WIP

Makefile

@@ -1,3 +1,6 @@
+boot:
+	sudo nixos-rebuild boot --flake .
+
 ## switch | perform nixos rebuild
 switch:
 	sudo nixos-rebuild switch --flake .
@@ -6,7 +9,7 @@ switch:
 lint:
 	nixpkgs-fmt .
 
-.PHONY: lint switch
+.PHONY: lint switch boot
 
 USAGE := {a.style('==>','bold')} {a.style('flakes ftw','header')} {a.style('<==','bold')}\n
 -include .task.mk

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1668132053,
-        "narHash": "sha256-eQ2/vjxbkEJmG1YJu58TK8S/AEB52MKrXPy5IhTH6nE=",
+        "lastModified": 1674584991,
+        "narHash": "sha256-2NqCy2ViyT/iOniL0UtrLi15z1TYfPYVj/iY4rWur3M=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "34f89bcce8711acb0e4de1203ed078b7976e08b2",
+        "rev": "eb95aa0392d4a6f0eb3ac66eb0329397eafde4fb",
         "type": "github"
       },
       "original": {

hosts/jeran/README.md

@@ -0,0 +1,21 @@
+sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
+sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
+sudo -u git chmod 600 /home/git/.ssh/authorized_keys
+
+
+Should Look like this
+```
+# SSH pubkey from git user
+ssh-rsa <Gitea Host Key>
+
+# other keys from users
+command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty <user pubkey>
+```
+
+
+Nixify this step....
+cat <<"EOF" | sudo tee /usr/local/bin/gitea
+#!/bin/sh
+ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
+EOF
+sudo chmod +x /usr/local/bin/gitea

hosts/jeran/configuration.nix

@@ -11,20 +11,27 @@
       isNormalUser = true;
       extraGroups = [ "wheel" "docker" ];
       useDefaultShell = true;
-
+    };
+    git = {
+      isNormalUser = true;
     };
   };
-  services.openssh.passwordAuthentication = true;
+  
   services.resolved.enable = true;
   system.stateVersion = "22.11";
   nixpkgs.config.allowUnfree = true;
 
-  nix.package = pkgs.nixUnstable;
-  nix.extraOptions = ''
-    	experimental-features = nix-command flakes
-    	'';
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
+ services.cron = {
+    enable = true;
+    systemCronJobs = [
+      # update repos
+      "0 * * * * make -C /home/daylin/git soft-repos"
+      # update container so home page is semi-accurate
+      "0 2 * * * make -C /home/daylin/git update-soft-serve"
+    ];
+  };
   networking.hostName = "jeran"; # Define your hostname.
   time.timeZone = "America/Chicago";
   programs.zsh.enable = true;