Marisa: a.

Signed-off-by: natto1784 <natto@weirdnatto.in>

hosts/marisa/networking.nix

@@ -3,7 +3,7 @@
   networking = {
     hostName = "Marisa";
     firewall = {
-      allowedTCPPorts = [ 22 80 6060 5001 8800 5555 4444 4646 8500 22001 ];
+      allowedTCPPorts = [ 22 80 6060 5000 8800 6666 4444 4646 8500 222 5454 8080 ];
       allowedUDPPorts = [ 17840 ];
     };
     wireless = {

hosts/marisa/services.nix

@@ -2,7 +2,12 @@
 {
 
   # Add secrets to nomad, consul and vault
-  systemd.enableUnifiedCgroupHierarchy = false;
+  virtualisation.docker = {
+    enable = true;
+    daemon.settings = {
+      #     default-cgroupns-mode = "host";
+    };
+  };
   systemd.tmpfiles.rules = lib.singleton "d /run/vault - vault vault 1h";
   systemd.services.vault.preStart =
     let
@@ -84,6 +89,7 @@
               allow_privileged = true;
               volumes.enabled = true;
               pull_activity_timeout = "30m";
+              #             allow_caps = [ "audit_write" "chown" "dac_override" "fowner" "fsetid" "kill" "mknod" "net_bind_service" "setfcap" "setgid" "setpcap" "setuid" "sys_chroot" "sys_admin" "sys_time" ];
             };
           };
           plugin."raw_exec" = {
@@ -92,7 +98,6 @@
             };
           };
           client = {
-
             meta = {
               "connect.sidecar_image" = "envoyproxy/envoy:v1.20.1";
             };

modules/min-pkgs.nix

@@ -21,7 +21,10 @@
       histSize = 12000;
       enableCompletion = true;
       syntaxHighlighting.enable = true;
-      autosuggestions. enable = true;
+      autosuggestions = {
+        enable = true;
+        highlightStyle = "fg=yellow,bold";
+      };
       ohMyZsh.enable = true;
     };
     gnupg = {