diff --git a/fleet.nix b/fleet.nix index 722c150..975cfd4 100644 --- a/fleet.nix +++ b/fleet.nix @@ -1,26 +1,30 @@ -{ lib, pkgs, ... }: -let - create_users = host: - { - users.users."${host.username}" = { - createHome = false; - home = "/home/chroot/" + host.username; - isNormalUser = false; - isSystemUser = true; - group = "sftp_users"; - openssh.authorizedKeys.keys = [ host.key ]; - shell = null; - }; +{ + lib, + pkgs, + ... +}: let + create_users = host: { + users.users."${host.username}" = { + createHome = false; + home = "/home/chroot/" + host.username; + isNormalUser = false; + isSystemUser = true; + group = "sftp_users"; + openssh.authorizedKeys.keys = [host.key]; + shell = null; + }; }; users = [ - { username = "router"; key = "ssh-ed25519 AAAAC3NzaC2aZGI1OTE5AAAAOIOZKLFCZLM67viQXHYRjraE6WLfvETMkjjgSz0mxMzS root@router"; } + { + username = "router"; + key = "ssh-ed25519 AAAAC3NzaC2aZGI1OTE5AAAAOIOZKLFCZLM67viQXHYRjraE6WLfvETMkjjgSz0mxMzS root@router"; + } ]; -in -{ +in { imports = builtins.map create_users users; - users.groups = { sftp_users = {}; }; + users.groups = {sftp_users = {};}; services.openssh.extraConfig = '' Match Group sftp_users @@ -29,5 +33,4 @@ in ChrootDirectory %h ForceCommand internal-sftp ''; - } diff --git a/utils/bento.nix b/utils/bento.nix index 25a752f..10ca0f1 100644 --- a/utils/bento.nix +++ b/utils/bento.nix @@ -1,20 +1,23 @@ -{ lib, pkgs, ... }: -let - timer = "*:0/5"; -in { + lib, + pkgs, + ... +}: let + timer = "*:0/15"; +in { systemd.timers.bento-upgrade = { enable = true; timerConfig = { OnCalendar = "${timer}"; Unit = "bento-upgrade.service"; }; - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; + after = ["network-online.target"]; }; systemd.services.bento-upgrade = { enable = true; - path = with pkgs; [ openssh git nixos-rebuild nix gzip ]; + path = with pkgs; [openssh git nixos-rebuild nix gzip]; serviceConfig.Type = "oneshot"; script = '' cd /var/bento