Sort
This commit is contained in:
parent
f97b96387d
commit
c4241c25ab
|
@ -62,21 +62,10 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config.system.build = with pkgs; {
|
|
||||||
copyToServer = writeScript "copy-to-${server}" ''
|
|
||||||
#! ${runtimeShell} -e
|
|
||||||
|
|
||||||
nix copy --no-check-sigs --to ssh-ng://root@${serverFQDN} $@
|
|
||||||
'';
|
|
||||||
|
|
||||||
runOnServer = writeScript "run-on-${server}" ''
|
|
||||||
#! ${runtimeShell} -e
|
|
||||||
|
|
||||||
ssh root@${serverFQDN} -- $@
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
# autoupdates do not make sense inside MicroVMs with read-only /nix/store
|
||||||
|
c3d2.autoUpdate = false;
|
||||||
|
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
"preempt=none"
|
"preempt=none"
|
||||||
# No server/router runs any untrusted user code
|
# No server/router runs any untrusted user code
|
||||||
|
@ -123,6 +112,9 @@ in
|
||||||
useNetworkd = true;
|
useNetworkd = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# nix store is mounted read only
|
||||||
|
nix.gc.automatic = false;
|
||||||
|
|
||||||
systemd.network = lib.mkIf config.c3d2.deployment.autoNetSetup {
|
systemd.network = lib.mkIf config.c3d2.deployment.autoNetSetup {
|
||||||
links = builtins.foldl' (links: net: links // {
|
links = builtins.foldl' (links: net: links // {
|
||||||
"30-${net}" = {
|
"30-${net}" = {
|
||||||
|
@ -165,10 +157,18 @@ in
|
||||||
}) {} nets;
|
}) {} nets;
|
||||||
};
|
};
|
||||||
|
|
||||||
# autoupdates do not make sense inside MicroVMs with read-only /nix/store
|
system.build = with pkgs; {
|
||||||
c3d2.autoUpdate = false;
|
copyToServer = writeScript "copy-to-${server}" ''
|
||||||
|
#! ${runtimeShell} -e
|
||||||
|
|
||||||
# nix store is mounted read only
|
nix copy --no-check-sigs --to ssh-ng://root@${serverFQDN} $@
|
||||||
nix.gc.automatic = false;
|
'';
|
||||||
|
|
||||||
|
runOnServer = writeScript "run-on-${server}" ''
|
||||||
|
#! ${runtimeShell} -e
|
||||||
|
|
||||||
|
ssh root@${serverFQDN} -- $@
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user