dunkirk.sh / dots
Kieran's opinionated (and probably slightly dumb) nix config
fork atom

feat: allow cachet to be sshed into

dunkirk.sh 98fb52ca f2e21274

verified
options
unified split
Changed files
+13
modules
nixos
services
cachet.nix
+13
modules/nixos/services/cachet.nix 
···

       
67

       
67

       
 

       
      extraGroups = [ "services" ];


     

       
68

       
68

       
 

       
      home = cfg.dataDir;


     

       
69

       
69

       
 

       
      createHome = true;


     

       

       
70

       
+

       
      shell = pkgs.bash;


     

       
70

       
71

       
 

       
    };


     

       
71

       
72

       
 

       



     

       
72

       
73

       
 

       
    users.groups.cachet = { };


     

       

       
74

       
+

       



     

       

       
75

       
+

       
    security.sudo.extraRules = [


     

       

       
76

       
+

       
      {


     

       

       
77

       
+

       
        users = [ "cachet" ];


     

       

       
78

       
+

       
        commands = [


     

       

       
79

       
+

       
          {


     

       

       
80

       
+

       
            command = "/run/current-system/sw/bin/systemctl restart cachet.service";


     

       

       
81

       
+

       
            options = [ "NOPASSWD" ];


     

       

       
82

       
+

       
          }


     

       

       
83

       
+

       
        ];


     

       

       
84

       
+

       
      }


     

       

       
85

       
+

       
    ];


     

       
73

       
86

       
 

       



     

       
74

       
87

       
 

       
    systemd.services.cachet-webhook = lib.mkIf cfg.webhook.enable {


     

       
75

       
88

       
 

       
      description = "Cachet webhook listener";