add cloudkrebs.nix
This commit is contained in:
parent
7092442441
commit
1916df697e
62
cloudkrebs.nix
Normal file
62
cloudkrebs.nix
Normal file
|
@ -0,0 +1,62 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./modules/tv/base-cac-CentOS-7-64bit.nix
|
||||
./modules/lass/retiolum-cloudkrebs.nix
|
||||
./modules/lass/networking-cloudkrebs.nix
|
||||
];
|
||||
|
||||
nix.maxJobs = 1;
|
||||
|
||||
#activationScripts
|
||||
#split up and move into base
|
||||
|
||||
#TODO move into modules
|
||||
users.extraUsers = {
|
||||
#main user
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors"
|
||||
];
|
||||
hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj.";
|
||||
};
|
||||
lass = {
|
||||
uid = 1337;
|
||||
name = "lass";
|
||||
#isNormalUser = true;
|
||||
group = "users";
|
||||
createHome = true;
|
||||
home = "/home/lass";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = false;
|
||||
description = "lassulus";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors"
|
||||
];
|
||||
hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj.";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
];
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
hostKeys = [
|
||||
# XXX bits here make no science
|
||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||
];
|
||||
permitRootLogin = "yes";
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
|
||||
allowedTCPPorts = [
|
||||
22
|
||||
];
|
||||
};
|
||||
|
||||
}
|
14
modules/lass/networking-cloudkrebs.nix
Normal file
14
modules/lass/networking-cloudkrebs.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{...}:
|
||||
{
|
||||
networking.hostName = "cloudkrebs";
|
||||
networking.interfaces.enp2s1.ip4 = [
|
||||
{
|
||||
address = "104.167.112.39";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
networking.defaultGateway = "104.167.112.1";
|
||||
networking.nameservers = [
|
||||
"8.8.8.8"
|
||||
];
|
||||
}
|
21
modules/lass/retiolum-cloudkrebs.nix
Normal file
21
modules/lass/retiolum-cloudkrebs.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./retiolum.nix
|
||||
];
|
||||
|
||||
services.retiolum = {
|
||||
enable = true;
|
||||
hosts = ../hosts;
|
||||
privateKeyFile = "/etc/nixos/secrets/cloudkrebs.retiolum.rsa_key.priv";
|
||||
connectTo = [
|
||||
"fastpoke"
|
||||
"gum"
|
||||
"ire"
|
||||
];
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 655 ];
|
||||
networking.firewall.allowedUDPPorts = [ 655 ];
|
||||
}
|
Loading…
Reference in a new issue