Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-31 17:20:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

updated tower config

Browse source
This commit is contained in:
Julien Malka 2023-01-19 19:18:08 +01:00
parent fb38df2ea3
commit 9f79ad05e0
Signed by: Luj
GPG key ID: 6FC74C847011FD83
1 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
machines/tower/default.nix
View file

@ -6,7 +6,8 @@
{ {
imports = imports =
[ # Include the results of the hardware scan. [
# Include the results of the hardware scan.
./hardware.nix ./hardware.nix
./home-julien.nix ./home-julien.nix
../../users/julien.nix ../../users/julien.nix
@ -18,7 +19,7 @@
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true; boot.loader.grub.useOSProber = true;
networking.nameservers = [ "100.127.245.71" "9.9.9.9" ]; networking.nameservers = [ "100.127.245.71" "9.9.9.9" ];
environment.etc."resolv.conf" = with lib; with pkgs; { environment.etc."resolv.conf" = with lib; with pkgs; {
source = writeText "resolv.conf" '' source = writeText "resolv.conf" ''
${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)} ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)}
@ -39,16 +40,19 @@ networking.nameservers = [ "100.127.245.71" "9.9.9.9" ];
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
luj.buildbot.enable = true;
luj.nginx.enable = true;
environment.systemPackages = [ pkgs.tailscale ]; environment.systemPackages = [ pkgs.tailscale ];
# enable the tailscale service # enable the tailscale service
services.tailscale.enable = true; services.tailscale.enable = true;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
services.openssh.extraConfig = '' nix.extraOptions = ''
experimental-features = nix-command flakes
'';
services.openssh.extraConfig = ''
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
HostKey /etc/ssh/ssh_host_ed25519_key HostKey /etc/ssh/ssh_host_ed25519_key
TrustedUserCAKeys /etc/ssh/ssh_user_key.pub TrustedUserCAKeys /etc/ssh/ssh_user_key.pub
@ -84,7 +88,7 @@ services.openssh.extraConfig = ''
isNormalUser = true; isNormalUser = true;
description = "Julien"; description = "Julien";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
@ -104,8 +108,8 @@ services.openssh.extraConfig = ''
services.openssh.enable = true; services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; networking.firewall.allowedTCPPorts = [ 80 443 1810 ];
# networking.firewall.allowedUDPPorts = [ ... ]; networking.firewall.allowedUDPPorts = [ 80 443 1810 ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;