forked from hswaw/hscloud
Merge "cluster/nix: update nodes"
commit
dc496d21a1
|
@ -1,8 +1,8 @@
|
||||||
let
|
let
|
||||||
pkgs = import (fetchGit {
|
pkgs = import (fetchGit {
|
||||||
name = "nixos-unstable-2020-02-12";
|
name = "nixos-unstable-2020-08-22";
|
||||||
url = https://github.com/nixos/nixpkgs-channels/;
|
url = https://github.com/nixos/nixpkgs-channels/;
|
||||||
rev = "a21c2fa3ea2b88e698db6fc151d9c7259ae14d96";
|
rev = "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38";
|
||||||
});
|
});
|
||||||
|
|
||||||
cfg = {
|
cfg = {
|
||||||
|
|
|
@ -42,6 +42,9 @@ rec {
|
||||||
# Otherwise fetchGit nixpkgs pin fails.
|
# Otherwise fetchGit nixpkgs pin fails.
|
||||||
systemd.services.nixos-upgrade.path = [ pkgs.git ];
|
systemd.services.nixos-upgrade.path = [ pkgs.git ];
|
||||||
|
|
||||||
|
# Use Chrony instead of systemd-timesyncd
|
||||||
|
services.chrony.enable = true;
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
# Enable the OpenSSH daemon.
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
|
|
@ -55,6 +55,7 @@ in rec {
|
||||||
127.0.0.1 ${k8sapi}
|
127.0.0.1 ${k8sapi}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
security.acme.certs = {
|
security.acme.certs = {
|
||||||
host = {
|
host = {
|
||||||
email = acmeEmail;
|
email = acmeEmail;
|
||||||
|
|
Loading…
Reference in New Issue