simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

Apply fixes for breaking module changes in 21.11

Browse source
This commit is contained in:
Simon Bruder 2021-12-01 17:56:53 +01:00
parent cc8727fa80
commit 2c160661ec
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
5 changed files with 25 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
machines/fuuko/services/scan.nix
View file

@ -3,11 +3,13 @@
users.users.scan = { users.users.scan = {
home = "/var/lib/scans"; home = "/var/lib/scans";
isSystemUser = true; isSystemUser = true;
group = "scan";
# this is a low-risk account and since the only thing the account can do is # this is a low-risk account and since the only thing the account can do is
# login to the ftp server from my home network, you can also sniff the # login to the ftp server from my home network, you can also sniff the
# password since the connection is unencrypted # password since the connection is unencrypted
password = "meeB3laodoo8na3z"; password = "meeB3laodoo8na3z";
}; };
users.groups.scan = { };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /var/lib/scans 0755 scan root 7d" "d /var/lib/scans 0755 scan root 7d"

19
machines/fuuko/services/wordclock-dimmer.nix
View file

@ -1,18 +1,25 @@
{ config, ... }: { config, ... }:
let
password = "ymfQkXcEqGuk62S";
in
{ {
services.mosquitto = { services.mosquitto = {
enable = true; enable = true;
host = "0.0.0.0"; listeners = [
{
users = { users = {
wordclock = { wordclock = {
acl = [ acl = [
"topic readwrite wordclock/color/+" "readwrite wordclock/color/+"
]; ];
password = "ymfQkXcEqGuk62S"; inherit password;
}; };
}; };
checkPasswords = true; settings = {
allow_anonymous = false;
};
}
];
}; };
networking.firewall.allowedTCPPorts = [ 1883 ]; networking.firewall.allowedTCPPorts = [ 1883 ];
@ -21,7 +28,7 @@
enable = true; enable = true;
mqtt = { mqtt = {
user = "wordclock"; user = "wordclock";
password = config.services.mosquitto.users.wordclock.password; inherit password;
host = "localhost"; host = "localhost";
}; };
}; };

2
machines/mayushii/configuration.nix
View file

@ -22,7 +22,7 @@
virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = true; enable = true;
qemuPackage = pkgs.qemu_kvm; qemu.package = pkgs.qemu_kvm;
}; };
services.samba = { services.samba = {

2
machines/sayuri/configuration.nix
View file

@ -27,7 +27,7 @@
virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = true; enable = true;
qemuPackage = pkgs.qemu_kvm; qemu.package = pkgs.qemu_kvm;
}; };
services.tor = { services.tor = {

4
modules/restic/system.nix
View file

@ -77,7 +77,7 @@ in
inherit repository; inherit repository;
inherit (cfg) timerConfig; inherit (cfg) timerConfig;
passwordFile = config.sops.secrets.restic-password.path; passwordFile = config.sops.secrets.restic-password.path;
s3CredentialsFile = config.sops.secrets.restic-s3.path; environmentFile = config.sops.secrets.restic-s3.path;
paths = [ paths = [
"/etc" "/etc"
"/home" "/home"
@ -102,7 +102,7 @@ in
services.restic.backups.system-prune = lib.mkIf cfg.prune { services.restic.backups.system-prune = lib.mkIf cfg.prune {
inherit repository; inherit repository;
passwordFile = config.sops.secrets.restic-password.path; passwordFile = config.sops.secrets.restic-password.path;
s3CredentialsFile = config.sops.secrets.restic-s3.path; environmentFile = config.sops.secrets.restic-s3.path;
timerConfig = { timerConfig = {
OnCalendar = "*-1/2-07 03:00:00"; OnCalendar = "*-1/2-07 03:00:00";
RandomizedDelaySec = "4h"; RandomizedDelaySec = "4h";