"rebase"

2 files changed, 26 insertions, 3 deletions

diff --git a/old/modules/cloudkrebs/default.nix b/old/modules/cloudkrebs/default.nix
index 938447e0e..135b662f9 100644
--- a/old/modules/cloudkrebs/default.nix
+++ b/old/modules/cloudkrebs/default.nix
@@ -3,7 +3,7 @@
 {
   imports = [
     ../tv/base-cac-CentOS-7-64bit.nix
-    ../lass/retiolum-cloudkrebs.nix
+    ./retiolum.nix
     ./networking.nix
     ../../secrets/cloudkrebs-pw.nix
     ../lass/sshkeys.nix
@@ -18,8 +18,10 @@
 
   nix.maxJobs = 1;
 
-  #activationScripts
-  #split up and move into base
+  #tmpfiles Unknown group 'lock' workaround:
+  users.extraGroups = {
+    lock.gid = 10001;
+  };
 
   #TODO move into modules
   users.extraUsers = {
diff --git a/old/modules/cloudkrebs/retiolum.nix b/old/modules/cloudkrebs/retiolum.nix
new file mode 100644
index 000000000..1caa9246e
--- /dev/null
+++ b/old/modules/cloudkrebs/retiolum.nix
@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ../tv/retiolum
+  ];
+
+  tv.retiolum = {
+    enable = true;
+    hosts = ../../hosts;
+    privateKeyFile = "/etc/nixos/secrets/cloudkrebs.retiolum.rsa_key.priv";
+    connectTo = [
+      "fastpoke"
+      "gum"
+      "ire"
+    ];
+  };
+
+  networking.firewall.allowedTCPPorts = [ 655 ];
+  networking.firewall.allowedUDPPorts = [ 655 ];
+}