diff options
Diffstat (limited to 'hosts/atlas')
| -rw-r--r-- | hosts/atlas/cachix.nix | 18 | ||||
| -rw-r--r-- | hosts/atlas/default.nix | 24 |
2 files changed, 8 insertions, 34 deletions
diff --git a/hosts/atlas/cachix.nix b/hosts/atlas/cachix.nix deleted file mode 100644 index 1dc1830..0000000 --- a/hosts/atlas/cachix.nix +++ /dev/null @@ -1,18 +0,0 @@ -{pkgs, ...}: let - uploadToCachix = pkgs.writeScriptBin "upload-to-cachix" '' - #!/bin/sh - set -euf - - OUT_END=$(echo ''${OUT_PATHS: -10}) - if [ "$OUT_END" == "-spec.json" ]; then - exit 0 - fi - - export HOME=/root - exec ${pkgs.cachix}/bin/cachix -c /etc/cachix/cachix.dhall push getchoo $OUT_PATHS > /tmp/hydra_cachix 2>&1 - ''; -in { - nix.extraOptions = '' - post-build-hook = ${uploadToCachix}/bin/upload-to-cachix - ''; -} diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix index 0146b72..af0243a 100644 --- a/hosts/atlas/default.nix +++ b/hosts/atlas/default.nix @@ -1,12 +1,10 @@ { config, pkgs, - self, ... }: { imports = [ ./hardware-configuration.nix - ./cachix.nix ./miniflux.nix ./nginx.nix ./prometheus.nix @@ -20,13 +18,6 @@ hermetic = false; }; - age.secrets.authGH = { - file = "${self}/secrets/hosts/${config.networking.hostName}/authGH.age"; - mode = "440"; - owner = config.users.users.root.name; - group = config.users.groups.wheel.name; - }; - boot = { binfmt.emulatedSystems = ["x86_64-linux" "i686-linux"]; cleanTmpDir = true; @@ -36,6 +27,11 @@ getchoo.server = { secrets.enable = true; + + services.hercules-ci = { + enable = true; + secrets.enable = true; + }; }; networking = { @@ -43,13 +39,7 @@ hostName = "atlas"; }; - nix = { - extraOptions = '' - !include ${config.age.secrets.authGH.path} - ''; - - settings.trusted-users = ["bob"]; - }; + nix.settings.trusted-users = ["bob"]; system.stateVersion = "22.11"; @@ -59,6 +49,7 @@ ]; in { root = {inherit openssh;}; + atlas = { extraGroups = ["wheel"]; isNormalUser = true; @@ -66,6 +57,7 @@ passwordFile = config.age.secrets.userPassword.path; inherit openssh; }; + bob = { isNormalUser = true; shell = pkgs.bash; |