Test
This commit is contained in:
parent
4e4744d9fc
commit
91bda7ab1c
5 changed files with 52 additions and 10 deletions
|
@ -50,6 +50,7 @@
|
|||
];
|
||||
autoStart = true;
|
||||
privateNetwork = false;
|
||||
restartIfChanged = true;
|
||||
specialArgs = { inherit pkgs-unstable hostname username desktop theme system repo unfree stateVersion; };
|
||||
config = { lib, config, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, ... }: {
|
||||
# Choose whether to pull from stable or unstable
|
||||
|
@ -60,6 +61,7 @@
|
|||
};
|
||||
imports = [
|
||||
../nixos/containers
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -11,14 +11,14 @@
|
|||
];
|
||||
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix
|
||||
# Set up the secrets file:
|
||||
sops.secrets."tailscale_key" = {
|
||||
owner = "root";
|
||||
sopsFile = ../../../secrets/containers/${hostname}.yaml;
|
||||
restartUnits = [
|
||||
"tailscaled.service"
|
||||
"tailscaled-autoconnect.service"
|
||||
];
|
||||
};
|
||||
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
||||
# sops.secrets."tailscale_key" = {
|
||||
# owner = "root";
|
||||
# sopsFile = ../../secrets/containers/${hostname}.yaml;
|
||||
# restartUnits = [
|
||||
# "tailscaled.service"
|
||||
# "tailscaled-autoconnect.service"
|
||||
# ];
|
||||
# };
|
||||
# services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
||||
networking.hostName = "${hostname}";
|
||||
}
|
||||
|
|
7
nixos/containers/mounts.nix
Normal file
7
nixos/containers/mounts.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
"/etc/ssh" = {
|
||||
hostPath = "/etc/ssh";
|
||||
mountPath = "/etc/ssh";
|
||||
isReadOnly = true;
|
||||
};
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
let
|
||||
libx = import ../../../lib { inherit lib self inputs outputs stateVersion hmStateVersion; };
|
||||
in {
|
||||
# Set up the bridge network:
|
||||
# Secrets
|
||||
containers = {
|
||||
rdesktop = libx.mkContainer { hostname = "rdesktop"; unfree = true; repo = "nixpkgs-unstable"; desktop = "xfce"; };
|
||||
};
|
||||
|
|
33
secrets/containers/rdesktop.yaml
Normal file
33
secrets/containers/rdesktop.yaml
Normal file
|
@ -0,0 +1,33 @@
|
|||
tailscale_keys:
|
||||
rdesktop: ENC[AES256_GCM,data:NF6ZzqsINETWp6cOO9ykVcHuEWsI85yOnAFdAnBdrLsb+4wQl4zkU+6rUmST2Mnt,iv:08Q/B4vjxk3ZyVR/+QWWquNwRX4laSXgNUUfy6ag9C0=,tag:yinP9KSf81amHWs/n/eAig==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-03-25T02:59:43Z"
|
||||
mac: ENC[AES256_GCM,data:2NroS77r0+0r25xYPpVtUKlEWCrsyPx6OvFMsQhMY3soqdmhA+VmP63FwzQKvU78rgsRdgupnKFBGo5QoRS/5gI26Vys08AfCULScBDCQN/DXJnKkK0dku0A1T1vUwkO52si/AeUZRH8tCslueLzu9YFgwbodBmvisanDBA4NT8=,iv:8XGSXryVanta6kPKbllu11KmI4kDV095+YnG7TCHg3I=,tag:lZcKrVTprtdtdAH3zDqXLA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-03-25T02:57:12Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAx+imH9kwOLOARAAl+SEO7uBSKVXN9iKrHYBBohaNB5M89cgj94W8DsPNWfs
|
||||
A7lqpkJJfQGmE4GnmAuMp38UHMOu906LSleAcecCxPUDOaKwz8Lbfs8awxk+jJ5H
|
||||
OuqFkWo1ErqDZxZYQmeM0KG2+oc45gXVbIg3/B/rS26TLpOUxOrzwKIXu+4dw2ME
|
||||
v90AXEW4uRrItdm7EOU/fyzuC4sm/gsEwRyW6NMHuWQxwpLi3d/KLEyxB00Akiwg
|
||||
ct8UfyenG7XUyKRpdyo0sFvB2xxYKsjvX0In75o81AA6A5mLoyabItJSzTcIK/rr
|
||||
IsBsp2YAd2bCEwMAU9QCexgSicvh2jpczvIryAYdMIp/vVOf6+X6/z4Iyju5mfSQ
|
||||
JsNhs7tLQOQ4bjyLYZqtx7YaZjHjXWpSwBW24IfQRQ1BUjrmzZjPXuftAr2mT5fd
|
||||
KJlWfnN0yKaRgh8vtqE1RmqX15eid/0h3VJ6gGl+1juLOv4/CLtAcNkhZS2hN1wP
|
||||
SBJqZMzNIVrkj/WSnXFXIJbkvfxbX12elyvvLSChBNjpE77JddQcFLareNDLr3k1
|
||||
W+t456Ql7AGlfz1lZE7s07Nuu1XofTR/VqcN/xsgCnXl+cDUUBHox7L0C4IRneF0
|
||||
vLC+neAjGecR3oAIZuyBfFcXPxaebXBblWCw4XafiU+ppziG8TSIBy9Q3pv6KjfS
|
||||
VgE7MciCKsl3JeKKTn7rugsMcBDY54l8AKgKElKU2cg6ExAey8hINCamUj5RoF82
|
||||
r9JE7H+RAWVU4wP+VqaF7JNMyPxbfHfjv2ybwR+Bm9IFqzD01Oxl
|
||||
=xeiz
|
||||
-----END PGP MESSAGE-----
|
||||
fp: D98BBC6C9A27324654C2D8C464F6C4EB46C4543A
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
Loading…
Reference in a new issue