summaryrefslogtreecommitdiffstats
path: root/old/modules/cloudkrebs/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'old/modules/cloudkrebs/default.nix')
-rw-r--r--old/modules/cloudkrebs/default.nix69
1 files changed, 69 insertions, 0 deletions
diff --git a/old/modules/cloudkrebs/default.nix b/old/modules/cloudkrebs/default.nix
new file mode 100644
index 000000000..938447e0e
--- /dev/null
+++ b/old/modules/cloudkrebs/default.nix
@@ -0,0 +1,69 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ../tv/base-cac-CentOS-7-64bit.nix
+ ../lass/retiolum-cloudkrebs.nix
+ ./networking.nix
+ ../../secrets/cloudkrebs-pw.nix
+ ../lass/sshkeys.nix
+ ../lass/base.nix
+ ../common/nixpkgs.nix
+ ];
+
+ nixpkgs = {
+ url = "https://github.com/Lassulus/nixpkgs";
+ rev = "b42ecfb8c61e514bf7733b4ab0982d3e7e27dacb";
+ };
+
+ nix.maxJobs = 1;
+
+ #activationScripts
+ #split up and move into base
+
+ #TODO move into modules
+ users.extraUsers = {
+ #main user
+ root = {
+ openssh.authorizedKeys.keys = [
+ config.sshKeys.lass.pub
+ ];
+ };
+ mainUser = {
+ uid = 1337;
+ name = "lass";
+ #isNormalUser = true;
+ group = "users";
+ createHome = true;
+ home = "/home/lass";
+ useDefaultShell = true;
+ isSystemUser = false;
+ description = "lassulus";
+ extraGroups = [ "wheel" ];
+ openssh.authorizedKeys.keys = [
+ config.sshKeys.lass.pub
+ ];
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ ];
+
+ services.openssh = {
+ enable = true;
+ hostKeys = [
+ # XXX bits here make no science
+ { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+ ];
+ permitRootLogin = "yes";
+ };
+
+ networking.firewall = {
+ enable = true;
+
+ allowedTCPPorts = [
+ 22
+ ];
+ };
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 14:19:47 +0000