| Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This user is intended to be used for remote-builds
|
|
|
|
|
|
The unit had the potential to fail, if the build took longer than the
default timeout. This is obviously not ideal, so the timeout was
removed, as all nix builds should be safe enough not to devour
resources.
|
|
As the nix-sync service should _never_ commit new stuff, this rebase
should always be a fast-forward, i.e. it works without manual
intervention.
Without the rebase as argument, this services would break, when the
history gets rewritten, for example on a amended commit.
|
|
The timer before hand started `repo.interval` after it self was started,
i.e., it was a oneshot timer. This change now fixes this by make the
point the timer activates relative to the time elapsed, since the
associated unit was last started.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
age secret
|
|
|
|
users
|
|
|
|
|
|
|
|
|
|
This sets some formatting option based on the file. In comparison to
the vim lines, this should be supported by more editors.
|
|
|
|
|
|
|
|
The `/var/lib/sshd` directory is only mounted _after_ the stage 2 init,
thus also after the system activation. Agenix, which runs in the system
activation needs the hostkey however to decrypt the secrets needed for
some units (as of right now only keycloak).
Alas the only way I see to achieve that is to store the ssh hostkey
directly on /srv, which is mounted before (it's marked as 'neededForBoot'
after all) the stage 2 init.
It should be possible to achieve this with impermanence however,
as `/var/log` is mounted in the stage 1 init; The problem is that I
have no idea _why_ only this is the only directory mounted and nothing else.
|
|
|
|
|
|
|
|
|