natto1784/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Satori: misc changes

Browse Source
This commit is contained in:
Amneesh Singh
2021-07-04 21:33:07 +05:30
parent b1d7988152
commit e7da496981
13 changed files with 211 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
hosts/personal/satori/services.nix
View File

@@ -15,42 +15,10 @@
services = {
tor.enable = true;
logmein-hamachi.enable = true;
mysql = {
enable = true;
package = pkgs.mysql;
dataDir = "/var/db";
};
openssh = {
enable = true;
permitRootLogin = "yes";
};
vault-agent = {
enable = true;
settings = {
vault = {
address = "https://10.55.0.2:8800";
client_cert = "/var/vault/cert.pem";
client_key = "/var/vault/key.pem";
};
auto_auth = {
method = [
{
"cert" = {
name = "Satori";
};
}
];
};
template = [
{
source = pkgs.writeText "wg.tpl" ''
{{ with secret "kv/systems/Satori/wg" }}{{ .Data.data.private }}{{ end }}
'';
destination = "/var/secrets/wg.key";
}
];
};
};
btrfs.autoScrub.enable = true;
udev.extraRules = ''
ACTION=="add|change", KERNEL=="sda", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
@@ -60,9 +28,14 @@
tor.wantedBy = lib.mkForce [];
logmein-hamachi.wantedBy = lib.mkForce [];
openssh.wantedBy = lib.mkForce [];
mysql.wantedBy = lib.mkForce [];
#printing.wantedBy = lib.mkForce [];
#vault.wantedBy = lib.mkForce [];
};
security.pki.certificateFiles = [ ../../../cert.pem ];
/* virtualisation.libvirtd = {
enable = true;
onBoot = "ignore";
onShutdown = "shutdown";
qemuRunAsRoot = false;
};*/
}