2 files changed, 27 insertions, 0 deletions

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 0b2c10f92..03e9f6eeb 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -184,14 +184,17 @@ in {
     }
     {
       #hotdog
+      systemd.services."container@hotdog".reloadIfChanged = mkForce false;
       containers.hotdog = {
         config = { ... }: {
+          imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
           environment.systemPackages = [ pkgs.git ];
           services.openssh.enable = true;
           users.users.root.openssh.authorizedKeys.keys = [
             config.krebs.users.lass.pubkey
           ];
         };
+        autoStart = true;
         enableTun = true;
         privateNetwork = true;
         hostAddress = "10.233.2.1";
@@ -200,8 +203,10 @@ in {
     }
     {
       #kaepsele
+      systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
       containers.kaepsele = {
         config = { ... }: {
+          imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
           environment.systemPackages = [ pkgs.git ];
           services.openssh.enable = true;
           users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
@@ -209,6 +214,7 @@ in {
             tv.pubkey
           ];
         };
+        autoStart = true;
         enableTun = true;
         privateNetwork = true;
         hostAddress = "10.233.2.3";
@@ -217,8 +223,10 @@ in {
     }
     {
       #onondaga
+      systemd.services."container@onondaga".reloadIfChanged = mkForce false;
       containers.onondaga = {
         config = { ... }: {
+          imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
           environment.systemPackages = [ pkgs.git ];
           services.openssh.enable = true;
           users.users.root.openssh.authorizedKeys.keys = [
@@ -226,6 +234,7 @@ in {
             config.krebs.users.nin.pubkey
           ];
         };
+        autoStart = true;
         enableTun = true;
         privateNetwork = true;
         hostAddress = "10.233.2.5";
diff --git a/lass/2configs/rebuild-on-boot.nix b/lass/2configs/rebuild-on-boot.nix
new file mode 100644
index 000000000..60198be7b
--- /dev/null
+++ b/lass/2configs/rebuild-on-boot.nix
@@ -0,0 +1,18 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+  systemd.services.rebuild-on-boot = {
+    wantedBy = [ "multi-user.target" ];
+    environment = {
+      NIX_REMOTE = "daemon";
+      HOME = "/var/empty";
+    };
+    serviceConfig = {
+      ExecStart = pkgs.writeScript "rebuild" ''
+        #!${pkgs.bash}/bin/bash
+        (/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) &
+      '';
+      ExecStop = "${pkgs.coreutils}/bin/sleep 10";
+    };
+  };
+}