refactor(gs/chupacabra): Vendor urbint config r/1179

If I want to build this on TVL's CI I can't reference ~/code/urb/urbos, obviously, so I'll just vendor it here which is fine Change-Id: I40feb4b29fafae1d3bb0119b7cca1613a4582fdc Reviewed-on: https://cl.tvl.fyi/c/depot/+/885 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI
author: Griffin Smith <grfn@gws.fyi> 2020-07-02T22·53-0400
committer: glittershark <grfn@gws.fyi> 2020-07-02T23·19+0000
commit: 0bd0ca09a39cc8e26ccdc8a08c61d468b76522cb (patch)
tree: 6b54915dcad02675262f44b8e7f74a4890333a85 /users/glittershark/system/system/modules/urbint.nix
parent: ae5c5b88e5cc894303b7f1552101be0299c361f0 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/users/glittershark/system/system/modules/urbint.nix b/users/glittershark/system/system/modules/urbint.nix
new file mode 100644
index 0000000000..9790b69dcb
--- /dev/null
+++ b/users/glittershark/system/system/modules/urbint.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+{
+  virtualisation.docker.enable = true;
+
+  nix = rec {
+    binaryCaches = [ "https://nix.urbinternal.com" ];
+    trustedBinaryCaches = binaryCaches;
+    requireSignedBinaryCaches = false;
+  };
+
+  services.openvpn.servers.urbint = {
+    config = ''
+      config /root/openvpn/urbint.conf
+    '';
+    autoStart = false;
+  };
+
+  users.users."grfn".extraGroups = [ "docker" ];
+
+  services.clamav = {
+    daemon.enable = true;
+    updater = {
+      enable = true;
+      interval = "daily";
+      frequency = 1; # per day
+    };
+  };
+}
author	Griffin Smith <grfn@gws.fyi>	2020-07-02T22·53-0400
committer	glittershark <grfn@gws.fyi>	2020-07-02T23·19+0000
commit	0bd0ca09a39cc8e26ccdc8a08c61d468b76522cb (patch)
tree	6b54915dcad02675262f44b8e7f74a4890333a85 /users/glittershark/system/system/modules/urbint.nix
parent	ae5c5b88e5cc894303b7f1552101be0299c361f0 (diff)