From e640bd869033df594377a090b450efd35ae1b845 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 19 Apr 2020 16:41:14 +0200 Subject: ullr --- ullr.nix | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ullr/hw.nix | 19 ++++++++++++++ 2 files changed, 101 insertions(+) create mode 100644 ullr.nix create mode 100644 ullr/hw.nix diff --git a/ullr.nix b/ullr.nix new file mode 100644 index 00000000..87766899 --- /dev/null +++ b/ullr.nix @@ -0,0 +1,82 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./ullr/hw.nix + ./nixpkgs.nix + ./users.nix + ./utils/nix/module.nix + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking = { + domain = "yggdrasil.li"; + hostname = "ullr"; + + useDHCP = false; + enableIPv6 = true; + + firewall = { + enable = true; + allowPing = true; + allowedTCPPorts = [ 22 # ssh + ]; + allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh + ]; + }; + + interfaces.ens3 = { + useDHCP = true; + ipv6.addresses = [ + { address = "2a03:4000:15:93d::"; + prefixLength = 64; + } + ]; + }; + }; + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + environment.systemPackages = with pkgs; [ + git mosh rsync tmux zsh + rebuild-system + ]; + + users.extraUsers.root = let + template = (import users/gkleen.nix); + in { + inherit (template) shell; + openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles; + }; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + passwordAuthentication = false; + challengeResponseAuthentication = false; + extraConfig = '' + AllowGroups ssh + ''; + }; + users.groups."ssh" = { + members = ["root"]; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.09"; +} + diff --git a/ullr/hw.nix b/ullr/hw.nix new file mode 100644 index 00000000..a1f8edce --- /dev/null +++ b/ullr/hw.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +{ + imports = + [ + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/sda1"; + fsType = "btrfs"; + }; + + swapDevices = [ ]; +} -- cgit v1.2.3