makefu: init pnp

this is the first entry for my hosts, it provides only very basic support
with a lot of copy-paste from tv/lass

1 files changed, 96 insertions, 0 deletions

diff --git a/2configs/makefu/base.nix b/2configs/makefu/base.nix
new file mode 100644
index 000000000..ab2e6f247
--- /dev/null
+++ b/2configs/makefu/base.nix
@@ -0,0 +1,96 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+    imports = [ ];
+    users.extraUsers = {
+        root = {
+            openssh.authorizedKeys.keys = map readFile [
+                ../../Zpubkeys/makefu_arch.ssh.pub
+            ];
+        };
+        makefu = {
+            uid = 9001;
+            group = "users";
+            home = "/home/makefu";
+            createHome = true;
+            useDefaultShell = true;
+            extraGroups = [
+                "wheel"
+            ];
+            openssh.authorizedKeys.keys = map readFile [
+                ../../Zpubkeys/makefu_arch.ssh.pub
+            ];
+        };
+    };
+
+    services.openssh.enable = true;
+    nix.useChroot = true;
+
+    users.mutableUsers = true;
+
+    boot.tmpOnTmpfs = true;
+    systemd.tmpfiles.rules = [
+        "d /tmp 1777 root root - -"
+    ];
+
+    environment.extraInit = ''
+        EDITOR=vim
+        '';
+
+    environment.systemPackages = with pkgs; [
+        git
+        vim
+        rxvt_unicode.terminfo
+    ];
+
+    programs.bash = {
+        enableCompletion = true;
+        interactiveShellInit = ''
+            HISTCONTROL='erasedups:ignorespace'
+            HISTSIZE=900001
+            HISTFILESIZE=$HISTSIZE
+
+            shopt -s checkhash
+            shopt -s histappend histreedit histverify
+            shopt -s no_empty_cmd_completion
+            complete -d cd
+
+            '';
+        promptInit = ''
+            case $UID in
+                0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;;
+                9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;;
+                *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;;
+            esac
+            if test -n "$SSH_CLIENT"; then
+                PS1='\[\033[35m\]\h'" $PS1"
+            fi
+            '';
+    };
+    environment.shellAliases = {
+        lsl = "ls -latr";
+    };
+
+    security.setuidPrograms = [ "sendmail" ];
+
+    services.journald.extraConfig = ''
+        SystemMaxUse=1G
+        RuntimeMaxUse=128M
+        '';
+    nixpkgs.config.packageOverrides = pkgs: {
+        nano = pkgs.runCommand "empty" {} "mkdir -p $out";
+    };
+    services.cron.enable = false;
+    services.nscd.enable = false;
+    boot.kernel.sysctl = {
+# Enable IPv6 Privacy Extensions
+        "net.ipv6.conf.all.use_tempaddr" = 2;
+        "net.ipv6.conf.default.use_tempaddr" = 2;
+    };
+    i18n = {
+        consoleKeyMap = "us";
+        defaultLocale = "en_US.UTF-8";
+    };
+
+}