vinzenz/nixos-configuration
0
1
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: vinzenz:b143437c8942430494bfad2fafc29c4118de0426
Branches Tags
vinzenz:main
vinzenz:vpn1-wg
...
compare: vinzenz:c9f4e9ac56d493fe3a8a700bc958c6e5f3d2f800
Branches Tags
vinzenz:main
vinzenz:vpn1-wg

3 commits
b143437c89 ... c9f4e9ac56

Author SHA1 Message Date
Vinzenz Schroeter c9f4e9ac56 add forgejo-runner on forgejo vm 2025-02-01 16:06:36 +01:00
Vinzenz Schroeter 28f2315ede update flake 2025-02-01 16:02:33 +01:00
Vinzenz Schroeter 87b5b7ab00 policy.json in extra file, default to reject 2025-02-01 16:02:27 +01:00
4 changed files with 32 additions and 30 deletions
Show stats Expand all files Collapse all files

18
flake.lock
View file

@ -40,11 +40,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1735344290, "lastModified": 1736373539,
"narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "613691f285dad87694c2ba1c9e6298d04736292d", "rev": "bd65bc3cde04c16755955630b344bc9e35272c56",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -91,11 +91,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1735388221, "lastModified": 1738391520,
"narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", "narHash": "sha256-6HI58PKjddsC0RA0gBQlt6ox47oH//jLUHwx05RO8g0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "7c674c6734f61157e321db595dbfcd8523e04e19", "rev": "34b64e4e1ddb14e3ffc7db8d4a781396dbbab773",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -107,11 +107,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1735922141, "lastModified": 1738277201,
"narHash": "sha256-vk0xwGZSlvZ/596yxOtsk4gxsIx2VemzdjiU8zhjgWw=", "narHash": "sha256-6L+WXKCw5mqnUIExvqkD99pJQ41xgyCk6z/H9snClwk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d29ab98cd4a70a387b8ceea3e930b3340d41ac5a", "rev": "666e1b3f09c267afd66addebe80fb05a5ef2b554",
"type": "github" "type": "github"
}, },
"original": { "original": {

16
home/vinzenz/.config/containers/policy.json Normal file
View file

@ -0,0 +1,16 @@
{
"default": [
{
"type": "reject"
}
],
"transports": {
"docker-daemon": {
"": [
{
"type": "insecureAcceptAnything"
}
]
}
}
}

17
home/vinzenz/default.nix
View file

@ -48,22 +48,7 @@ inputs@{ pkgs, ... }:
home.file."policy.json" = { home.file."policy.json" = {
target = ".config/containers/policy.json"; target = ".config/containers/policy.json";
text = '' text = builtins.readFile ./.config/containers/policy.json;
{
"default": [
{
"type": "insecureAcceptAnything"
}
],
"transports":
{
"docker-daemon":
{
"": [{"type":"insecureAcceptAnything"}]
}
}
}
'';
}; };
}; };
} }

11
hosts/forgejo-runner-1/default.nix
View file

@ -11,8 +11,8 @@ nixpkgs.lib.nixosSystem {
} }
{ {
services.tailscale.useRoutingFeatures = "both"; services.tailscale.useRoutingFeatures = "both";
} system.autoUpgrade.allowReboot = true;
{
users.users = { users.users = {
root.openssh.authorizedKeys.keys = [ root.openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
@ -20,9 +20,10 @@ nixpkgs.lib.nixosSystem {
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
]; ];
}; };
}
{ environment.systemPackages = with nixpkgs; [
system.autoUpgrade.allowReboot = true; forgejo-runner
];
} }
]; ];
} }