diff options
| author | Vincent Ambo <mail@tazj.in> | 2022-02-03T22·53+0300 |
|---|---|---|
| committer | tazjin <tazjin@tvl.su> | 2022-02-03T23·08+0000 |
| commit | 8099c11a121f47bd3a54fab7b6c53fa162c830bc (patch) | |
| tree | 6fbf287d819a2722b25afd7cd3fd92f2172c6511 /users/tazjin/nixos/tverskoy/default.nix | |
| parent | 7fcede0c5bd50f6790a99081c006134848ae0f75 (diff) | |
fix(tazjin/tverskoy): Downgrade strongswan to 5.9.4 r/3757
Comments contain all the relevant info. Change-Id: I6d4a715889b562dc79148314092f698ceefcac88 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5221 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'users/tazjin/nixos/tverskoy/default.nix')
| -rw-r--r-- | users/tazjin/nixos/tverskoy/default.nix | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/users/tazjin/nixos/tverskoy/default.nix b/users/tazjin/nixos/tverskoy/default.nix index 86cc3fba68f5..19675fd4273c 100644 --- a/users/tazjin/nixos/tverskoy/default.nix +++ b/users/tazjin/nixos/tverskoy/default.nix @@ -25,6 +25,12 @@ lib.fix (self: { tvl.cache.enable = true; + # Work around strongswan 5.9.4 being incompatible with servers not + # patched against some CVE. I need this for work .. + nixpkgs.overlays = [ + depot.third_party.overlays.strongswan-workaround + ]; + boot = rec { initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; initrd.kernelModules = [ ]; |