Compare commits

..

9 Commits

Author SHA1 Message Date
6a6929fa39
weasel: use tent cache 2025-10-02 17:54:49 +02:00
cdebb58971
Add nixfmt-rfc-style to common packages 2025-10-02 17:54:49 +02:00
8ee391ed42
Add packages to user abonerib 2025-10-02 17:54:48 +02:00
13330eb537
Add nix-output-monitor to default packages 2025-10-02 17:54:48 +02:00
ea4cc89d17
Set fish shell for user abonerib 2025-10-02 17:54:48 +02:00
366615774f
weasel: create user folders in /var/lib/podman-users
/home is a nfs mount, which does not support extra filesystem arguments
needed to run podman. We need to have a local home.
2025-10-02 17:54:48 +02:00
23ec609737
weasel: add podman 2025-10-02 17:54:48 +02:00
00456a86b7
Enable custom sys-devices system feature 2025-10-02 17:54:48 +02:00
e42058f08b Allow access to hut from fox
Reviewed-by: Rodrigo Arias Mallo <rodrigo.arias@bsc.es>
2025-10-02 17:03:21 +02:00
4 changed files with 13 additions and 12 deletions

View File

@ -11,7 +11,7 @@
./base/hw.nix ./base/hw.nix
./base/net.nix ./base/net.nix
./base/nix.nix ./base/nix.nix
./base/nosv.nix ./base/sys-devices.nix
./base/ntp.nix ./base/ntp.nix
./base/rev.nix ./base/rev.nix
./base/ssh.nix ./base/ssh.nix

View File

@ -1,9 +0,0 @@
{ ... }:
{
nix.settings.system-features = [ "nosv" ];
programs.nix-required-mounts.enable = true;
programs.nix-required-mounts.allowedPatterns.nosv.paths = [
"/sys/devices/system/cpu"
"/sys/devices/system/node"
];
}

View File

@ -0,0 +1,9 @@
{
nix.settings.system-features = [ "sys-devices" ];
programs.nix-required-mounts.enable = true;
programs.nix-required-mounts.allowedPatterns.sys-devices.paths = [
"/sys/devices/system/cpu"
"/sys/devices/system/node"
];
}

View File

@ -23,11 +23,11 @@
peers = [ peers = [
# List of allowed peers. # List of allowed peers.
{ {
name = "apex"; name = "apex";
publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA="; publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
allowedIPs = [ "10.106.0.30/32" ]; allowedIPs = [ "10.106.0.30/32" "10.0.40.7/32" ];
} }
{ {
name = "raccoon"; name = "raccoon";
@ -40,6 +40,7 @@
networking.hosts = { networking.hosts = {
"10.106.0.30" = [ "apex" ]; "10.106.0.30" = [ "apex" ];
"10.0.40.7" = [ "hut" ];
"10.106.0.236" = [ "raccoon" ]; "10.106.0.236" = [ "raccoon" ];
"10.0.44.4" = [ "tent" ]; "10.0.44.4" = [ "tent" ];
}; };