summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--shared/1systems/wolf.nix71
-rw-r--r--shared/2configs/base.nix74
2 files changed, 75 insertions, 70 deletions
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index 60d1e8ce8..4fe3388c8 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -1,9 +1,8 @@
{ config, lib, pkgs, ... }:
-with lib;
-
{
imports = [
+ ../2configs/base.nix
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
../2configs/collectd-base.nix
];
@@ -13,34 +12,6 @@ with lib;
krebs.build.user = config.krebs.users.shared;
krebs.build.target = "wolf";
- krebs.enable = true;
- krebs.retiolum = {
- enable = true;
- connectTo = [
- # TODO remove connectTo cd, this was only used for bootstrapping
- "cd"
- "gum"
- "pigstarter"
- ];
- };
-
- krebs.build.source = {
- git.nixpkgs = {
- url = https://github.com/NixOS/nixpkgs;
- rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
- };
- dir.secrets = {
- host = config.krebs.current.host;
- path = "${getEnv "HOME"}/secrets/krebs/wolf";
- };
- dir.stockholm = {
- host = config.krebs.current.host;
- path = "${getEnv "HOME"}/stockholm";
- };
- };
-
- networking.hostName = config.krebs.build.host.name;
-
boot.kernel.sysctl = {
# Enable IPv6 Privacy Extensions
"net.ipv6.conf.all.use_tempaddr" = 2;
@@ -63,45 +34,5 @@ with lib;
{ device = "/dev/disk/by-label/swap"; }
];
- nix.maxJobs = 1;
- nix.trustedBinaryCaches = [
- "https://cache.nixos.org"
- "http://cache.nixos.org"
- "http://hydra.nixos.org"
- ];
- nix.useChroot = true;
-
- nixpkgs.config.packageOverrides = pkgs: {
- nano = pkgs.vim;
- };
-
- environment.systemPackages = with pkgs; [
- git
- rxvt_unicode.terminfo
- ];
-
time.timeZone = "Europe/Berlin";
-
- programs.ssh.startAgent = false;
-
- services.openssh = {
- enable = true;
- hostKeys = [
- { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
- ];
- };
- services.cron.enable = false;
- services.nscd.enable = false;
- services.ntp.enable = false;
-
- users.mutableUsers = false;
- users.extraUsers.root.openssh.authorizedKeys.keys = [
- # TODO
- config.krebs.users.lass.pubkey
- config.krebs.users.makefu.pubkey
- config.krebs.users.tv.pubkey
- ];
-
- # The NixOS release to be compatible with for stateful data such as databases.
- system.stateVersion = "15.09";
}
diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix
new file mode 100644
index 000000000..c9f4ffa8d
--- /dev/null
+++ b/shared/2configs/base.nix
@@ -0,0 +1,74 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+ krebs.enable = true;
+ krebs.retiolum = {
+ enable = true;
+ connectTo = [
+ # TODO remove connectTo cd, this was only used for bootstrapping
+ "cd"
+ "gum"
+ "pigstarter"
+ ];
+ };
+
+ krebs.build.source = {
+ git.nixpkgs = {
+ url = https://github.com/NixOS/nixpkgs;
+ rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
+ };
+ dir.secrets = {
+ host = config.krebs.current.host;
+ path = "${getEnv "HOME"}/secrets/krebs/wolf";
+ };
+ dir.stockholm = {
+ host = config.krebs.current.host;
+ path = "${getEnv "HOME"}/stockholm";
+ };
+ };
+
+ networking.hostName = config.krebs.build.host.name;
+
+ nix.maxJobs = 1;
+ nix.trustedBinaryCaches = [
+ "https://cache.nixos.org"
+ "http://cache.nixos.org"
+ "http://hydra.nixos.org"
+ ];
+ nix.useChroot = true;
+
+ nixpkgs.config.packageOverrides = pkgs: {
+ nano = pkgs.vim;
+ };
+
+ environment.systemPackages = with pkgs; [
+ git
+ rxvt_unicode.terminfo
+ ];
+
+ programs.ssh.startAgent = false;
+
+ services.openssh = {
+ enable = true;
+ hostKeys = [
+ { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+ ];
+ };
+ services.cron.enable = false;
+ services.nscd.enable = false;
+ services.ntp.enable = false;
+
+ users.mutableUsers = false;
+ users.extraUsers.root.openssh.authorizedKeys.keys = [
+ # TODO
+ config.krebs.users.lass.pubkey
+ config.krebs.users.makefu.pubkey
+ config.krebs.users.tv.pubkey
+ ];
+
+
+ # The NixOS release to be compatible with for stateful data such as databases.
+ system.stateVersion = "15.09";
+
+}