bind: microvmify
This commit is contained in:
parent
f45e3371a4
commit
1f6f4950e4
|
@ -598,7 +598,7 @@
|
||||||
bind = nixosSystem' {
|
bind = nixosSystem' {
|
||||||
modules = [
|
modules = [
|
||||||
{ nixpkgs.overlays = with secrets.overlays; [ bind ]; }
|
{ nixpkgs.overlays = with secrets.overlays; [ bind ]; }
|
||||||
./config/lxc-container.nix
|
self.nixosModules.microvm
|
||||||
./hosts/containers/bind
|
./hosts/containers/bind
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
|
@ -9,15 +9,13 @@ in
|
||||||
c3d2 = {
|
c3d2 = {
|
||||||
isInHq = false;
|
isInHq = false;
|
||||||
hq.statistics.enable = true;
|
hq.statistics.enable = true;
|
||||||
|
deployment = {
|
||||||
|
server = "server10";
|
||||||
|
mounts = [ "etc" "home" "var"];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.hostName = "bind";
|
networking.hostName = "bind";
|
||||||
networking.useNetworkd = true;
|
|
||||||
networking.interfaces.eth0.ipv4.addresses = [{
|
|
||||||
address = config.c3d2.hosts."${config.networking.hostName}".ip4;
|
|
||||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
|
||||||
}];
|
|
||||||
networking.defaultGateway = "172.20.73.1";
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
# DNS
|
# DNS
|
||||||
|
@ -82,7 +80,7 @@ in
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
before = [ "bind.service" ];
|
before = [ "bind.service" ];
|
||||||
after = [ "network-online.target" ];
|
after = [ "network-online.target" ];
|
||||||
path = with pkgs; [ git nix curl ];
|
path = with pkgs; [ git nix curl openssh ];
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p .ssh
|
mkdir -p .ssh
|
||||||
cp ${builtins.toFile "id_ed25519" sshPrivkey} .ssh/id_ed25519
|
cp ${builtins.toFile "id_ed25519" sshPrivkey} .ssh/id_ed25519
|
||||||
|
|
Loading…
Reference in New Issue
Block a user