From 71a85e3ee912ec332f4a74d270fbb781f008c1f1 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Fri, 25 Sep 2015 14:37:02 +0200
Subject: First attempts at ymir

---
 ymir.nix | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 ymir.nix

(limited to 'ymir.nix')

diff --git a/ymir.nix b/ymir.nix
new file mode 100644
index 00000000..e7b9b88c
--- /dev/null
+++ b/ymir.nix
@@ -0,0 +1,61 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./ymir-hw.nix
+      ./custom/zsh.nix
+      ./users.nix
+    ];
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+
+  networking.hostName = "ymir";
+  networking.hostId = "1c5c994e";
+
+  environment.systemPackages = with pkgs; [
+    git
+    mosh
+    rsync
+    tmux
+    zsh
+  ];
+
+  # List services that you want to enable:
+
+  services.openssh = {
+    enable = true;
+  };
+
+  services.fcron = {
+    enable = true;
+    systab = ''
+      %weekly * * nix-collect-garbage --delete-older-than '7d'
+    '';
+  };
+
+  networking.firewall = {
+    enable = true;
+    allowPing = true;
+    allowedTCPPorts = [ 22
+                      ];
+    allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
+                           ];
+  };
+
+  services.ntp = {
+    enable = false;
+  };
+
+  services.chrony = {
+    enable = true;
+  };
+
+  users.extraUsers.root = let
+    template = (import users/gkleen.nix);
+    in {
+        inherit (template) shell;
+        openssh.authorizedKeys.keyFiles = template.openssh.authorizedKeys.keyFiles;
+      };
+}
-- 
cgit v1.2.3