nixos-config/fudo/profiles/server.nix

{ config, lib, pkgs, ... }:

with lib;
let
  reboot-if-necessary = pkgs.writeShellScriptBin "reboot-if-necessary" ''
    if [ $# -ne 1 ]; then
      echo "FAILED: no sync file provided."
      exit 1
    fi

    WALL=${pkgs.utillinux}/bin/wall

    if [ -f $1 ]; then
      $WALL "$1 exists, rebooting system"
      ${pkgs.systemd}/bin/reboot
    else
      $WALL "$1 does not exist, aborting reboot."
    fi

    exit 0
  '';

  test-config = pkgs.writeShellScriptBin "fudo-test-config" ''
    if [ $# -gt 1 ]; then
      echo "usage: $0 [timeout]"
      exit 1
    elif [ $# -eq 1 ]; then
      TIMEOUT=$1
    else
      TIMEOUT=15m
    fi

    SYNCFILE=$TMP/sync-$(date +"%Y%m%d-%H%M%N")
    touch $SYNCFILE
    ${pkgs.utillinux}/bin/wall "Launching config. System will restart in $TIMEOUT if $SYNCFILE still exists."
    systemd-run --on-active=$TIMEOUT ${reboot-if-necessary} $SYNCFILE
    nixos-rebuild test

    exit 0
  '';

in {
  config = mkIf (config.fudo.common.profile == "server") {
    environment = {
      systemPackages = with pkgs; [
        emacs-nox
        ldns
        ldns.examples
        jdk12_headless
        racket-minimal
        reboot-if-necessary
        test-config
      ];

      noXlibs = true;
    };

    security = {
      hideProcessInformation = true;
    };

    networking = {
      networkmanager.enable = mkForce false;
    };

    boot.tmpOnTmpfs = true;

    services.xserver.enable = false;

    programs = {
      gnupg.agent = {
        enable = true;
        enableSSHSupport = true;
      };
    };
  };
}
In a pretty good working state 2020-02-03 17:07:46 -08:00			`{ config, lib, pkgs, ... }:`

			`with lib;`
			`let`
Switch to doom emacs 2020-12-02 08:44:56 -08:00			`reboot-if-necessary = pkgs.writeShellScriptBin "reboot-if-necessary" ''`
In a pretty good working state 2020-02-03 17:07:46 -08:00			`if [ $# -ne 1 ]; then`
			`echo "FAILED: no sync file provided."`
			`exit 1`
			`fi`

			`WALL=${pkgs.utillinux}/bin/wall`

			`if [ -f $1 ]; then`
			`$WALL "$1 exists, rebooting system"`
			`${pkgs.systemd}/bin/reboot`
			`else`
			`$WALL "$1 does not exist, aborting reboot."`
			`fi`

			`exit 0`
			`'';`

Switch to doom emacs 2020-12-02 08:44:56 -08:00			`test-config = pkgs.writeShellScriptBin "fudo-test-config" ''`
In a pretty good working state 2020-02-03 17:07:46 -08:00			`if [ $# -gt 1 ]; then`
			`echo "usage: $0 [timeout]"`
			`exit 1`
			`elif [ $# -eq 1 ]; then`
			`TIMEOUT=$1`
			`else`
			`TIMEOUT=15m`
			`fi`

			`SYNCFILE=$TMP/sync-$(date +"%Y%m%d-%H%M%N")`
			`touch $SYNCFILE`
			`${pkgs.utillinux}/bin/wall "Launching config. System will restart in $TIMEOUT if $SYNCFILE still exists."`
			`systemd-run --on-active=$TIMEOUT ${reboot-if-necessary} $SYNCFILE`
			`nixos-rebuild test`

			`exit 0`
			`'';`

			`in {`
			`config = mkIf (config.fudo.common.profile == "server") {`
			`environment = {`
			`systemPackages = with pkgs; [`
Changes for rus.selby.ca 2020-10-24 09:14:46 -07:00			`emacs-nox`
Informis Checkin 2020-06-25 20:38:50 -07:00			`ldns`
			`ldns.examples`
Use the right pinentry depending whether gui is enabled 2020-12-07 14:30:06 -08:00			`jdk12_headless`
various changes to procul 2020-07-23 22:38:48 -07:00			`racket-minimal`
In a pretty good working state 2020-02-03 17:07:46 -08:00			`reboot-if-necessary`
various changes to procul 2020-07-23 22:38:48 -07:00			`test-config`
In a pretty good working state 2020-02-03 17:07:46 -08:00			`];`

			`noXlibs = true;`
			`};`

			`security = {`
			`hideProcessInformation = true;`
			`};`

			`networking = {`
			`networkmanager.enable = mkForce false;`
Changes for rus.selby.ca 2020-10-24 09:14:46 -07:00			`};`

In a pretty good working state 2020-02-03 17:07:46 -08:00			`boot.tmpOnTmpfs = true;`

			`services.xserver.enable = false;`

			`programs = {`
			`gnupg.agent = {`
			`enable = true;`
			`enableSSHSupport = true;`
			`};`
			`};`
			`};`
			`}`