server/home: fix /etc/nixos/private

This commit is contained in:
chayleaf 2023-07-28 21:15:28 +07:00
parent e12b0a756d
commit ed333d5999

View file

@ -84,12 +84,15 @@ in {
nix.settings.allowed-users = [ "nix-serve" "hydra" ]; nix.settings.allowed-users = [ "nix-serve" "hydra" ];
# only hydra has access to this file anyway # only hydra has access to this file anyway
nix.settings.extra-builtins-file = "/etc/nixos/private/extra-builtins.nix"; nix.settings.extra-builtins-file = "/etc/nixos/private/extra-builtins.nix";
impermanence.directories = [
{ directory = /etc/nixos/private; user = "hydra"; group = "hydra"; mode = "0700"; }
];
nix.settings.allowed-uris = [ nix.settings.allowed-uris = [
# required for home-manager # required for home-manager
"https://git.sr.ht/~rycee/nmd/" "https://git.sr.ht/~rycee/nmd/"
# required for server (I suppose since nvfetcher uses fetchTarball here...) # required for server (I suppose since nvfetcher uses fetchTarball here...)
"https://github.com/searxng/searxng/" "https://github.com/searxng/searxng/"
# required for home config (nvfetcher) # required for home config (nvfetcher again)
"https://api.github.com/repos/FAForever/" "https://api.github.com/repos/FAForever/"
]; ];
services.nginx.virtualHosts."binarycache.${cfg.domainName}" = { services.nginx.virtualHosts."binarycache.${cfg.domainName}" = {