diff options
| -rw-r--r-- | 1systems/makefu/pnp.nix | 86 | ||||
| -rw-r--r-- | 2configs/makefu/base.nix | 156 | 
2 files changed, 119 insertions, 123 deletions
| diff --git a/1systems/makefu/pnp.nix b/1systems/makefu/pnp.nix index f98cd5276..7e4ccf2c1 100644 --- a/1systems/makefu/pnp.nix +++ b/1systems/makefu/pnp.nix @@ -5,50 +5,48 @@  { config, pkgs, ... }:  { -    imports = -        [ # Include the results of the hardware scan. -        <nixpkgs/nixos/modules/profiles/qemu-guest.nix> -        ../../2configs/makefu/base.nix -        ../../3modules/krebs/retiolum.nix -        ../../2configs/makefu/cgit-retiolum.nix -        ]; -    krebs.enable = true; -    boot.loader.grub.enable = true; -    boot.loader.grub.version = 2; -    boot.loader.grub.device = "/dev/vda"; - -    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ]; -    boot.kernelModules = [ ]; -    boot.extraModulePackages = [ ]; -    hardware.enableAllFirmware = true; -    hardware.cpu.amd.updateMicrocode = true; - -    # networking.firewall is enabled by default -    networking.firewall.allowedTCPPorts = [ 80 ]; - -    fileSystems."/" = -    { device = "/dev/disk/by-label/nixos"; -        fsType = "ext4"; -    }; -        krebs.retiolum = { -            enable = true; -            hosts = ../../Zhosts; -            connectTo = [ -                "gum" -                "pigstarter" -                "fastpoke" -            ]; -        }; - -    nix.maxJobs = 1; -    networking.hostName = "pnp"; # Define your hostname. +  imports = +    [ # Include the results of the hardware scan. +      <nixpkgs/nixos/modules/profiles/qemu-guest.nix> +      ../../2configs/makefu/base.nix +      ../../2configs/makefu/cgit-retiolum.nix +    ]; +  krebs.enable = true; +  boot.loader.grub.enable = true; +  boot.loader.grub.version = 2; +  boot.loader.grub.device = "/dev/vda"; + +  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ]; +  boot.kernelModules = [ ]; +  boot.extraModulePackages = [ ]; +  hardware.enableAllFirmware = true; +  hardware.cpu.amd.updateMicrocode = true; + +# networking.firewall is enabled by default +  networking.firewall.allowedTCPPorts = [ 80 ]; + +  fileSystems."/" = +  { device = "/dev/disk/by-label/nixos"; +    fsType = "ext4"; +  }; +  krebs.retiolum = { +    enable = true; +    hosts = ../../Zhosts; +    connectTo = [ +      "gum" +      "pigstarter" +      "fastpoke" +    ]; +  }; + +  nix.maxJobs = 2; +  networking.hostName = "pnp"; # Define your hostname.  # $ nix-env -qaP | grep wget -        environment.systemPackages = with pkgs; [ -        wget -        git -        gnumake -        jq -        ]; - +    environment.systemPackages = with pkgs; [ +      wget +      git +      gnumake +      jq +    ];  } diff --git a/2configs/makefu/base.nix b/2configs/makefu/base.nix index ab2e6f247..25b80930b 100644 --- a/2configs/makefu/base.nix +++ b/2configs/makefu/base.nix @@ -2,95 +2,93 @@  with lib;  { -    imports = [ ]; -    users.extraUsers = { -        root = { -            openssh.authorizedKeys.keys = map readFile [ -                ../../Zpubkeys/makefu_arch.ssh.pub -            ]; -        }; -        makefu = { -            uid = 9001; -            group = "users"; -            home = "/home/makefu"; -            createHome = true; -            useDefaultShell = true; -            extraGroups = [ -                "wheel" -            ]; -            openssh.authorizedKeys.keys = map readFile [ -                ../../Zpubkeys/makefu_arch.ssh.pub -            ]; -        }; +  imports = [ ]; +  users.extraUsers = { +    root = { +        openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];      }; +    makefu = { +      uid = 9001; +      group = "users"; +      home = "/home/makefu"; +      createHome = true; +      useDefaultShell = true; +      extraGroups = [ +        "wheel" +      ]; +        openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; +    }; +  }; -    services.openssh.enable = true; -    nix.useChroot = true; +  services.openssh.enable = true; +  nix.useChroot = true; -    users.mutableUsers = true; +  users.mutableUsers = true; -    boot.tmpOnTmpfs = true; -    systemd.tmpfiles.rules = [ -        "d /tmp 1777 root root - -" -    ]; +  boot.tmpOnTmpfs = true; +  systemd.tmpfiles.rules = [ +    "d /tmp 1777 root root - -" +  ]; -    environment.extraInit = '' -        EDITOR=vim -        ''; +  environment.extraInit = '' +    EDITOR=vim +    ''; -    environment.systemPackages = with pkgs; [ -        git -        vim -        rxvt_unicode.terminfo -    ]; +  environment.systemPackages = with pkgs; [ +      git +      vim +      rxvt_unicode.terminfo +  ]; -    programs.bash = { -        enableCompletion = true; -        interactiveShellInit = '' -            HISTCONTROL='erasedups:ignorespace' -            HISTSIZE=900001 -            HISTFILESIZE=$HISTSIZE +  programs.bash = { +    enableCompletion = true; +    interactiveShellInit = '' +      HISTCONTROL='erasedups:ignorespace' +      HISTSIZE=900001 +      HISTFILESIZE=$HISTSIZE -            shopt -s checkhash -            shopt -s histappend histreedit histverify -            shopt -s no_empty_cmd_completion -            complete -d cd +      shopt -s checkhash +      shopt -s histappend histreedit histverify +      shopt -s no_empty_cmd_completion +      complete -d cd +      ''; -            ''; -        promptInit = '' -            case $UID in -                0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;; -                9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;; -                *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;; -            esac -            if test -n "$SSH_CLIENT"; then -                PS1='\[\033[35m\]\h'" $PS1" -            fi -            ''; -    }; -    environment.shellAliases = { -        lsl = "ls -latr"; -    }; +    promptInit = '' +      case $UID in +         0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;; +      9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;; +         *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;; +      esac +      if test -n "$SSH_CLIENT"; then +        PS1='\[\033[35m\]\h'" $PS1" +      fi +      ''; +  }; -    security.setuidPrograms = [ "sendmail" ]; +  environment.shellAliases = { +    lsl = "ls -lAtr"; +  }; -    services.journald.extraConfig = '' -        SystemMaxUse=1G -        RuntimeMaxUse=128M -        ''; -    nixpkgs.config.packageOverrides = pkgs: { -        nano = pkgs.runCommand "empty" {} "mkdir -p $out"; -    }; -    services.cron.enable = false; -    services.nscd.enable = false; -    boot.kernel.sysctl = { -# Enable IPv6 Privacy Extensions -        "net.ipv6.conf.all.use_tempaddr" = 2; -        "net.ipv6.conf.default.use_tempaddr" = 2; -    }; -    i18n = { -        consoleKeyMap = "us"; -        defaultLocale = "en_US.UTF-8"; -    }; +  nixpkgs.config.packageOverrides = pkgs: { +    nano = pkgs.runCommand "empty" {} "mkdir -p $out"; +  }; + +  services.cron.enable = false; +  services.nscd.enable = false; + +  security.setuidPrograms = [ "sendmail" ]; +  services.journald.extraConfig = '' +    SystemMaxUse=1G +    RuntimeMaxUse=128M +    ''; +  # Enable IPv6 Privacy Extensions +  boot.kernel.sysctl = { +    "net.ipv6.conf.all.use_tempaddr" = 2; +    "net.ipv6.conf.default.use_tempaddr" = 2; +  }; +  i18n = { +    consoleKeyMap = "us"; +    defaultLocale = "en_US.UTF-8"; +  };  } | 
