harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: harald:95bc8f3c705e3c2b4d66bdbd42956bb1fa7a8296
Branches Tags
harald:main
harald:1
harald:b24.05
...
compare: harald:e12fc523d6d36133ab3397de0de2a669cbf8dec5
Branches Tags
harald:main
harald:1
harald:b24.05

3 commits
95bc8f3c70 ... e12fc523d6

Author SHA1 Message Date
Harald Hoyer
e12fc523d6 fix(attic): remove unused $PSQL alias in postStart script 
- Replace `$PSQL` with `psql` to use the correct PostgreSQL CLI directly.
- Ensures compatibility and prevents potential runtime issues in the systemd service.
 2026-03-25 10:19:44 +01:00
Harald Hoyer
2ca35ba38d feat(attic): switch to systemd-networkd for networking 
- Replace `dhcpcd` with `systemd-networkd` by setting `networking.useDHCP` to `false` and `networking.useNetworkd` to `true`.
- Add a static IPv6 configuration and routes for `enp1s0` in `30-wan`.
- Ensures a more streamlined and customizable network configuration.
 2026-03-25 10:19:38 +01:00
Harald Hoyer
179dd93a5b feat(attic): disable sudo password for wheel group 
- Set `security.sudo.wheelNeedsPassword` to `false` in `default.nix`.
- Simplifies sudo access for users in the wheel group and aligns with system usage patterns.
 2026-03-25 10:07:08 +01:00
2 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
systems/x86_64-linux/attic/atticd.nix
View file

@ -12,7 +12,7 @@
}; };
systemd.services.postgresql.postStart = lib.mkAfter '' systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL -tAc 'ALTER DATABASE "attic" OWNER TO "atticd"' psql -tAc 'ALTER DATABASE "attic" OWNER TO "atticd"'
''; '';
environment.systemPackages = with pkgs; [ attic-client ]; environment.systemPackages = with pkgs; [ attic-client ];

11
systems/x86_64-linux/attic/default.nix
View file

@ -29,11 +29,20 @@
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
security.sudo.wheelNeedsPassword = false;
security.tpm2.enable = false; security.tpm2.enable = false;
security.tpm2.abrmd.enable = false; security.tpm2.abrmd.enable = false;
networking.wireless.enable = false; networking.wireless.enable = false;
networking.dhcpcd.IPv6rs = true; networking.useDHCP = false;
networking.useNetworkd = true;
systemd.network.networks."30-wan" = {
matchConfig.Name = "enp1s0";
networkConfig.DHCP = "ipv4";
address = [ "2a01:4f9:c014:619::1/64" ];
routes = [{ Gateway = "fe80::1"; }];
};
networking.firewall.allowedTCPPorts = [ 8080 ]; networking.firewall.allowedTCPPorts = [ 8080 ];
networking.firewall.allowPing = true; networking.firewall.allowPing = true;