magic_rb/dotfiles
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/dotfiles synced 2024-11-26 10:06:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Split off vpsRemoteAccess module

Browse source 
Signed-off-by: Magic_RB <magic_rb@redalder.org>
This commit is contained in:
Magic_RB 2021-07-31 13:21:50 +02:00
parent 87fe56b9ab
commit 45e7f50e88
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E
3 changed files with 15 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nix/nixos-modules/default.nix
View file

@ -9,6 +9,7 @@
./pin-nixpkgs.nix ./pin-nixpkgs.nix
./pulseaudio.nix ./pulseaudio.nix
./vault-agent.nix ./vault-agent.nix
./vps-remote-access.nix
./sshd-emacs.nix ./sshd-emacs.nix
./xserver ./xserver
../hardware/default.nix ../hardware/default.nix

12
nix/systems/oci-nixos.nix
View file

@ -16,9 +16,13 @@ inputs: {
pins = inputs; pins = inputs;
overlays = inputs.self.overlays; overlays = inputs.self.overlays;
hardware."${hostName}" = true; hardware.${hostName} = true;
flakes.enable = true; flakes.enable = true;
sshdEmacs = true; sshdEmacs.enable = true;
vpsRemoteAccess =
{ enable = true;
trustedWheel = true;
};
}; };
users.groups.nix-cache = users.groups.nix-cache =
@ -39,10 +43,6 @@ inputs: {
[ pkgs.git ]; [ pkgs.git ];
services.openssh = { services.openssh = {
enable = true;
passwordAuthentication = true;
permitRootLogin = "no";
extraConfig = '' extraConfig = ''
Match User nix-cache Match User nix-cache
ChrootDirectory /var/nix-cache ChrootDirectory /var/nix-cache

17
nix/systems/toothpick.nix
View file

@ -11,13 +11,12 @@ inputs: {
hardware.toothpick = true; hardware.toothpick = true;
flakes.enable = true; flakes.enable = true;
sshdEmacs.enable = true; sshdEmacs.enable = true;
vpsRemoteAccess =
{ enable = true;
trustedWheel = true;
};
}; };
nix.trustedUsers =
[ "@wheel" ];
services.openssh.enable = true;
environment.systemPackages = environment.systemPackages =
[ pkgs.git [ pkgs.git
pkgs.envoy pkgs.envoy
@ -42,9 +41,9 @@ inputs: {
services.nfs.server.enable = true; services.nfs.server.enable = true;
# create default network with `podman -r network create default` # create default network with `podman -r network create default`
virtualisation.podman = { # virtualisation.podman = {
enable = true; # enable = true;
}; # };
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
@ -361,7 +360,7 @@ inputs: {
} }
# thy - main # thy - main
{ publicKey = { publicKey =
"t04ttCF+EaiAcCKbJh/Z+QR0FCspmGe4BpUbKp2t+Co="; "dEwoaWN1CiCorGwogggUNhbNsXvfYgfw7GqFxvSKGBk=";
allowedIPs = allowedIPs =
[ "10.64.0.6/32" ]; [ "10.64.0.6/32" ];
} }