Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-04-04 03:01:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sending people to ssh jail

Browse source
This commit is contained in:
Julien Malka 2021-12-29 11:34:55 +01:00
parent 8e4ddf4ef0
commit 3bce60caa4
No known key found for this signature in database
GPG key ID: 3C68E13964FEA07F
3 changed files with 42 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
lib/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ nixpkgs, home-manager, sops-nix, nixpkgs-unstable, inputs }:
with builtins;
let
overlay-unstable = final: prev: {
unstable = nixpkgs-unstable.legacyPackages.x86_64-linux;
};
in
{
mkMachine = host: host-config: modules: nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = builtins.attrValues modules ++ [
./base.nix
sops-nix.nixosModules.sops
host-config
home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true;
nixpkgs.overlays = [
inputs.neovim-nightly-overlay.overlay
overlay-unstable
(final: prev:
{
tinystatus = prev.pkgs.callPackage ./packages/tinystatus {};
mosh = prev.pkgs.callPackage ./packages/mosh {};
})
];
}
];
};
importConfig = with builtins; path: (mapAttrs (name: value: import (path + "/${name}/default.nix")) (readDir path));
}

2
machines/lisa/default.nix
View file

@ -34,6 +34,8 @@
nix.maxJobs = lib.mkDefault 4; nix.maxJobs = lib.mkDefault 4;
services.fail2ban.enable = true;
networking.hostName = "lisa"; networking.hostName = "lisa";
networking.interfaces.ens18.useDHCP = true; networking.interfaces.ens18.useDHCP = true;
networking.interfaces.ens19.useDHCP = false; networking.interfaces.ens19.useDHCP = false;

2
machines/newton/default.nix
View file

@ -21,6 +21,8 @@ in
networking.interfaces.enp2s0f0.useDHCP = true; networking.interfaces.enp2s0f0.useDHCP = true;
networking.interfaces.enp2s0f1.useDHCP = true; networking.interfaces.enp2s0f1.useDHCP = true;
services.fail2ban.enable = true;
services.zfs.autoSnapshot.enable = true; services.zfs.autoSnapshot.enable = true;
services.zfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true;