Compare commits

..

5 Commits

Author SHA1 Message Date
coolneng c8a54817b7
Update system weekly 2021-04-06 11:11:02 +02:00
coolneng 08db88e202
Add networking and hardware-configuration modules 2021-04-06 11:10:49 +02:00
coolneng 6273a5e999
Change SSH key 2021-04-06 11:10:26 +02:00
coolneng 01240d5fda
Change hostname and regular user name 2021-04-06 11:10:09 +02:00
coolneng ad688375bf
Remove old cruft 2021-04-06 11:09:51 +02:00
3 changed files with 76 additions and 26 deletions

View File

@ -34,16 +34,15 @@
boot.cleanTmpDir = true;
# Set hostname
networking.hostName = "zion";
networking.hostName = "aegis";
# Create coolneng user
users.users.coolneng = {
# Create coace user
users.users.coace = {
isNormalUser = true;
home = "/home/coolneng";
extraGroups = [ "wheel" "docker" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRqINHR7/zc+c3/PuR+NeSsBHXXzBiEtFWSK6QaxQTW coolneng@panacea"
];
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNmNckWBxa2fQkUjWLHgQd32C272yB+f9kTcnooszd5 coolneng@panacea
''];
shell = "${pkgs.fish}/bin/fish";
};
@ -55,7 +54,6 @@
services.timesyncd.enable = true;
# Enable ZFS support
networking.hostId = "4e74ea68";
boot.supportedFilesystems = [ "zfs" ];
# Scrub zpool monthly
@ -68,6 +66,7 @@
system.autoUpgrade = {
enable = true;
allowReboot = true;
dates = "Sat *-*-* 04:40:00";
};
# Run Nix garbage collector, while avoiding recompilation
@ -88,9 +87,9 @@
programs.fish.enable = true;
users.users.root = {
shell = "${pkgs.fish}/bin/fish";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRqINHR7/zc+c3/PuR+NeSsBHXXzBiEtFWSK6QaxQTW coolneng@panacea"
];
openssh.authorizedKeys.keys = [''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNmNckWBxa2fQkUjWLHgQd32C272yB+f9kTcnooszd5 coolneng@panacea
''];
};
# Rotate logs after 7 days
@ -99,20 +98,7 @@
# Increase inotify limits
boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
# MOTD message
programs.fish.interactiveShellInit = "${./scripts/motd.sh}";
# Import other configuration modules
imports = [
./modules/hardware-configuration.nix
./modules/networking.nix
./modules/datasync.nix
./modules/webstack.nix
./modules/devops.nix
./modules/monitoring.nix
./modules/periodic.nix
./modules/communication.nix
./modules/information.nix
];
imports = [ ./modules/hardware-configuration.nix ./modules/networking.nix ];
}

View File

@ -0,0 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

40
modules/networking.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
{
# Assign a static IP
networking = {
hostName = "aegis";
hostId = "78bb604d";
interfaces.eth0 = {
useDHCP = false;
ipv4.addresses = [{
address = "10.0.1.4";
prefixLength = 24;
}];
};
defaultGateway = {
address = "10.0.1.1";
interface = "eth0";
};
nameservers = [ "1.1.1.1" "8.8.8.8" ];
enableIPv6 = false;
};
# Enable zeroconf
services.avahi = {
enable = true;
nssmdns = true;
publish = {
enable = true;
addresses = true;
domain = true;
};
};
# Firewall configuration
networking.firewall = {
allowedTCPPorts = [ ];
allowedUDPPorts = [ ];
};
}