about summary refs log tree commit diff
path: root/users/tazjin
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2022-02-03T22·53+0300
committertazjin <tazjin@tvl.su>2022-02-03T23·08+0000
commit8099c11a121f47bd3a54fab7b6c53fa162c830bc (patch)
tree6fbf287d819a2722b25afd7cd3fd92f2172c6511 /users/tazjin
parent7fcede0c5bd50f6790a99081c006134848ae0f75 (diff)
fix(tazjin/tverskoy): Downgrade strongswan to 5.9.4 r/3757
Comments contain all the relevant info.

Change-Id: I6d4a715889b562dc79148314092f698ceefcac88
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5221
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'users/tazjin')
-rw-r--r--users/tazjin/nixos/tverskoy/default.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/users/tazjin/nixos/tverskoy/default.nix b/users/tazjin/nixos/tverskoy/default.nix
index 86cc3fba68f5..19675fd4273c 100644
--- a/users/tazjin/nixos/tverskoy/default.nix
+++ b/users/tazjin/nixos/tverskoy/default.nix
@@ -25,6 +25,12 @@ lib.fix (self: {
 
   tvl.cache.enable = true;
 
+  # Work around strongswan 5.9.4 being incompatible with servers not
+  # patched against some CVE. I need this for work ..
+  nixpkgs.overlays = [
+    depot.third_party.overlays.strongswan-workaround
+  ];
+
   boot = rec {
     initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
     initrd.kernelModules = [ ];