| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The dedicated account for backup should be named 'backup', as it's more
generic.
While it's a system account, I still need to be able to log in the host
remotely with sftp, so we give it a UID (991).
The account needs to be able to sftp to tahoe in order to store the
backups from remote hosts. However we don't want this user to get a
shell and be able to browse the host, so we configure sshd to chroot the
user to where the backups are stored.
|
| |
|
|
|
|
| |
This is the user I'll be using to do my backups. This is a system user,
and there's only one public key added to it. This key is only used for
backups and will be managed in this repository.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When rebuilding the host (through `nixos-rebuild switch --flake`) I
don't want to rebuild also my home-manager configuration. I want these
to be two different steps.
I rebuild the home-manager configuration more frequently and it's a
waste of time and CPU to rebuild the world every time.
This is a pretty large refactoring:
- move checks back into the flake: if I modify a check, the
configuration for `pre-commits` is not regenerated, as the file with the
checks is not monitored with `direnv` (I could probably configure it for
it, but not now)
- remove `home.nix` from the host level configuration
- introduce a `mkHomeManagerConfiguration` function to manage the
different user@host
- fix a warning with the rust overlay
|
| |
|
|
|
|
|
|
|
|
|
| |
The pre-commit hook for new lines reported and correct a number of
issues, so let's commit them now and after that we ca enable the hook
for the repository.
Change-Id: I5bb882d3c2cca870ef94301303f029acfb308740
Reviewed-on: https://cl.fcuny.net/c/world/+/592
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
|
| |
|
|
| |
So we can unlock the disks remotely.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
All the modules that are needed for home-manager should be under
`home/`, and each host will have a `host.nix` where the modules are
enabled as needed. Later on we can create some profiles to make it
easier to consume the configuration.
I apply this only to tahoe for now, as the amount of packages needed for
my user are pretty limited.
|
| |
|
|
|
|
|
|
|
| |
We don't need the previous `hosts/common/system` configs anymore, as
everything has been moved out.
We keep some boot configuration for carmel in the host configuration for
now, but I need to check why I don't have similar settings for
tahoe (since I also need to unlock the host remotely).
|
| |
|
|
| |
Move the networking configuration for the hosts to its own file.
|
| |
|
|
| |
This reverts commit 814a495e9c74e3211c6b6640397111115832207b.
|
| |
|
|
| |
Apply the role to tahoe.
|
| |
|
|
| |
Profiles contain a collection of modules.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Ensure at least /data/media/music is created with the proper ownership.
|
| | |
|
| |
|
