From ed333d59997a2810d7ff904b4594b43f4aee8cbc Mon Sep 17 00:00:00 2001 From: chayleaf Date: Fri, 28 Jul 2023 21:15:28 +0700 Subject: [PATCH] server/home: fix /etc/nixos/private --- system/hosts/nixserver/home.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/system/hosts/nixserver/home.nix b/system/hosts/nixserver/home.nix index 39c4944..6a35e42 100644 --- a/system/hosts/nixserver/home.nix +++ b/system/hosts/nixserver/home.nix @@ -84,12 +84,15 @@ in { nix.settings.allowed-users = [ "nix-serve" "hydra" ]; # only hydra has access to this file anyway nix.settings.extra-builtins-file = "/etc/nixos/private/extra-builtins.nix"; + impermanence.directories = [ + { directory = /etc/nixos/private; user = "hydra"; group = "hydra"; mode = "0700"; } + ]; nix.settings.allowed-uris = [ # required for home-manager "https://git.sr.ht/~rycee/nmd/" # required for server (I suppose since nvfetcher uses fetchTarball here...) "https://github.com/searxng/searxng/" - # required for home config (nvfetcher) + # required for home config (nvfetcher again) "https://api.github.com/repos/FAForever/" ]; services.nginx.virtualHosts."binarycache.${cfg.domainName}" = {