69 lines
1.8 KiB
Nix
69 lines
1.8 KiB
Nix
{lib, config, pkgs, ... }:
|
|
|
|
{
|
|
systemd.services.nbfc = {
|
|
description = "Notebook Fancontrol";
|
|
wantedBy = lib.mkForce [];
|
|
serviceConfig = {
|
|
Type = "forking";
|
|
Restart = "on-failure";
|
|
ExecStart = "${pkgs.mono}/bin/mono-service -l:/run/nbfc.pid -m:NbfcService /opt/nbfc/NbfcService.exe";
|
|
ExecStop = "kill -SIGTERM $(cat /run/nbfc.pid)";
|
|
PIDFile = "/run/nbfc.pid";
|
|
};
|
|
};
|
|
services = {
|
|
tor.enable = true;
|
|
logmein-hamachi.enable = true;
|
|
mysql = {
|
|
enable = true;
|
|
package = pkgs.mysql;
|
|
dataDir = "/var/db";
|
|
};
|
|
openssh = {
|
|
enable = true;
|
|
permitRootLogin = "yes";
|
|
};
|
|
vault-agent = {
|
|
enable = true;
|
|
settings = {
|
|
vault = {
|
|
address = "https://10.55.0.2:8800";
|
|
client_cert = "/var/vault/cert.pem";
|
|
client_key = "/var/vault/key.pem";
|
|
};
|
|
auto_auth = {
|
|
method = [
|
|
{
|
|
"cert" = {
|
|
name = "Satori";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
template = [
|
|
{
|
|
source = pkgs.writeText "wg.tpl" ''
|
|
{{ with secret "kv/systems/Satori/wg" }}{{ .Data.data.private }}{{ end }}
|
|
'';
|
|
destination = "/var/secrets/wg.key";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
btrfs.autoScrub.enable = true;
|
|
udev.extraRules = ''
|
|
ACTION=="add|change", KERNEL=="sda", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
|
|
'';
|
|
};
|
|
systemd.services = {
|
|
tor.wantedBy = lib.mkForce [];
|
|
logmein-hamachi.wantedBy = lib.mkForce [];
|
|
openssh.wantedBy = lib.mkForce [];
|
|
mysql.wantedBy = lib.mkForce [];
|
|
#printing.wantedBy = lib.mkForce [];
|
|
#vault.wantedBy = lib.mkForce [];
|
|
};
|
|
security.pki.certificateFiles = [ ../../../cert.pem ];
|
|
}
|