refactor(oksys): move user groups to their relevant module
This commit is contained in:
parent
70fa4ddf16
commit
f87c73d3d2
3 changed files with 13 additions and 8 deletions
|
@ -17,8 +17,6 @@
|
||||||
"wheel"
|
"wheel"
|
||||||
"adm"
|
"adm"
|
||||||
"mlocate"
|
"mlocate"
|
||||||
"headscale"
|
|
||||||
"unbound"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
home-manager.users = {
|
home-manager.users = {
|
||||||
|
|
|
@ -1,15 +1,18 @@
|
||||||
{
|
{
|
||||||
headscale,
|
headscale,
|
||||||
pkgs,
|
pkgs,
|
||||||
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}: let
|
||||||
environment.systemPackages = [
|
headscale-flake = headscale.packages.${pkgs.system}.headscale;
|
||||||
headscale.packages.${pkgs.system}.headscale
|
user = config.services.device-vars.username;
|
||||||
];
|
in {
|
||||||
|
environment.systemPackages = [headscale-flake];
|
||||||
|
users.users.${user}.extraGroups = ["headscale"];
|
||||||
|
|
||||||
services.headscale = {
|
services.headscale = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = headscale.packages.${pkgs.system}.headscale;
|
package = headscale-flake;
|
||||||
|
|
||||||
address = "127.0.0.1";
|
address = "127.0.0.1";
|
||||||
port = 8085;
|
port = 8085;
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{...}: {
|
{config, ...}: let
|
||||||
|
user = config.services.device-vars.username;
|
||||||
|
in {
|
||||||
# https://github.com/MatthewVance/unbound-docker-rpi/issues/4#issuecomment-1001879602
|
# https://github.com/MatthewVance/unbound-docker-rpi/issues/4#issuecomment-1001879602
|
||||||
boot.kernel.sysctl."net.core.rmem_max" = 1048576;
|
boot.kernel.sysctl."net.core.rmem_max" = 1048576;
|
||||||
|
|
||||||
|
users.users.${user}.extraGroups = ["unbound"];
|
||||||
|
|
||||||
services.unbound = {
|
services.unbound = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableRootTrustAnchor = true;
|
enableRootTrustAnchor = true;
|
||||||
|
|
Loading…
Reference in a new issue