pederbs/config
pederbs
/
config
2
1
Fork 0
Code Issues Pull Requests Releases Activity

tmate

This commit is contained in:
Peder Bergebakken Sundt 2023-03-03 21:57:37 +01:00
parent 824e57739e
commit f923e028af
5 changed files with 27 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -42,13 +42,19 @@
### How to deploy ### How to deploy
Build locally, deploy on local, with `nom`:
sudo true && sudo nixos-rebuild test --flake . --recreate-lock-file --no-write-lock-file |& nom
Via git, build on remote: Via git, build on remote:
ssh -t HOST sudo nixos-rebuild test --flake git+ssh://gitea@gitea.noximilien.pbsds.net/pbsds/nix-config.git --recreate-lock-file --no-write-lock-file
# or
ssh -t HOST sudo nixos-rebuild test --flake git+ssh://git@github.com/pbsds/nix-dotfiles.git --recreate-lock-file --no-write-lock-file ssh -t HOST sudo nixos-rebuild test --flake git+ssh://git@github.com/pbsds/nix-dotfiles.git --recreate-lock-file --no-write-lock-file
From local checkout to remote where you're not a trusted user, build on remote: From local checkout to remote where you're not a trusted user, build on remote:
tar cf - --directory="$(nix eval --raw .#inputs.self.outPath)" . | ssh bolle.pbsds.net -- bash -xc '"cd $(mktemp -d); pwd; tar xf - && nixos-rebuild test . \"\$@\""' -- --recreate-lock-file --no-write-lock-file tar cf - --directory="$(nix eval --raw .#inputs.self.outPath)" . | ssh -tt HOST -- bash -c '"set -x; cd $(mktemp -d); tar xf - && nixos-rebuild test --flake . \"\$@\""' -- --print-build-logs --recreate-lock-file --no-write-lock-file
.. wait doesn't that litter `/tmp` or `/run/user/.../tmp`? .. wait doesn't that litter `/tmp` or `/run/user/.../tmp`?

3
base.nix
View File

@ -29,7 +29,8 @@
#]; #];
/**/ /**/
# TODO: make /etc/nixos a symlink to the in-store flake? - bad idea, horrible error recovery # TODO: make /etc/nixos a symlink to the in-store flake? - bad idea, horrible error recovery
# TODO: make /etc/nixos a checkout of repo? # TODO: make /etc/nixos a checkout of repo?
# TODO: update only nixpkgs and unstable
system.autoUpgrade.flake = inputs.self.outPath; # a nix store path system.autoUpgrade.flake = inputs.self.outPath; # a nix store path
#system.autoUpgrade.flake = "github:pbsds/nix-config"; # TODO: use this instead? #system.autoUpgrade.flake = "github:pbsds/nix-config"; # TODO: use this instead?
system.autoUpgrade.flags = [ system.autoUpgrade.flags = [

2
hosts/noximilien/default.nix
View File

@ -14,7 +14,7 @@
../../hardware/opengl-intel.nix ../../hardware/opengl-intel.nix
../../profiles/tmate-server # opens port 442244 ../../profiles/tmate-server # opens port 42244
../../profiles/web ../../profiles/web
../../profiles/web/index ../../profiles/web/index

9
profiles/tmate-server/default.nix Normal file
View File

@ -0,0 +1,9 @@
{ config, ... }:
{
services.tmate-ssh-server = {
enable = true;
host = config.networking.fqdn;
port = 42244;
openFirewall = true;
};
}

8
users/pbsds/home/default.nix
View File

@ -288,6 +288,14 @@
]; ];
/**/ /**/
# generated with `tmate-client-config` on noximilien
home.file.".tmate.conf".text = ''
set -g tmate-server-host "noximilien.pbsds.net"
set -g tmate-server-port 42244
set -g tmate-server-ed25519-fingerprint "SHA256:/e9EGMfvC+8gbaNiCoFbl87Pps7e/V+2pOSjEpMDdfA"
set -g tmate-server-rsa-fingerprint "SHA256:UzoAW9TynFQZDINgDiS+G06SmYcIX/ObI1zL19PpKEE"
'';
programs.nix-index.enable = true; programs.nix-index.enable = true;
programs.tealdeer.enable = true; programs.tealdeer.enable = true;