From 9f9a53723bd79b029d398c0542a686bd8ed56151 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 27 Nov 2018 00:59:40 +0100
Subject: l blue-host: fix permissions

---
 lass/2configs/blue-host.nix | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'lass/2configs/blue-host.nix')

diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix
index be9f68c08..e80ce326a 100644
--- a/lass/2configs/blue-host.nix
+++ b/lass/2configs/blue-host.nix
@@ -23,6 +23,12 @@ in {
       '';
     }
   ];
+
+  system.activationScripts.containerPermissions = ''
+    mkdir -p /var/lib/containers
+    chmod 711 /var/lib/containers
+  '';
+
   containers.blue = {
     config = { ... }: {
       environment.systemPackages = [
-- 
cgit v1.2.3


From 304059b1da4ac256d1487e83a7280d0db6615c2d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 27 Nov 2018 01:00:14 +0100
Subject: l blue-host: sync also owner and group

---
 lass/2configs/blue-host.nix | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lass/2configs/blue-host.nix')

diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix
index e80ce326a..6d46cb8c1 100644
--- a/lass/2configs/blue-host.nix
+++ b/lass/2configs/blue-host.nix
@@ -80,6 +80,10 @@ in {
             source = "/var/lib/containers/.blue",
             host = "${host}.r",
             targetdir = "/var/lib/containers/.blue",
+            rsync = {
+              owner = true,
+              group = true,
+            };
             ssh = {
               binary = "${pkgs.openssh}/bin/ssh";
               identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa",
-- 
cgit v1.2.3


From a1c261d61b243549bb2525da57bf3fada805f7f5 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 27 Nov 2018 01:00:59 +0100
Subject: l blue-host: dry-build blue first

---
 lass/2configs/blue-host.nix | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'lass/2configs/blue-host.nix')

diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix
index 6d46cb8c1..fba996743 100644
--- a/lass/2configs/blue-host.nix
+++ b/lass/2configs/blue-host.nix
@@ -99,14 +99,15 @@ in {
   environment.systemPackages = [
     (pkgs.writeDashBin "start-blue" ''
       set -ef
-      if ping -c1 blue.r >/dev/null; then
-        echo 'blue is already running. bailing out'
-        exit 23
-      fi
       if ! $(mount | ${pkgs.gnugrep}/bin/grep -qi '^encfs on /var/lib/containers/blue'); then
         ${pkgs.encfs}/bin/encfs --public /var/lib/containers/.blue /var/lib/containers/blue
       fi
       nixos-container start blue
+      nixos-container run blue -- nixos-rebuild -I /var/src dry-build
+      if ping -c1 blue.r >/dev/null; then
+        echo 'blue is already running. bailing out'
+        exit 23
+      fi
       nixos-container run blue -- nixos-rebuild -I /var/src switch
     '')
   ];
-- 
cgit v1.2.3