sanin.dev
oppi.li
+1
-1
flake.nix
+1
-1
flake.nix
···
252
252
rootDir=$(jj --ignore-working-copy root || git rev-parse --show-toplevel) || (echo "error: can't find repo root?"; exit 1)
253
253
cd "$rootDir"
254
254
255
-
rm api/tangled/*
255
+
rm -f api/tangled/*
256
256
lexgen --build-file lexicon-build-config.json lexicons
257
257
sed -i.bak 's/\tutil/\/\/\tutil/' api/tangled/*
258
258
${pkgs.gotools}/bin/goimports -w api/tangled/*
+7
nix/modules/knot.nix
+7
nix/modules/knot.nix
···
93
93
description = "Internal address for inter-service communication";
94
94
};
95
95
96
+
owner = mkOption {
97
+
type = types.str;
98
+
example = "did:plc:qfpnj4og54vl56wngdriaxug";
99
+
description = "DID of owner (required)";
100
+
};
101
+
96
102
secretFile = mkOption {
97
103
type = lib.types.path;
98
104
example = "KNOT_SERVER_SECRET=<hash>";
···
199
205
"KNOT_SERVER_LISTEN_ADDR=${cfg.server.listenAddr}"
200
206
"KNOT_SERVER_DB_PATH=${cfg.server.dbPath}"
201
207
"KNOT_SERVER_HOSTNAME=${cfg.server.hostname}"
208
+
"KNOT_SERVER_OWNER=${cfg.server.owner}"
202
209
];
203
210
EnvironmentFile = cfg.server.secretFile;
204
211
ExecStart = "${cfg.package}/bin/knot server";
+2
-1
nix/vm.nix
+2
-1
nix/vm.nix
···
70
70
};
71
71
# This is fine because any and all ports that are forwarded to host are explicitly marked above, we don't need a separate guest firewall
72
72
networking.firewall.enable = false;
73
+
time.timeZone = "Europe/London";
73
74
services.getty.autologinUser = "root";
74
75
environment.systemPackages = with pkgs; [curl vim git sqlite litecli];
75
76
services.tangled-knot = {
76
77
enable = true;
77
78
motd = "Welcome to the development knot!\n";
78
79
server = {
79
-
secretFile = builtins.toFile "knot-secret" ("KNOT_SERVER_SECRET=" + (envVar "TANGLED_VM_KNOT_SECRET"));
80
+
owner = envVar "TANGLED_VM_KNOT_OWNER";
80
81
hostname = "localhost:6000";
81
82
listenAddr = "0.0.0.0:6000";
82
83
};