ghoscht/nix-config
ghoscht/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: ghoscht:7a0bbc15481973b3a69ea3712ed10e31a5bef0a4
Branches Tags
ghoscht:main
ghoscht:structural-rework
ghoscht:old-structure
..
compare: ghoscht:92a980dab2b0a2061e6ab1af413ec04e7dcac875
Branches Tags
ghoscht:main
ghoscht:structural-rework
ghoscht:old-structure

2 commits
7a0bbc1548 ... 92a980dab2

Author SHA1 Message Date
GHOSCHT
92a980dab2
Add Franz SSH key 2024-05-31 12:57:58 +02:00
GHOSCHT
51a6f74c5f
Clean up eustachius config 2024-05-31 11:53:33 +02:00
1 changed files with 27 additions and 60 deletions
Show stats Expand all files Collapse all files

87
hosts/eustachius/default.nix
View file

@ -1,9 +1,10 @@
{ {
config,
pkgs, pkgs,
lib, lib,
... ...
}: { }: let
vars = import ../../vars.nix;
in {
# NixOS wants to enable GRUB by default # NixOS wants to enable GRUB by default
boot.loader.grub.enable = false; boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf # Enables the generation of /boot/extlinux/extlinux.conf
@ -55,11 +56,6 @@
neovim neovim
curl curl
wget wget
bind
iptables
python3
nodejs
docker-compose
]; ];
services.openssh = { services.openssh = {
@ -67,45 +63,23 @@
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
}; };
# Some sample service. services.restic.server = {
# Use dnsmasq as internal LAN DNS resolver. enable = true;
services.dnsmasq = { dataDir = "/mnt/backups";
enable = false; extraFlags = ["--no-auth"];
settings.servers = ["8.8.8.8" "8.8.4.4" "1.1.1.1"]; };
settings.extraConfig = ''
address=/fenrir.test/192.168.100.6 services.tailscale = {
address=/recalune.test/192.168.100.7 enable = true;
address=/eth.nixpi.test/192.168.100.3 useRoutingFeatures = "server";
address=/wlan.nixpi.test/192.168.100.4
'';
}; };
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
networking.firewall.enable = false; networking.firewall.enable = false;
# WiFi
hardware = {
enableRedistributableFirmware = true;
firmware = [pkgs.wireless-regdb];
};
# Networking # Networking
networking = { networking.useDHCP = true;
# useDHCP = true;
interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [
{
# I used static IP over WLAN because I want to use it as local DNS resolver
address = "192.168.1.4";
prefixLength = 24;
}
];
};
interfaces.eth0 = {
useDHCP = true;
};
};
# forwarding # forwarding
boot.kernel.sysctl = { boot.kernel.sysctl = {
@ -116,27 +90,20 @@
# put your own configuration here, for example ssh keys: # put your own configuration here, for example ssh keys:
users.mutableUsers = true; users.mutableUsers = true;
users.groups = { users.users.${vars.user} = {
nixos = { isNormalUser = true;
gid = 1000; password = "changeme";
name = "nixos"; extraGroups = ["wheel" "docker"];
}; openssh.authorizedKeys.keys = [
}; #Adalbert
users.users = { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
nixos = {
uid = 1000;
home = "/home/nixos";
name = "nixos";
group = "nixos";
extraGroups = ["wheel" "docker"];
};
};
users.users.root.openssh.authorizedKeys.keys = [
#Desktop
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
#Convertible #Ludwig
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5"
];
#Franz
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINCjLoirHMos7c9lRatWtSYAk68xbUGc8vPU0wFxIzj openpgp:0x7430326E"
];
};
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }