diff options
Diffstat (limited to 'shared')
| -rw-r--r-- | shared/1systems/wolf.nix | 71 | ||||
| -rw-r--r-- | shared/2configs/base.nix | 74 | 
2 files changed, 75 insertions, 70 deletions
| diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 60d1e8ce8..4fe3388c8 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -1,9 +1,8 @@  { config, lib, pkgs, ... }: -with lib; -  {    imports = [ +    ../2configs/base.nix      <nixpkgs/nixos/modules/profiles/qemu-guest.nix>      ../2configs/collectd-base.nix    ]; @@ -13,34 +12,6 @@ with lib;    krebs.build.user = config.krebs.users.shared;    krebs.build.target = "wolf"; -  krebs.enable = true; -  krebs.retiolum = { -    enable = true; -    connectTo = [ -      # TODO remove connectTo cd, this was only used for bootstrapping -      "cd" -      "gum" -      "pigstarter" -    ]; -  }; - -  krebs.build.source = { -    git.nixpkgs = { -      url = https://github.com/NixOS/nixpkgs; -      rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; -    }; -    dir.secrets = { -      host = config.krebs.current.host; -      path = "${getEnv "HOME"}/secrets/krebs/wolf"; -    }; -    dir.stockholm = { -      host = config.krebs.current.host; -      path = "${getEnv "HOME"}/stockholm"; -    }; -  }; - -  networking.hostName = config.krebs.build.host.name; -    boot.kernel.sysctl = {      # Enable IPv6 Privacy Extensions      "net.ipv6.conf.all.use_tempaddr" = 2; @@ -63,45 +34,5 @@ with lib;      { device = "/dev/disk/by-label/swap"; }    ]; -  nix.maxJobs = 1; -  nix.trustedBinaryCaches = [ -    "https://cache.nixos.org" -    "http://cache.nixos.org" -    "http://hydra.nixos.org" -  ]; -  nix.useChroot = true; - -  nixpkgs.config.packageOverrides = pkgs: { -    nano = pkgs.vim; -  }; - -  environment.systemPackages = with pkgs; [ -    git -    rxvt_unicode.terminfo -  ]; -    time.timeZone = "Europe/Berlin"; - -  programs.ssh.startAgent = false; - -  services.openssh = { -    enable = true; -    hostKeys = [ -      { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } -    ]; -  }; -  services.cron.enable = false; -  services.nscd.enable = false; -  services.ntp.enable = false; - -  users.mutableUsers = false; -  users.extraUsers.root.openssh.authorizedKeys.keys = [ -    # TODO -    config.krebs.users.lass.pubkey -    config.krebs.users.makefu.pubkey -    config.krebs.users.tv.pubkey -  ]; - -  # The NixOS release to be compatible with for stateful data such as databases. -  system.stateVersion = "15.09";  } diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix new file mode 100644 index 000000000..c9f4ffa8d --- /dev/null +++ b/shared/2configs/base.nix @@ -0,0 +1,74 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ +  krebs.enable = true; +  krebs.retiolum = { +    enable = true; +    connectTo = [ +      # TODO remove connectTo cd, this was only used for bootstrapping +      "cd" +      "gum" +      "pigstarter" +    ]; +  }; + +  krebs.build.source = { +    git.nixpkgs = { +      url = https://github.com/NixOS/nixpkgs; +      rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; +    }; +    dir.secrets = { +      host = config.krebs.current.host; +      path = "${getEnv "HOME"}/secrets/krebs/wolf"; +    }; +    dir.stockholm = { +      host = config.krebs.current.host; +      path = "${getEnv "HOME"}/stockholm"; +    }; +  }; + +  networking.hostName = config.krebs.build.host.name; + +  nix.maxJobs = 1; +  nix.trustedBinaryCaches = [ +    "https://cache.nixos.org" +    "http://cache.nixos.org" +    "http://hydra.nixos.org" +  ]; +  nix.useChroot = true; + +  nixpkgs.config.packageOverrides = pkgs: { +    nano = pkgs.vim; +  }; + +  environment.systemPackages = with pkgs; [ +    git +    rxvt_unicode.terminfo +  ]; + +  programs.ssh.startAgent = false; + +  services.openssh = { +    enable = true; +    hostKeys = [ +      { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } +    ]; +  }; +  services.cron.enable = false; +  services.nscd.enable = false; +  services.ntp.enable = false; + +  users.mutableUsers = false; +  users.extraUsers.root.openssh.authorizedKeys.keys = [ +    # TODO +    config.krebs.users.lass.pubkey +    config.krebs.users.makefu.pubkey +    config.krebs.users.tv.pubkey +  ]; + + +  # The NixOS release to be compatible with for stateful data such as databases. +  system.stateVersion = "15.09"; + +} | 
