diff options
| author | seth <[email protected]> | 2023-05-05 02:44:22 -0400 |
|---|---|---|
| committer | seth <[email protected]> | 2023-05-05 02:44:22 -0400 |
| commit | 3051d75c5ebe4284a6d50f1ea2b3a2f39e01a38d (patch) | |
| tree | 913db0783129b37a76a538cf9743afc2365dbee8 /hosts/p-body/default.nix | |
| parent | 4f1cc719a12ed27b23f2830489db3845c36c88ed (diff) | |
flake: restructure a lot
Diffstat (limited to 'hosts/p-body/default.nix')
| -rw-r--r-- | hosts/p-body/default.nix | 42 |
1 files changed, 8 insertions, 34 deletions
diff --git a/hosts/p-body/default.nix b/hosts/p-body/default.nix index 1cb6acb..56ba2a6 100644 --- a/hosts/p-body/default.nix +++ b/hosts/p-body/default.nix @@ -1,40 +1,23 @@ { config, guzzle_api, - hercules-ci-agent, modulesPath, pkgs, ... }: { imports = [ (modulesPath + "/virtualisation/digital-ocean-image.nix") - hercules-ci-agent.nixosModules.agent-service ]; - getchoo.server.enable = true; - - environment.systemPackages = [ - hercules-ci-agent.packages.x86_64-linux.hercules-ci-cli - ]; + _module.args.nixinate = { + host = "167.99.145.73"; + sshUser = "root"; + buildOn = "remote"; + substituteOnTarget = true; + hermetic = false; + }; networking.hostName = "p-body"; - nix.settings = { - trusted-substituters = [ - "https://getchoo.cachix.org" - "https://nix-community.cachix.org" - "https://hercules-ci.cachix.org" - "https://wurzelpfropf.cachix.org" - ]; - - trusted-public-keys = [ - "getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "hercules-ci.cachix.org-1:ZZeDl9Va+xe9j+KqdzoBZMFJHVQ42Uu/c/1/KMC5Lw0=" - "wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0=" - ]; - - trusted-users = ["p-body"]; - }; services = { #caddy = { @@ -108,15 +91,6 @@ # }; #}; - hercules-ci-agent = { - enable = true; - settings = { - binaryCachesPath = config.age.secrets.binaryCache.path; - clusterJoinTokenPath = config.age.secrets.clusterToken.path; - secretsJsonPath = config.age.secrets.secretsJson.path; - }; - }; - guzzle-api = { enable = true; url = "http://167.99.145.73"; @@ -143,7 +117,7 @@ extraGroups = ["wheel"]; isNormalUser = true; shell = pkgs.bash; - passwordFile = config.age.secrets.pbodyPassword.path; + passwordFile = config.age.secrets.userPassword.path; inherit openssh; }; }; |