diff options
| -rw-r--r-- | conf/common.nix | 16 | ||||
| -rw-r--r-- | configuration.nix | 53 | ||||
| -rw-r--r-- | host/asterix.nix | 5 | ||||
| -rw-r--r-- | host/automatix.nix | 13 | ||||
| -rw-r--r-- | host/hardware/automatix.nix | 25 | ||||
| -rw-r--r-- | host/obelix.nix | 5 | ||||
| -rw-r--r-- | host/role/conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem (renamed from conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem) | 0 | ||||
| -rw-r--r-- | host/role/conf/vpn/kit.ovpn.nix (renamed from conf/vpn/kit.ovpn.nix) | 0 | ||||
| -rw-r--r-- | host/role/desktop.nix | 45 |
9 files changed, 112 insertions, 50 deletions
diff --git a/conf/common.nix b/conf/common.nix new file mode 100644 index 0000000..d1c4ba1 --- /dev/null +++ b/conf/common.nix @@ -0,0 +1,16 @@ +{ pkgs, ... }: + +{ + users.extraUsers.common = { + isNormalUser = true; + uid = 1000; + extraGroups = [ "wheel" ]; + shell = pkgs.fish; + + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDy2h3NXWVW7BlEehCCgQ3ZMq64rqxoI70dg9Zq3SdIWcqunkWsHGSmzXbxM0ZCD2/VWNVrvShusg0dDSOwV64HUxIuDWpM6gCvg5MKBS0ZMwb9831d0ybf6kU/gppJGyM7R9HspB69C9pnKBB6vUUXd/TgmjhiAHPCwbq/vgWRN7yYGwB/tc7pRiugk6tyfgvXvFCnQXZLoPSx0qBF3L6YyRzbtL5sI7KoN/gCzgqnT0H91vhxkjXrPN+GnW43lcbaqApd3gd0NmMaWNxR6ZKnXFFcUPI72cbBmhe3+t15pF9ZUYZ0sKSfbgOZx0vHLiS69Dr63L6gVNGNx7B/yxC3 common@asterix" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCdvxfprSTiMGKeH3GvG9/gupBM0urKTrliK2wzrgcHgNyWiaGFveRpX4cMPdi8uhfDrwGmKLYJfAfjsmmpmY8DTDpkeXT2vdS7q0YtoYCgjztXum0Fxd4khR3Z4Pwh6BEpxBgzIE94T749wuvW2gZLyHGPyZH5w3EXr4TBh4YSwUwVYGrPaGDVbsJ/8lEpqPu5T4S1CzaaLh0mfuyIJfo0EfU8TWmA028qVfz+6jT3/CZrv0Ru/HYEo6mAY35Im3pGTug7GWLI45tbaI++jJCo7dK+rs3uPyccHxLHnUwPtxj4wVGBbcVy8S5LyJpm2lFHQO4eu4QHiFgBA2GeXCF common@obelix" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCg5H5dtZwtKltCjCbQ2wDsMMNb3X7wcpiPpH+QBIdhMcDeyiEy5HoD6yVKppIJA9KQKr7VjzCF0eV/PgBVyoKZGGPSfB1B1Diys6MYCBSgfYh7iqxzyzdOl4/NTGsHEN6iH9e86QBge5VcUaIf/2H/g4F+5/mekR3h6aDqkS596pk3PzSiuWIZN1OCaTILG0QakQ24oevlHloasG2oWdR+Bfjp3kFvDbX5yVPPSBCLwCnyZPWse+MYAD+HAw70pve7InO35s/VyodC8RODiHZ6sQAK+o1Y9g1UDE1aTXhXWBNt1wQVIlYd9+Bf4lWuB0FA5kUfXd4Li5O4RWW3fsKT common@Schreibfix" + ]; + }; +} diff --git a/configuration.nix b/configuration.nix index 3a4be5b..fef5b26 100644 --- a/configuration.nix +++ b/configuration.nix @@ -5,20 +5,10 @@ imports = [ ./host/current.nix + ./conf/common.nix ./conf/fish.nix ]; - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - - sound.enable = true; - hardware = { - opengl.driSupport32Bit = true; - pulseaudio = { - enable = true; - support32Bit = true; - }; - }; - i18n = { consoleKeyMap = "de"; defaultLocale = "en_US.UTF-8"; @@ -36,49 +26,16 @@ }; }; - services = { - openssh = { - enable = true; - }; - - journald = { - extraConfig = ''Storage=volatile''; - }; - - openvpn.servers = { - KIT = { - config = import ./conf/vpn/kit.ovpn.nix; - autoStart = false; - }; - }; - - xserver = { - enable = true; - layout = "de"; - xkbOptions = "caps:escape"; - - displayManager.slim = { - enable = true; - autoLogin = true; - defaultUser = "common"; - }; - - desktopManager.default = "none"; - }; - }; - - users.extraUsers.common = { - isNormalUser = true; - uid = 1000; - extraGroups = [ "wheel" ]; - shell = pkgs.fish; + services.openssh = { + enable = true; + permitRootLogin = "no"; }; environment = { systemPackages = let custom_vim = import ./pkgs/vim/vim.nix pkgs; in with pkgs; [ - hdparm ntfs3g psmisc htop fish git silver-searcher custom_vim + psmisc htop fish git silver-searcher custom_vim ]; shellAliases = { diff --git a/host/asterix.nix b/host/asterix.nix index 0112617..d925259 100644 --- a/host/asterix.nix +++ b/host/asterix.nix @@ -1,5 +1,8 @@ { - imports = [ ./hardware/asterix.nix ]; + imports = [ + ./hardware/asterix.nix + ./role/desktop.nix + ]; boot = { loader.grub = { diff --git a/host/automatix.nix b/host/automatix.nix new file mode 100644 index 0000000..fd819f4 --- /dev/null +++ b/host/automatix.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + imports = [ ./hardware/automatix.nix ]; + + boot.loader.grub = { + enable = true; + version = 2; + device = "/dev/sda"; + }; + + networking.hostName = "automatix"; +} diff --git a/host/hardware/automatix.nix b/host/hardware/automatix.nix new file mode 100644 index 0000000..4b35109 --- /dev/null +++ b/host/hardware/automatix.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + +{ + imports = + [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/ec324e84-6766-49b7-ad5e-583e78a35432"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/05f0315c-f5f5-4471-b2ef-6e53b95cb08b"; } + ]; + + nix.maxJobs = lib.mkDefault 1; +} diff --git a/host/obelix.nix b/host/obelix.nix index 5d6206c..f876a61 100644 --- a/host/obelix.nix +++ b/host/obelix.nix @@ -1,7 +1,10 @@ { pkgs, ... }: { - imports = [ ./hardware/obelix.nix ]; + imports = [ + ./hardware/obelix.nix + ./role/desktop.nix + ]; boot = { loader.grub = { diff --git a/conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem b/host/role/conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem index 374b050..374b050 100644 --- a/conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem +++ b/host/role/conf/vpn/T-TeleSec_GlobalRoot_Class_2.pem diff --git a/conf/vpn/kit.ovpn.nix b/host/role/conf/vpn/kit.ovpn.nix index 82a21ee..82a21ee 100644 --- a/conf/vpn/kit.ovpn.nix +++ b/host/role/conf/vpn/kit.ovpn.nix diff --git a/host/role/desktop.nix b/host/role/desktop.nix new file mode 100644 index 0000000..cf20500 --- /dev/null +++ b/host/role/desktop.nix @@ -0,0 +1,45 @@ +{ pkgs, ... }: + +{ + fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; + + sound.enable = true; + hardware = { + opengl.driSupport32Bit = true; + pulseaudio = { + enable = true; + support32Bit = true; + }; + }; + + services = { + journald = { + extraConfig = ''Storage=volatile''; + }; + + openvpn.servers = { + KIT = { + config = import ./conf/vpn/kit.ovpn.nix; + autoStart = false; + }; + }; + + xserver = { + enable = true; + layout = "de"; + xkbOptions = "caps:escape"; + + displayManager.slim = { + enable = true; + autoLogin = true; + defaultUser = "common"; + }; + + desktopManager.default = "none"; + }; + }; + + environment.systemPackages = with pkgs; [ + hdparm ntfs3g + ]; +} |