add sysbox

hosts/fw.cloonar.com/configuration.nix

@@ -39,6 +39,10 @@
     ./hardware-configuration.nix
   ];
 
+  nixpkgs.overlays = [
+    (import ./utils/overlays/packages.nix)
+  ];
+
   nixpkgs.config.permittedInsecurePackages = [
     "openssl-1.1.1w"
   ];
@@ -57,6 +61,7 @@
     ethtool             # manage NIC settings (offload, NIC feeatures, ...)
     tcpdump             # view network traffic
     conntrack-tools     # view network connection states
+    sysbox
   ];
 
   nix.gc = {

hosts/fw.cloonar.com/modules/gitea.nix

@@ -69,8 +69,6 @@ in
           "/var/lib/gitea:/data"
           "/etc/gitea/app.ini:/data/custom/conf/app.ini:ro"
           "/var/lib/acme/git.cloonar.com:/ssl:ro"
-          "/etc/timezone:/etc/timezone:ro"
-          "/etc/localtime:/etc/localtime:ro"
         ];
         environment = {
           USER_UID = builtins.toString config.users.users.gitea.uid;

hosts/fw.cloonar.com/modules/home-assistant.nix

@@ -29,11 +29,5 @@
       proxy_set_header Connection $connection_upgrade;
     '';
   };
-
-  # networking.firewall = {
-  #   allowedUDPPorts = [
-  #     5683 # shelly coiot
-  #   ];
-  # };
 }
 

hosts/git.cloonar.com/modules/drone/runner.nix

@@ -26,8 +26,7 @@
       Restart = "always";
       ExecStartPre= ''
         -${pkgs.docker}/bin/docker stop %n \
-        -${pkgs.docker}/bin/docker rm %n \
-        ${pkgs.docker}/bin/docker pull drone/drone:2.20.0
+        ${pkgs.docker}/bin/docker rm %n
       '';
       ExecStart= ''
         ${pkgs.docker}/bin/docker run --rm --name %n \

hosts/git.cloonar.com/modules/drone/server.nix

@@ -26,8 +26,7 @@
       Restart = "always";
       ExecStartPre= ''
         -${pkgs.docker}/bin/docker stop %n \
-        -${pkgs.docker}/bin/docker rm %n \
-        ${pkgs.docker}/bin/docker pull drone/drone:2.20.0
+        ${pkgs.docker}/bin/docker rm %n
       '';
       ExecStart= ''
         ${pkgs.docker}/bin/docker run --rm --name %n \