palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

wip (works)

Browse source
This commit is contained in:
Ingolf Wagner 2024-08-07 20:33:07 +02:00
parent cd1d0c7e74
commit 1a8ae5ded2
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
components/nixos/boot/ssh.nix
View file

@ -19,7 +19,7 @@ with types;
config = mkIf (config.components.nixos.boot.ssh.enable) { config = mkIf (config.components.nixos.boot.ssh.enable) {
# root password # root password
clan.core.facts.services.rootPassword = factsGenerator.password { name = "root"; }; #clan.core.facts.services.rootPassword = factsGenerator.password { name = "root"; };
#users.users.root.hashedPasswordFile = config.clan.core.facts.services.rootPassword.secret."password.root.pam".path; # fixme not working for some reason #users.users.root.hashedPasswordFile = config.clan.core.facts.services.rootPassword.secret."password.root.pam".path; # fixme not working for some reason
#users.users.root.initalPassword = "admin"; #users.users.root.initalPassword = "admin";

10
flake.nix
View file

@ -246,12 +246,8 @@
# configure nix # configure nix
({ pkgs, lib, clanLib, ... }: ({ pkgs, lib, clanLib, ... }:
{ {
nix.settings.substituters = [ #nix.settings.substituters = [ "http://cache.orbi.wg0" ];
"http://cache.orbi.wg0" #nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
];
nix.settings.trusted-public-keys = [
(clanLib.readFact "nix-serve.pub" "orbi")
];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.max-jobs = 1; nix.settings.max-jobs = 1;
# no channesl needed this way # no channesl needed this way
@ -485,7 +481,7 @@
srvos.nixosModules.hardware-hetzner-cloud srvos.nixosModules.hardware-hetzner-cloud
srvos.nixosModules.server srvos.nixosModules.server
srvos.nixosModules.mixins-terminfo srvos.nixosModules.mixins-terminfo
inputs.clan-core.clanModules.sshd #inputs.clan-core.clanModules.sshd
{ {
home-manager.users.mainUser = import ./homes/palo; home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root; home-manager.users.root = import ./homes/root;

1
machines/probe/configuration.nix
View file

@ -11,6 +11,7 @@
components.network.enable = true; components.network.enable = true;
components.nixos.boot.enable = true; components.nixos.boot.enable = true;
components.nixos.boot.ssh.enable = true;
networking.hostName = "probe"; networking.hostName = "probe";
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJkqVvuJSvRMO5pG2CHNNBxjB7HlJudK4TQs3BhbOWOD" ]; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJkqVvuJSvRMO5pG2CHNNBxjB7HlJudK4TQs3BhbOWOD" ];

2
machines/probe/hardware-configuration/hetzner.nix
View file

@ -1,7 +1,7 @@
{ {
systemd.network.enable = true; systemd.network.enable = true;
systemd.network.networks."10-private-hetzner" = { systemd.network.networks."10-private-hetzner" = {
matchConfig.Name = "en*"; matchConfig.Name = "e*";
networkConfig.DHCP = "ipv4"; networkConfig.DHCP = "ipv4";
linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "routable";
}; };