summary refs log tree commit diff stats
diff options
context:
space:
mode:
-rw-r--r--notes/taskserver.md7
-rw-r--r--system/impermanence/default.nix1
-rw-r--r--system/impermanence/mods/taskserver.nix5
-rw-r--r--system/services/default.nix1
-rw-r--r--system/services/taskserver/default.nix28
5 files changed, 42 insertions, 0 deletions
diff --git a/notes/taskserver.md b/notes/taskserver.md
new file mode 100644
index 0000000..36aeff0
--- /dev/null
+++ b/notes/taskserver.md
@@ -0,0 +1,7 @@
+# User export
+Use
+```bash
+nixos-taskserver user export my-company alice
+# or via ssh
+ssh $server nixos-taskserver user export my-company alice #| sh
+```
diff --git a/system/impermanence/default.nix b/system/impermanence/default.nix
index b60eb4c..6e977b5 100644
--- a/system/impermanence/default.nix
+++ b/system/impermanence/default.nix
@@ -8,6 +8,7 @@
     ./mods/nix-sync.nix
     ./mods/openssh.nix
     ./mods/postgresql.nix
+    ./mods/taskserver.nix
     ./mods/users.nix
   ];
 
diff --git a/system/impermanence/mods/taskserver.nix b/system/impermanence/mods/taskserver.nix
new file mode 100644
index 0000000..9208aa4
--- /dev/null
+++ b/system/impermanence/mods/taskserver.nix
@@ -0,0 +1,5 @@
+{...}: {
+  environment.persistence."/srv".directories = [
+    "/var/lib/taskserver"
+  ];
+}
diff --git a/system/services/default.nix b/system/services/default.nix
index 9163588..3349b38 100644
--- a/system/services/default.nix
+++ b/system/services/default.nix
@@ -13,5 +13,6 @@
     ./openssh
     ./rust-motd
     ./snapper
+    ./taskserver
   ];
 }
diff --git a/system/services/taskserver/default.nix b/system/services/taskserver/default.nix
new file mode 100644
index 0000000..56255cd
--- /dev/null
+++ b/system/services/taskserver/default.nix
@@ -0,0 +1,28 @@
+{...}: {
+  services.taskserver = {
+    enable = true;
+    pki.auto = {
+      expiration = {
+        server = 365;
+        crl = 365;
+        client = 365;
+        ca = 365;
+      };
+      bits = 4096;
+    };
+    organisations = {
+      vhack = {
+        users = [
+          "soispha"
+        ];
+      };
+      soispha = {
+        users = [
+          "soispha"
+        ];
+      };
+    };
+    openFirewall = true;
+    fqdn = "taskserver.vhack.eu";
+  };
+}