about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2023-06-15T20·20+0300
committertazjin <tazjin@tvl.su>2023-06-15T21·34+0000
commite4fee75add478176d3f535c5d301ab8f17ee4538 (patch)
tree2fd7df3f096ad6a3aa8d5dc45aae931c201c7137
parent77b0dddc3d915509a929cd5595047e17eab47cf7 (diff)
chore(tazjin/koptevo): fix some initial growing pains r/6316
Change-Id: I614bba9e28ca789d2e641391ccf3bdbc6ff95dd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8785
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
-rw-r--r--users/tazjin/nixos/koptevo/default.nix9
1 files changed, 6 insertions, 3 deletions
diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix
index ed5c0ea63d30..7bc47d973971 100644
--- a/users/tazjin/nixos/koptevo/default.nix
+++ b/users/tazjin/nixos/koptevo/default.nix
@@ -57,6 +57,7 @@ in
     domain = "tazj.in";
     useDHCP = true;
     firewall.enable = true;
+    firewall.allowedTCPPorts = [ 22 80 443 ];
 
     wireless.enable = true;
     wireless.networks."How do I computer fast?" = {
@@ -67,19 +68,21 @@ in
   time.timeZone = "UTC";
 
   security.acme.acceptTerms = true;
-  security.acme.defaults.email = "acme@tazj.in";
+  security.acme.defaults.email = lib.mkForce "acme@tazj.in";
 
   programs.fish.enable = true;
 
   users.users.tazjin = {
     isNormalUser = true;
-    extraGroups = [ "wheel" "docker" ];
+    extraGroups = [ "wheel" "docker" "systemd-journal" ];
     shell = pkgs.fish;
     openssh.authorizedKeys.keys = depot.users.tazjin.keys.all;
   };
 
   security.sudo.wheelNeedsPassword = false;
 
+  services.openssh.enable = true;
+
   services.depot.quassel = {
     enable = true;
     acmeHost = "koptevo.tazj.in";
@@ -112,6 +115,6 @@ in
 
   programs.mtr.enable = true;
   programs.mosh.enable = true;
-  services.openssh.enable = true;
+
   system.stateVersion = "23.05";
 }