system/settings/satoshipay.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | {
config,
pkgs,
fetchurl,
lib,
...
}: let
dockerConfig = {
ipv6 = true;
fixed-cidr-v6 = "fd69:2074:9fcd:b0fd::/64";
features = {
buildkit = true;
};
};
in {
virtualisation = {
docker = {
enable = true;
enableOnBoot = false;
liveRestore = false;
extraOptions = "--config-file=${pkgs.writeText "daemon.json" (builtins.toJSON dockerConfig)}";
autoPrune = {
enable = true;
dates = "Mon, 13:00";
};
};
};
networking.firewall.extraCommands = ''
iptables -A nixos-fw -p udp --source 172.17.0.0/24 -j nixos-fw-accept
iptables -A nixos-fw -p tcp --source 172.17.0.0/24 -j nixos-fw-accept
ip6tables -A nixos-fw -p tcp --source ${dockerConfig.fixed-cidr-v6} -j nixos-fw-accept
ip6tables -A nixos-fw -p udp --source ${dockerConfig.fixed-cidr-v6} -j nixos-fw-accept
'';
nix.gc.dates = "12:30";
system.autoUpgrade.dates = "13:05";
}
|