workhorse done and nixpkgs-fmt

2021-11-01 09:20:42 +01:00 · 2021-11-01 09:20:42 +01:00 · fc33e57a54
commit fc33e57a54
parent 87be340dfa
124 changed files with 3142 additions and 2590 deletions
--- a/nixos/system/server/initssh.nix
+++ b/nixos/system/server/initssh.nix
@ -6,7 +6,8 @@ let

  cfg = config.configuration.init-ssh;

-in {
+in
+{

  options.configuration.init-ssh = {

@ -22,7 +23,7 @@ in {
    };

    port = mkOption {
-      default = 23;
+      default = 22;
      type = with types; int;
    };

@ -30,7 +31,7 @@ in {
      type = with types; listOf str;
      default = config.users.users.root.openssh.authorizedKeys.keys
        ++ (map (keyFile: lib.fileContents keyFile)
-          config.users.users.root.openssh.authorizedKeys.keyFiles);
+        config.users.users.root.openssh.authorizedKeys.keyFiles);
    };
    hostKey = mkOption {
      default = "/etc/ssh/ssh_host_ed25519_key";
@ -50,7 +51,7 @@ in {
      services.tor = {
        enable = true;
        client.enable = true;
-        relay.onionServices.bootup.map = [{ port = 23; }];
+        relay.onionServices.bootup.map = [{ port = 22; }];
      };
    })

@ -65,28 +66,30 @@ in {
        copy_bin_and_libs ${pkgs.tor}/bin/tor
      '';

-      boot.initrd.network.postCommands = let
-        torRc = (pkgs.writeText "tor.rc" ''
-          DataDirectory /etc/tor
-          SOCKSPort 127.0.0.1:9050 IsolateDestAddr
-          SOCKSPort 127.0.0.1:9063
-          HiddenServiceDir /etc/tor/onion/bootup
-          HiddenServicePort ${toString cfg.port} 127.0.0.1:${toString cfg.port}
-        '');
-      in ''
-        echo "tor: preparing onion folder"
-        # have to do this otherwise tor does not want to start
-        chmod -R 700 /etc/tor
+      boot.initrd.network.postCommands =
+        let
+          torRc = (pkgs.writeText "tor.rc" ''
+            DataDirectory /etc/tor
+            SOCKSPort 127.0.0.1:9050 IsolateDestAddr
+            SOCKSPort 127.0.0.1:9063
+            HiddenServiceDir /etc/tor/onion/bootup
+            HiddenServicePort ${toString cfg.port} 127.0.0.1:${toString cfg.port}
+          '');
+        in
+        ''
+          echo "tor: preparing onion folder"
+          # have to do this otherwise tor does not want to start
+          chmod -R 700 /etc/tor

-        echo "make sure localhost is up"
-        ip a a 127.0.0.1/8 dev lo
-        # ifconfig lo up
-        ip link set lo up
+          echo "make sure localhost is up"
+          ip a a 127.0.0.1/8 dev lo
+          # ifconfig lo up
+          ip link set lo up

-        echo "tor: starting tor"
-        tor -f ${torRc} --verify-config
-        tor -f ${torRc} &
-      '';
+          echo "tor: starting tor"
+          tor -f ${torRc} --verify-config
+          tor -f ${torRc} &
+        '';

      # ssh setup
      # todo add the ssh host fingerprint to your trusted stuff
--- a/nixos/system/server/packages.nix
+++ b/nixos/system/server/packages.nix
@ -1,16 +1,20 @@
 { pkgs, config, lib, ... }: {

  # no need to to start a service
-  environment.systemPackages = let
+  environment.systemPackages =
+    let

-    nginxShowConfig = pkgs.writers.writePython3Bin "nginx-show-config" {
-      flakeIgnore = [ "E265" "E225" "W292" ];
-    } (lib.fileContents ../../assets/nginx-show-config.sh);
-  in [
-    pkgs.mosh
+      nginxShowConfig = pkgs.writers.writePython3Bin "nginx-show-config"
+        {
+          flakeIgnore = [ "E265" "E225" "W292" ];
+        }
+        (lib.fileContents ../../assets/nginx-show-config.sh);
+    in
+    [
+      pkgs.mosh

-    # nginxfmt
-    pkgs.nginx-config-formatter
-    nginxShowConfig
-  ];
+      # nginxfmt
+      pkgs.nginx-config-formatter
+      nginxShowConfig
+    ];
 }