added docker to defiant

2024-09-17 16:13:40 -05:00 · 2024-09-17 16:13:40 -05:00 · f68a46c46a
commit f68a46c46a
parent 5d2b7a2ce5
4 changed files with 41 additions and 11 deletions
--- a/enviroments/common/default.nix
+++ b/enviroments/common/default.nix
@ -5,6 +5,7 @@
  ];
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.settings.trusted-users = [ "leyla" ];
  # Enable networking
  networking.networkmanager.enable = true;
--- a/hosts/defiant/configuration.nix
+++ b/hosts/defiant/configuration.nix
@ -11,10 +11,6 @@
      ../../enviroments/server
    ];
  # home.sessionVariables = {
  #   SOPS_AGE_KEY_FILE = "${config.home.homeDirectory}/.config/sops-nix/key.txt";
  # };
  users.leyla.isThinUser = true;
  boot.loader.grub = {
@ -22,14 +18,11 @@
    zfsSupport = true;
    efiSupport = true;
    efiInstallAsRemovable = true;
    # devices = [ "/dev/disk/by-path/pci-0000:23:00.3-usb-0:1:1.0-scsi-0:0:0:0-part2" ];
    # mirroredBoots = [
    #   { devices = [ "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXVEB-part1" ]; path = "/boot1"; efiSysMountPoint = "/boot"; }
    #   { devices = [ "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXWSC-part1" ]; path = "/boot2"; efiSysMountPoint = "/boot2"; }
    #   { devices = [ "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTD10EH-part1" ]; path = "/boot3"; efiSysMountPoint = "/boot3"; }
    # ];
  };
  virtualisation.docker.enable = true;
  users.extraGroups.docker.members = [ "leyla" ];
  boot.supportedFilesystems = [ "zfs" ];
  boot.zfs.extraPools = [ "zroot" ];
@ -72,6 +65,41 @@
    };
  };
  fileSystems."/srv/nfs4/docker" = {
    device = "/home/docker";
    options = [ "bind" ];
  };
  fileSystems."/srv/nfs4/users" = {
    device = "/home/users";
    options = [ "bind" ];
  };
  fileSystems."/srv/nfs4/leyla" = {
    device = "/home/leyla";
    options = [ "bind" ];
  };
  fileSystems."/srv/nfs4/eve" = {
    device = "/home/eve";
    options = [ "bind" ];
  };
  services.nfs.server.enable = true;
  services.nfs.server.exports = ''
    /srv/nfs4/docker 192.168.1.0/24(rw,sync,crossmnt,no_subtree_check)
    /srv/nfs4/leyla 192.168.1.0/22(rw,sync,no_subtree_check,nohide)
    /srv/nfs4/eve   192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
    /srv/nfs4/share 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
    # /export         192.168.1.10(rw,fsid=0,no_subtree_check) 192.168.1.15(rw,fsid=0,no_subtree_check)
    # /export/kotomi  192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
    # /export/mafuyu  192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
    # /export/sen     192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
    # /export/tomoyo  192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
  '';
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
--- a/hosts/horizon/configuration.nix
+++ b/hosts/horizon/configuration.nix
@ -23,6 +23,7 @@
      setSocketVariable = true;
    };
  };
  users.extraGroups.docker.members = [ "leyla" ];
  # Enable touchpad support (enabled default in most desktopManager).
  # services.xserver.libinput.enable = true;
--- a/users/leyla/default.nix
+++ b/users/leyla/default.nix
@ -37,7 +37,7 @@ in
        if (cfg.isFullUser || cfg.isThinUser) then {
          isNormalUser = true;
          extraGroups = lib.mkMerge [
-            ["networkmanager" "wheel" "docker" "users"]
+            ["networkmanager" "wheel" "users"]
            (
              lib.mkIf (!cfg.isThinUser) [ "adbusers" ]
            )