From 2e211aba6a7dfbab5cc190864fd5b74ba736e4f9 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 7 Jun 2015 12:50:21 +0200 Subject: initial work on bragi --- bragi.nix | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 bragi.nix (limited to 'bragi.nix') diff --git a/bragi.nix b/bragi.nix new file mode 100644 index 00000000..9852dfa4 --- /dev/null +++ b/bragi.nix @@ -0,0 +1,60 @@ +{ config, pkgs, ... }: + +{ + imports = + [ + ./bragi-hw.nix + ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + + boot.loader.grub.extraConfig = "serial; terminal_output.serial"; + boot.kernelParams = [ "console=ttyS0,115200" + ]; + + networking.hostName = "bragi"; + networking.hostId = "2af11085"; + networking.wireless.enable = true; + + networking.firewall = { + allowPing = true; + allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh-server + ]; + }; + + environment.systemPackages = with pkgs; [ + git + mosh + rsync + jack2 + tmux + ]; + + # List services that you want to enable: + + services.openssh.enable = true; + + services.fcron = { + enable = true; + systab = '' + %weekly * * nix-collect-garbage --delete-older-than '7d' + ''; + }; + + users.extraUsers.guest = { + name = "gkleen"; + isNormalUser = true; + uid = 1000; + createHome = true; + home = "/home/gkleen"; + shell = "${pkgs.zsh}/bin/zsh"; + openssh.authorizedKeys.keys = [ "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBABVMu+0txXdxdTSY8POAYVXbuOEDW6VxJzaYwQljc9kzM63VUZuE606R0g2ZGr9A+Gk6qO6fpCiq4SM+1Yygz5yHgGlbO750TOGaTe6KSGw+u3miaeDviejmxTqetGmiJe7BTLRAbYHjRgD5SkK/Ovos0cDSyOfZ5aha/ehox+proQKGA== gkleen@cathy" + ]; + extraGroups = [ "wheel" ]; + hashedPassword = "$6$MBq4kwM68$Eg8O6m76mM2905VppNZO67J3EHqJVBuIWQkz.MFFa7afVQKhGuSSYHl50WkkFYXHEY5MIM7IjWYZ0UJwq2IDJ0"; + }; + + security.setuidPrograms = ["mount.nfs"]; +} -- cgit v1.2.3