From 9f79ad05e09ff301f0d2f9e0153edbd1134309d5 Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Thu, 19 Jan 2023 19:18:08 +0100 Subject: [PATCH] updated tower config --- machines/tower/default.nix | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/machines/tower/default.nix b/machines/tower/default.nix index 4b49fcb..97cb027 100644 --- a/machines/tower/default.nix +++ b/machines/tower/default.nix @@ -6,7 +6,8 @@ { imports = - [ # Include the results of the hardware scan. + [ + # Include the results of the hardware scan. ./hardware.nix ./home-julien.nix ../../users/julien.nix @@ -18,7 +19,7 @@ boot.loader.grub.device = "/dev/sda"; boot.loader.grub.useOSProber = true; -networking.nameservers = [ "100.127.245.71" "9.9.9.9" ]; + networking.nameservers = [ "100.127.245.71" "9.9.9.9" ]; environment.etc."resolv.conf" = with lib; with pkgs; { source = writeText "resolv.conf" '' ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)} @@ -39,16 +40,19 @@ networking.nameservers = [ "100.127.245.71" "9.9.9.9" ]; # Set your time zone. time.timeZone = "Europe/Paris"; + luj.buildbot.enable = true; + luj.nginx.enable = true; + environment.systemPackages = [ pkgs.tailscale ]; # enable the tailscale service services.tailscale.enable = true; - - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; -services.openssh.extraConfig = '' + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + + services.openssh.extraConfig = '' HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub HostKey /etc/ssh/ssh_host_ed25519_key TrustedUserCAKeys /etc/ssh/ssh_user_key.pub @@ -84,7 +88,7 @@ services.openssh.extraConfig = '' isNormalUser = true; description = "Julien"; extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; []; + packages = with pkgs; [ ]; }; # List packages installed in system profile. To search, run: @@ -104,8 +108,8 @@ services.openssh.extraConfig = '' services.openssh.enable = true; # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; + networking.firewall.allowedTCPPorts = [ 80 443 1810 ]; + networking.firewall.allowedUDPPorts = [ 80 443 1810 ]; # Or disable the firewall altogether. # networking.firewall.enable = false;