diff --git a/modules/nixos/guests/zookeeper/default.nix b/modules/nixos/guests/zookeeper/default.nix index 069183c..97859b0 100755 --- a/modules/nixos/guests/zookeeper/default.nix +++ b/modules/nixos/guests/zookeeper/default.nix @@ -1,5 +1,7 @@ { flake, + pkgs, + lib, ... }: let @@ -16,33 +18,30 @@ in config = { system.stateVersion = "24.05"; time.timeZone = "America/Winnipeg"; - imports = [ - flake.inputs.zookeeper.nixosModules.default - ]; users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys; - services = { - zookeeperbot.enable = true; - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; }; - - networking.firewall.allowedTCPPorts = [ - 22 - ]; - + networking.firewall.allowedTCPPorts = [ 22 ]; systemd = { + services = { + zookeeper = { + serviceConfig = { + ExecStart = lib.getExe flake.self.packages.${pkgs.system}.zookeeper; + Restart = "always"; + RestartSec = 2; + EnvironmentFile = "/run/secrets/env"; + }; + wantedBy = [ "multi-user.target" ]; + }; + systemd-networkd.wantedBy = [ "multi-user.target" ]; + }; network = { enable = true; networks."20-lan" = { - matchConfig.Name = "enp0s5"; - addresses = [ - { Address = "${serviceCfg.interface.ip}/24"; } - ]; + matchConfig.Name = "enp0s3"; + addresses = [ { Address = "${serviceCfg.interface.ip}/24"; } ]; routes = [ { Destination = "${hostCfg.localhost.address1}/0"; @@ -55,18 +54,10 @@ in ]; }; }; - - tmpfiles.rules = [ - "Z ${serviceCfg.varPaths.path0} 0755 ${serviceCfg.name} ${serviceCfg.name} -" - ]; - }; - - systemd.services.systemd-networkd.wantedBy = [ "multi-user.target" ]; - microvm = { - vcpu = 2; - mem = 3072; + vcpu = 1; + mem = 1024; hypervisor = "qemu"; interfaces = [ { @@ -105,12 +96,10 @@ in }; }; }; - sops.secrets = { "${serviceCfg.name}/env" = { owner = "root"; mode = "0600"; }; }; - }