summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2020-04-19 16:41:14 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2020-04-19 16:41:14 +0200
commite640bd869033df594377a090b450efd35ae1b845 (patch)
treee2029f27961e1729ab3da12edec95c79e5576d87
parent4715d3217b0d9416c3a819a3efddd8fce78e336b (diff)
downloadnixos-e640bd869033df594377a090b450efd35ae1b845.tar
nixos-e640bd869033df594377a090b450efd35ae1b845.tar.gz
nixos-e640bd869033df594377a090b450efd35ae1b845.tar.bz2
nixos-e640bd869033df594377a090b450efd35ae1b845.tar.xz
nixos-e640bd869033df594377a090b450efd35ae1b845.zip
ullr
-rw-r--r--ullr.nix82
-rw-r--r--ullr/hw.nix19
2 files changed, 101 insertions, 0 deletions
diff --git a/ullr.nix b/ullr.nix
new file mode 100644
index 00000000..87766899
--- /dev/null
+++ b/ullr.nix
@@ -0,0 +1,82 @@
1{ config, pkgs, ... }:
2
3{
4 imports =
5 [ # Include the results of the hardware scan.
6 ./ullr/hw.nix
7 ./nixpkgs.nix
8 ./users.nix
9 ./utils/nix/module.nix
10 ];
11
12 # Use the GRUB 2 boot loader.
13 boot.loader.grub.enable = true;
14 boot.loader.grub.version = 2;
15 boot.loader.grub.device = "/dev/sda";
16
17 # The global useDHCP flag is deprecated, therefore explicitly set to false here.
18 # Per-interface useDHCP will be mandatory in the future, so this generated config
19 # replicates the default behaviour.
20 networking = {
21 domain = "yggdrasil.li";
22 hostname = "ullr";
23
24 useDHCP = false;
25 enableIPv6 = true;
26
27 firewall = {
28 enable = true;
29 allowPing = true;
30 allowedTCPPorts = [ 22 # ssh
31 ];
32 allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
33 ];
34 };
35
36 interfaces.ens3 = {
37 useDHCP = true;
38 ipv6.addresses = [
39 { address = "2a03:4000:15:93d::";
40 prefixLength = 64;
41 }
42 ];
43 };
44 };
45
46 # Set your time zone.
47 time.timeZone = "Europe/Berlin";
48
49 environment.systemPackages = with pkgs; [
50 git mosh rsync tmux zsh
51 rebuild-system
52 ];
53
54 users.extraUsers.root = let
55 template = (import users/gkleen.nix);
56 in {
57 inherit (template) shell;
58 openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
59 };
60
61 # Enable the OpenSSH daemon.
62 services.openssh = {
63 enable = true;
64 passwordAuthentication = false;
65 challengeResponseAuthentication = false;
66 extraConfig = ''
67 AllowGroups ssh
68 '';
69 };
70 users.groups."ssh" = {
71 members = ["root"];
72 };
73
74 # This value determines the NixOS release from which the default
75 # settings for stateful data, like file locations and database versions
76 # on your system were taken. It‘s perfectly fine and recommended to leave
77 # this value at the release version of the first install of this system.
78 # Before changing this value read the documentation for this option
79 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
80 system.stateVersion = "20.09";
81}
82
diff --git a/ullr/hw.nix b/ullr/hw.nix
new file mode 100644
index 00000000..a1f8edce
--- /dev/null
+++ b/ullr/hw.nix
@@ -0,0 +1,19 @@
1{ config, lib, pkgs, ... }:
2
3{
4 imports =
5 [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
6 ];
7
8 boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
9 boot.initrd.kernelModules = [ ];
10 boot.kernelModules = [ ];
11 boot.extraModulePackages = [ ];
12
13 fileSystems."/" =
14 { device = "/dev/sda1";
15 fsType = "btrfs";
16 };
17
18 swapDevices = [ ];
19}