zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Compare commits

base: zuckerberg:288a2841aae890916959c4c33766ef0e98ae165a
Branches Tags
zuckerberg:master zuckerberg:stage zuckerberg:pia-vpn-v2 zuckerberg:kexec_luks2
..
compare: zuckerberg:master
Branches Tags
zuckerberg:stage zuckerberg:pia-vpn-v2 zuckerberg:master zuckerberg:kexec_luks2

3 Commits
288a2841aa ... master

Author SHA1 Message Date
gitea-runner
412dd12b5a flake.lock: update inputs
Some checks failed
Check Flake / check-flake (push) Successful in 2m22s
Details
Auto Update Flake / auto-update (push) Failing after 2m40s
Details
2026-02-22 22:01:06 -08:00
Zuckerberg
684851d641 Prevent containers from running non-container services
All checks were successful
Check Flake / check-flake (push) Successful in 2m21s
Details
Auto Update Flake / auto-update (push) Successful in 3m29s
Details
2026-02-22 18:18:05 -08:00
Zuckerberg
4cf50b5fb1 Restart atticd whenever PostgreSQL restarts
All checks were successful
Check Flake / check-flake (push) Successful in 3m7s
Details
2026-02-22 17:53:46 -08:00
4 changed files with 7 additions and 6 deletions
Expand all files Collapse all files

2
common/default.nix
View File

@@ -102,5 +102,5 @@
security.acme.defaults.email = "zuckerberg@neet.dev"; security.acme.defaults.email = "zuckerberg@neet.dev";
# Enable Desktop Environment if this is a PC (machine role is "personal") # Enable Desktop Environment if this is a PC (machine role is "personal")
de.enable = lib.mkDefault (config.thisMachine.hasRole."personal"); de.enable = lib.mkDefault (config.thisMachine.hasRole."personal" && !config.boot.isContainer);
} }

2
common/nix-builder.nix
View File

@@ -12,7 +12,7 @@ let
in in
lib.mkMerge [ lib.mkMerge [
# configure builder # configure builder
(lib.mkIf thisMachineIsABuilder { (lib.mkIf (thisMachineIsABuilder && !config.boot.isContainer) {
users.users.${builderUserName} = { users.users.${builderUserName} = {
description = "Distributed Nix Build User"; description = "Distributed Nix Build User";
group = builderUserName; group = builderUserName;

3
common/server/atticd.nix
View File

@@ -1,7 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
{ {
config = lib.mkIf (config.thisMachine.hasRole."binary-cache") { config = lib.mkIf (config.thisMachine.hasRole."binary-cache" && !config.boot.isContainer) {
services.atticd = { services.atticd = {
enable = true; enable = true;
environmentFile = config.age.secrets.atticd-credentials.path; environmentFile = config.age.secrets.atticd-credentials.path;
@@ -49,6 +49,7 @@
systemd.services.atticd = { systemd.services.atticd = {
after = [ "postgresql.service" ]; after = [ "postgresql.service" ];
requires = [ "postgresql.service" ]; requires = [ "postgresql.service" ];
partOf = [ "postgresql.service" ];
serviceConfig = { serviceConfig = {
DynamicUser = lib.mkForce false; DynamicUser = lib.mkForce false;
User = "atticd"; User = "atticd";

6
flake.lock generated
View File

@@ -250,11 +250,11 @@
"spectrum": "spectrum" "spectrum": "spectrum"
}, },
"locked": { "locked": {
"lastModified": 1771712688, "lastModified": 1771802632,
"narHash": "sha256-Pf4CaRoOLQV02m2POPA+0EWvb3gVdpaiS0hNNVZhO3c=", "narHash": "sha256-UAH8YfrHRvXAMeFxUzJ4h4B1loz1K1wiNUNI8KiPqOg=",
"owner": "astro", "owner": "astro",
"repo": "microvm.nix", "repo": "microvm.nix",
"rev": "a3abc020a3d8e624e145f4144ed40702f788ea32", "rev": "b67e3d80df3ec35bdfd3a00ad64ee437ef4fcded",
"type": "github" "type": "github"
}, },
"original": { "original": {