Initial redoubt in-situ fixes

2025-08-10 13:18:25 -05:00 · 2025-08-10 13:18:25 -05:00 · 1c52bd6f99
commit 1c52bd6f99
parent 915cd1a8cb
7 changed files with 91 additions and 9 deletions
--- a/systems/redoubt/configuration.nix
+++ b/systems/redoubt/configuration.nix
@ -1,4 +1,4 @@
-{ ... }: {
+{ lib, ... }: {
  imports = [
    # Core Features
    ../../nixos/features/base.nix
@ -31,6 +31,8 @@
  ##############################################################################
  # Services

+  services.smartd.enable = lib.mkForce false;
+
  virtualisation.oci-containers.backend = "docker";
  virtualisation.oci-containers.containers = {
    dozzle = {
@ -53,8 +55,8 @@
  ##############################################################################
  # Tinc

-  sops.secrets."dotspace/fortress/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
-  sops.secrets."dotspace/fortress/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };
+  sops.secrets."dotspace/redoubt/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
+  sops.secrets."dotspace/redoubt/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };

  systemd.network.networks."90-tinc" = {
    matchConfig.Name = "tinc.dotspace";
@ -64,7 +66,7 @@

  services.tinc.networks.dotspace = {
    name = "fortress";
-    ed25519PrivateKeyFile = "/run/secrets/dotspace/fortress/keys/tinc/ed25519_key.priv";
+    ed25519PrivateKeyFile = "/run/secrets/dotspace/redoubt/keys/tinc/ed25519_key.priv";

    chroot = false;
    settings.ConnectTo = [ "stronghold" ];