646b892680
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
45 lines
893 B
Nix
45 lines
893 B
Nix
{
|
|
lib,
|
|
modulesPath,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
ssh-keys =
|
|
if builtins.pathExists ../../ssh-keys.nix then # Outside sandbox
|
|
../../ssh-keys.nix
|
|
# In sandbox
|
|
else
|
|
./ssh-keys.nix;
|
|
|
|
inherit (import ssh-keys pkgs)
|
|
snakeOilPrivateKey
|
|
snakeOilPublicKey
|
|
;
|
|
in
|
|
{
|
|
imports = [
|
|
(modulesPath + "/virtualisation/qemu-vm.nix")
|
|
(modulesPath + "/testing/test-instrumentation.nix")
|
|
];
|
|
virtualisation.writableStore = true;
|
|
nix.settings.substituters = lib.mkForce [ ];
|
|
virtualisation.graphics = false;
|
|
documentation.enable = false;
|
|
services.qemuGuest.enable = true;
|
|
boot.loader.grub.enable = false;
|
|
|
|
services.openssh.enable = true;
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
snakeOilPublicKey
|
|
];
|
|
security.pam.services.sshd.limits = [
|
|
{
|
|
domain = "*";
|
|
item = "memlock";
|
|
type = "-";
|
|
value = 1024;
|
|
}
|
|
];
|
|
}
|