Move role folder to defaults
This commit is contained in:
parent
ea23be5e80
commit
78f95b4e11
19 changed files with 17 additions and 16 deletions
101
defaults/base/default.nix
Normal file
101
defaults/base/default.nix
Normal file
|
|
@ -0,0 +1,101 @@
|
|||
# Default configuration for hosts
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ ../../modules ];
|
||||
|
||||
system.autoUpgrade.enable = true;
|
||||
system.autoUpgrade.allowReboot = false;
|
||||
|
||||
boot.loader.timeout = 2;
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "sg-latin1";
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
curl
|
||||
vim
|
||||
tmux
|
||||
git
|
||||
ncat
|
||||
bind
|
||||
ack
|
||||
fwupd
|
||||
pciutils
|
||||
dmidecode
|
||||
smartmontools
|
||||
parted
|
||||
borgbackup
|
||||
nixfmt
|
||||
iw
|
||||
];
|
||||
|
||||
services.fwupd.enable = true;
|
||||
|
||||
# Networking
|
||||
networking.firewall = {
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [ 22 ];
|
||||
};
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
|
||||
nix.trustedUsers = [ "root" "@wheel" ];
|
||||
|
||||
users.mutableUsers = false;
|
||||
users.users = rec {
|
||||
root.openssh.authorizedKeys.keys =
|
||||
lib.flatten (map (u: u.openssh.authorizedKeys.keys) [ fhauser das-g ]);
|
||||
|
||||
fhauser = {
|
||||
isNormalUser = true;
|
||||
description = "Fabian Hauser";
|
||||
extraGroups = [ "wheel" ];
|
||||
uid = 1000;
|
||||
hashedPassword =
|
||||
"$6$rounds=20000$TYZ8CojfBLwejcwn$smEJe6/anL9NGf.Ytfny14nBfhr4TRPv2XK1lgHz7yg.zQow1HACePirEjsjxzFC6vTHGaT8t2NxobUsHbWLg1";
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIPF8ZV7vhpbVvLxiKq8ANVusNUHMbtii5MuvjxCbVz7vSNVPo9OOLvYyDqhbRAWMTdQeGZVAaALBufKKmprDTRFMpnA7Ut4TFrdz/5DTaR2KEjJ7P75moH+0xooR/GsbzFGsNBSQSXK3u1igndPYEC/PqCHN++32kDo2wLqTB4VLrEovU3iq8BMckn329Bu1fGbXKTgDpEvUEEwFO2brQZLMmzILGF/v4B9ImEGtinAUNgDSfEpgPN23sdWQH9rwEClGv95JmWNf05tuVomhZzOBtCFoAno3XB1nj16avjsqJ3aGFY2CCcfsNrwKzhIotmm82bcI4BJuJIVRIKbZ1 cardno:000603507108"
|
||||
];
|
||||
};
|
||||
|
||||
das-g = {
|
||||
isNormalUser = true;
|
||||
description = "Raphael Das Gupta";
|
||||
extraGroups = [ "wheel" ];
|
||||
uid = 1001;
|
||||
hashedPassword =
|
||||
"$6$rounds=37000$omA92cfwup$Ri9FXHbeOUIIDKf83D6UNa5NWGac.G9A3voJmrivwkVtaDGVMGLIa5qdgkaDeCKoMkl8YRjJ7smEyrMwTnuRD0";
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRWDaUzbDyCNee/K8iCcXtoLrR0fZoGpXAV4f/CjB8kKb42lWKWXc67Juy0RnRVCZQc21ooApuQPJZ08Cawj9Okgz0j3vYdMnDBY1Ox9Ik12hzbpdLDHhOrIj3BOJuAKfFy5OM9Z2ZLwdvjXFk+1RQK1Qadd3PwtGjxLAgp5eBHj8TgUP8DXKGQQElphjfVLua4ufqoTldT1mrmDn/+GDgNY5HUTQb+YZ6AwjcemG+eAdG30Al1JRkOogke83hIXBVNCD9ObPtRv/KiAZv3TV8bgP2mzeeG2aDDb9qz8HXKvBlbN2ouz0cWTA5D5+Ua+wkOggEfhfPKBauF9sbQ8bRuknWm8VnuVXkikzdYZVGKdzvoHRdOfoTCL4JHzpGW6H3jVqdQuGTv5r28y/jxbDY95w6KmxLS+2u8SHVBh6hVAxf5i3P8aIHkOTEN//SyS/fa1uXHSQt0sVya2+4pTsCQfwWjE3TrQg6W6bmguVMjaICze5wWwckap+57jKbK9sPCuLFfYPwOvQ3nfb6wwNBhvNxmD9xGfk8/UzXsoq6OgPvF7GE5UWA04GHCnF4H0tEAQBK0vsjKxqC2lM8nK9msbqkSxadIFYqiG1+DAZyju3uZgkkInev8dh02yNsVJKYoCm60PWaMTLeVsrYZuvNDWXsXm7+nD02wWI0lxnkVw== das-g@x1carbon"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
options = "--delete-older-than 30d";
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
gitconfig.source = ./etc/gitconfig;
|
||||
vimrc.source = ./etc/vimrc;
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
email = "sysadmin@qo.is";
|
||||
};
|
||||
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue