feat: dev fix mkcert and ddev reachability
This commit is contained in:
parent
6d7db643bc
commit
91fabfe857
4 changed files with 67 additions and 6 deletions
|
|
@ -1,17 +1,17 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
# === CONFIGURABLE SETTINGS ===
|
||||
projectsDir = "projects"; # Relative to /home/dominik
|
||||
|
||||
repositories = [
|
||||
{ url = "gitea@git.cloonar.com:Cloonar/wohnservice-wien-typo3.git"; path = "projects/cloonar/wohnservice-wien"}
|
||||
{ url = "gitea@git.cloonar.com:Cloonar/wohnservice-wien-typo3.git"; path = "cloonar/wohnservice-wien"; }
|
||||
# Add repos here: { url = "git@..."; path = "relative/path"; }
|
||||
];
|
||||
# === END CONFIGURABLE ===
|
||||
|
||||
cloneScript = pkgs.writeShellScript "clone-repos" ''
|
||||
set -eu
|
||||
export PATH="${pkgs.openssh}/bin:$PATH"
|
||||
export GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh"
|
||||
HOME_DIR="/home/dominik"
|
||||
PROJECTS_DIR="$HOME_DIR/${projectsDir}"
|
||||
|
||||
|
|
@ -20,7 +20,7 @@ let
|
|||
|
||||
${lib.concatMapStrings (repo: ''
|
||||
if [ ! -d "$PROJECTS_DIR/${repo.path}" ]; then
|
||||
${pkgs.sudo}/bin/sudo -u dominik ${pkgs.git}/bin/git clone ${repo.url} "$PROJECTS_DIR/${repo.path}" || true
|
||||
${pkgs.sudo}/bin/sudo -u dominik -E ${pkgs.git}/bin/git clone ${repo.url} "$PROJECTS_DIR/${repo.path}" || true
|
||||
fi
|
||||
'') repositories}
|
||||
'';
|
||||
|
|
@ -31,12 +31,17 @@ in
|
|||
];
|
||||
|
||||
networking.hostName = "dev";
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 80 443 ];
|
||||
};
|
||||
system.stateVersion = "22.05";
|
||||
time.timeZone = "Europe/Vienna";
|
||||
|
||||
# User configuration
|
||||
users.users.dominik = {
|
||||
isNormalUser = true;
|
||||
uid = 1000;
|
||||
home = "/home/dominik";
|
||||
extraGroups = [ "wheel" "docker" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
|
@ -50,6 +55,22 @@ in
|
|||
programs.zsh.enable = true;
|
||||
users.defaultUserShell = pkgs.zsh;
|
||||
|
||||
# Auto-attach to tmux on SSH login
|
||||
environment.interactiveShellInit = ''
|
||||
if [[ -n "$SSH_CONNECTION" ]] && [[ -z "$TMUX" ]]; then
|
||||
tmux attach-session -t main 2>/dev/null || tmux new-session -s main
|
||||
fi
|
||||
'';
|
||||
|
||||
# Passwordless sudo for dominik
|
||||
security.sudo.extraRules = [{
|
||||
users = [ "dominik" ];
|
||||
commands = [{
|
||||
command = "ALL";
|
||||
options = [ "NOPASSWD" ];
|
||||
}];
|
||||
}];
|
||||
|
||||
# Clone repos as dominik user on boot
|
||||
systemd.services.clone-repos = {
|
||||
description = "Clone configured git repositories";
|
||||
|
|
@ -62,4 +83,25 @@ in
|
|||
RemainAfterExit = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Create ddev global config to bind on all interfaces (allows access from other devices)
|
||||
systemd.services.ddev-config = {
|
||||
description = "Create ddev global config";
|
||||
after = [ "local-fs.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
User = "dominik";
|
||||
Group = "users";
|
||||
};
|
||||
script = ''
|
||||
mkdir -p /home/dominik/.ddev
|
||||
if [ ! -f /home/dominik/.ddev/global_config.yaml ]; then
|
||||
cat > /home/dominik/.ddev/global_config.yaml << 'EOF'
|
||||
router_bind_all_interfaces: true
|
||||
EOF
|
||||
fi
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue