83 lines
1.5 KiB
Nix
83 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
let
|
|
reboot-if-necessary = pkgs.writeScriptBin "reboot-if-necessary" ''
|
|
#!${pkgs.stdenv.shell}
|
|
|
|
set -ne
|
|
|
|
if [ $# -ne 1 ]; then
|
|
echo "FAILED: no sync file provided."
|
|
exit 1
|
|
fi
|
|
|
|
WALL=${pkgs.utillinux}/bin/wall
|
|
|
|
if [ -f $1 ]; then
|
|
$WALL "$1 exists, rebooting system"
|
|
${pkgs.systemd}/bin/reboot
|
|
else
|
|
$WALL "$1 does not exist, aborting reboot."
|
|
fi
|
|
|
|
exit 0
|
|
'';
|
|
|
|
test-config = pkgs.writeScriptBin "fudo-test-config" ''
|
|
#!${pkgs.stdenv.shell}
|
|
|
|
set -ne
|
|
|
|
if [ $# -gt 1 ]; then
|
|
echo "usage: $0 [timeout]"
|
|
exit 1
|
|
elif [ $# -eq 1 ]; then
|
|
TIMEOUT=$1
|
|
else
|
|
TIMEOUT=15m
|
|
fi
|
|
|
|
SYNCFILE=$TMP/sync-$(date +"%Y%m%d-%H%M%N")
|
|
touch $SYNCFILE
|
|
${pkgs.utillinux}/bin/wall "Launching config. System will restart in $TIMEOUT if $SYNCFILE still exists."
|
|
systemd-run --on-active=$TIMEOUT ${reboot-if-necessary} $SYNCFILE
|
|
nixos-rebuild test
|
|
|
|
exit 0
|
|
'';
|
|
|
|
in {
|
|
config = mkIf (config.fudo.common.profile == "server") {
|
|
environment = {
|
|
systemPackages = with pkgs; [
|
|
ldns
|
|
ldns.examples
|
|
test-config
|
|
reboot-if-necessary
|
|
];
|
|
|
|
noXlibs = true;
|
|
};
|
|
|
|
security = {
|
|
hideProcessInformation = true;
|
|
};
|
|
|
|
networking = {
|
|
networkmanager.enable = mkForce false;
|
|
};
|
|
|
|
boot.tmpOnTmpfs = true;
|
|
|
|
services.xserver.enable = false;
|
|
|
|
programs = {
|
|
gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
};
|
|
};
|
|
};
|
|
}
|