First attempts at ymir

author: Gregor Kleen <gkleen@yggdrasil.li> 2015-09-25 14:37:02 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2015-09-25 14:37:02 +0200
commit: 71a85e3ee912ec332f4a74d270fbb781f008c1f1 (patch)
tree: 44a0d3500086b0ce713856fefb3cf23013899798 /ymir.nix
parent: 0c21d69535943c5f8deb965f8ff9efd3ee1c7154 (diff)
download: nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar
nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.gz
nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.bz2
nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.xz
nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.zip
1 files changed, 61 insertions, 0 deletions
diff --git a/ymir.nix b/ymir.nix
new file mode 100644
index 00000000..e7b9b88c
--- /dev/null
+++ b/ymir.nix
@@ -0,0 +1,61 @@
+{ config, pkgs, ... }:
+{
+  imports =
+    [
+      ./ymir-hw.nix
+      ./custom/zsh.nix
+      ./users.nix
+    ];
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  networking.hostName = "ymir";
+  networking.hostId = "1c5c994e";
+  environment.systemPackages = with pkgs; [
+    git
+    mosh
+    rsync
+    tmux
+    zsh
+  ];
+  # List services that you want to enable:
+  services.openssh = {
+    enable = true;
+  };
+  services.fcron = {
+    enable = true;
+    systab = ''
+      %weekly * * nix-collect-garbage --delete-older-than '7d'
+    '';
+  };
+  networking.firewall = {
+    enable = true;
+    allowPing = true;
+    allowedTCPPorts = [ 22
+                      ];
+    allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
+                           ];
+  };
+  services.ntp = {
+    enable = false;
+  };
+  services.chrony = {
+    enable = true;
+  };
+  users.extraUsers.root = let
+    template = (import users/gkleen.nix);
+    in {
+        inherit (template) shell;
+        openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
+      };
+}
author	Gregor Kleen <gkleen@yggdrasil.li>	2015-09-25 14:37:02 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2015-09-25 14:37:02 +0200
commit	71a85e3ee912ec332f4a74d270fbb781f008c1f1 (patch)
tree	44a0d3500086b0ce713856fefb3cf23013899798 /ymir.nix
parent	0c21d69535943c5f8deb965f8ff9efd3ee1c7154 (diff)
download	nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.gz nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.bz2 nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.tar.xz nixos-71a85e3ee912ec332f4a74d270fbb781f008c1f1.zip

diff --git a/ymir.nix b/ymir.nix new file mode 100644 index 00000000..e7b9b88c --- /dev/null +++ b/ymir.nix
@@ -0,0 +1,61 @@
	1	{ config, pkgs, ... }:
	2
	3	{
	4	imports =
	5	[
	6	./ymir-hw.nix
	7	./custom/zsh.nix
	8	./users.nix
	9	];
	10
	11	boot.loader.grub.enable = true;
	12	boot.loader.grub.version = 2;
	13
	14	networking.hostName = "ymir";
	15	networking.hostId = "1c5c994e";
	16
	17	environment.systemPackages = with pkgs; [
	18	git
	19	mosh
	20	rsync
	21	tmux
	22	zsh
	23	];
	24
	25	# List services that you want to enable:
	26
	27	services.openssh = {
	28	enable = true;
	29	};
	30
	31	services.fcron = {
	32	enable = true;
	33	systab = ''
	34	%weekly * * nix-collect-garbage --delete-older-than '7d'
	35	'';
	36	};
	37
	38	networking.firewall = {
	39	enable = true;
	40	allowPing = true;
	41	allowedTCPPorts = [ 22
	42	];
	43	allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
	44	];
	45	};
	46
	47	services.ntp = {
	48	enable = false;
	49	};
	50
	51	services.chrony = {
	52	enable = true;
	53	};
	54
	55	users.extraUsers.root = let
	56	template = (import users/gkleen.nix);
	57	in {
	58	inherit (template) shell;
	59	openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
	60	};
	61	}