1 files changed, 82 insertions, 0 deletions
diff --git a/ullr.nix b/ullr.nix
new file mode 100644
index 00000000..87766899
--- /dev/null
+++ b/ullr.nix
@@ -0,0 +1,82 @@
+{ config, pkgs, ... }:
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./ullr/hw.nix
+      ./nixpkgs.nix
+      ./users.nix
+      ./utils/nix/module.nix
+    ];
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/sda";
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking = {
+    domain = "yggdrasil.li";
+    hostname = "ullr";
+    useDHCP = false;
+    enableIPv6 = true;
+    firewall = {
+      enable = true;
+      allowPing = true;
+      allowedTCPPorts = [ 22 # ssh
+                        ];
+      allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
+                             ];
+    };
+    interfaces.ens3 = {
+      useDHCP = true;
+      ipv6.addresses = [
+        { address = "2a03:4000:15:93d::";
+          prefixLength = 64;
+        }
+      ];
+    };
+  };
+  # Set your time zone.
+  time.timeZone = "Europe/Berlin";
+  environment.systemPackages = with pkgs; [
+    git mosh rsync tmux zsh
+    rebuild-system
+  ];
+  users.extraUsers.root = let
+    template = (import users/gkleen.nix);
+    in {
+        inherit (template) shell;
+        openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
+      };
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    passwordAuthentication = false;
+    challengeResponseAuthentication = false;
+    extraConfig = ''
+      AllowGroups ssh
+    '';
+  };
+  users.groups."ssh" = {
+    members = ["root"];
+  };
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "20.09";
+}

diff --git a/ullr.nix b/ullr.nix new file mode 100644 index 00000000..87766899 --- /dev/null +++ b/ullr.nix
@@ -0,0 +1,82 @@
	1	{ config, pkgs, ... }:
	2
	3	{
	4	imports =
	5	[ # Include the results of the hardware scan.
	6	./ullr/hw.nix
	7	./nixpkgs.nix
	8	./users.nix
	9	./utils/nix/module.nix
	10	];
	11
	12	# Use the GRUB 2 boot loader.
	13	boot.loader.grub.enable = true;
	14	boot.loader.grub.version = 2;
	15	boot.loader.grub.device = "/dev/sda";
	16
	17	# The global useDHCP flag is deprecated, therefore explicitly set to false here.
	18	# Per-interface useDHCP will be mandatory in the future, so this generated config
	19	# replicates the default behaviour.
	20	networking = {
	21	domain = "yggdrasil.li";
	22	hostname = "ullr";
	23
	24	useDHCP = false;
	25	enableIPv6 = true;
	26
	27	firewall = {
	28	enable = true;
	29	allowPing = true;
	30	allowedTCPPorts = [ 22 # ssh
	31	];
	32	allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
	33	];
	34	};
	35
	36	interfaces.ens3 = {
	37	useDHCP = true;
	38	ipv6.addresses = [
	39	{ address = "2a03:4000:15:93d::";
	40	prefixLength = 64;
	41	}
	42	];
	43	};
	44	};
	45
	46	# Set your time zone.
	47	time.timeZone = "Europe/Berlin";
	48
	49	environment.systemPackages = with pkgs; [
	50	git mosh rsync tmux zsh
	51	rebuild-system
	52	];
	53
	54	users.extraUsers.root = let
	55	template = (import users/gkleen.nix);
	56	in {
	57	inherit (template) shell;
	58	openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
	59	};
	60
	61	# Enable the OpenSSH daemon.
	62	services.openssh = {
	63	enable = true;
	64	passwordAuthentication = false;
	65	challengeResponseAuthentication = false;
	66	extraConfig = ''
	67	AllowGroups ssh
	68	'';
	69	};
	70	users.groups."ssh" = {
	71	members = ["root"];
	72	};
	73
	74	# This value determines the NixOS release from which the default
	75	# settings for stateful data, like file locations and database versions
	76	# on your system were taken. It‘s perfectly fine and recommended to leave
	77	# this value at the release version of the first install of this system.
	78	# Before changing this value read the documentation for this option
	79	# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
	80	system.stateVersion = "20.09";
	81	}
	82