From e4fee75add478176d3f535c5d301ab8f17ee4538 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <mail@tazj.in>
Date: Thu, 15 Jun 2023 23:20:07 +0300
Subject: chore(tazjin/koptevo): fix some initial growing pains

Change-Id: I614bba9e28ca789d2e641391ccf3bdbc6ff95dd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8785
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
---
 users/tazjin/nixos/koptevo/default.nix | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'users/tazjin/nixos/koptevo/default.nix')

diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix
index ed5c0ea63d30..7bc47d973971 100644
--- a/users/tazjin/nixos/koptevo/default.nix
+++ b/users/tazjin/nixos/koptevo/default.nix
@@ -57,6 +57,7 @@ in
     domain = "tazj.in";
     useDHCP = true;
     firewall.enable = true;
+    firewall.allowedTCPPorts = [ 22 80 443 ];
 
     wireless.enable = true;
     wireless.networks."How do I computer fast?" = {
@@ -67,19 +68,21 @@ in
   time.timeZone = "UTC";
 
   security.acme.acceptTerms = true;
-  security.acme.defaults.email = "acme@tazj.in";
+  security.acme.defaults.email = lib.mkForce "acme@tazj.in";
 
   programs.fish.enable = true;
 
   users.users.tazjin = {
     isNormalUser = true;
-    extraGroups = [ "wheel" "docker" ];
+    extraGroups = [ "wheel" "docker" "systemd-journal" ];
     shell = pkgs.fish;
     openssh.authorizedKeys.keys = depot.users.tazjin.keys.all;
   };
 
   security.sudo.wheelNeedsPassword = false;
 
+  services.openssh.enable = true;
+
   services.depot.quassel = {
     enable = true;
     acmeHost = "koptevo.tazj.in";
@@ -112,6 +115,6 @@ in
 
   programs.mtr.enable = true;
   programs.mosh.enable = true;
-  services.openssh.enable = true;
+
   system.stateVersion = "23.05";
 }
-- 
cgit 1.4.1