JgHw"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPX1HDzWpoaOcU8GDEGuDzXgxkCpyeqxRR6gLs/8JgHw"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSQnDNrNP69tIK7U2D7qaMjycfIjpgx0at4U2D5Ufib"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSQnDNrNP69tIK7U2D7qaMjycfIjpgx0at4U2D5Ufib"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5V/hdkTTQSkDLXaEwY8xb/T8+sWtw5c6UjYOPaTrO8"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5V/hdkTTQSkDLXaEwY8xb/T8+sWtw5c6UjYOPaTrO8"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFyKi0HYfkgvEDvjzmDRGwAq2z2KOkfv7scTVSnonBh"
|
||||||
];
|
];
|
||||||
security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ];
|
security.pki.certificateFiles = [ ../../cert.pem ../../consul-agent-ca.pem ];
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user