From 5370e0485788224126861e076110ac705013d2de Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 11 Sep 2023 15:31:13 +0200 Subject: treewide: don't reference explicitly --- tv/2configs/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'tv/2configs/default.nix') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index a8d840c15..91aad54cf 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -10,7 +10,6 @@ with import ./lib; networking.hostName = config.krebs.build.host.name; imports = [ - ./backup.nix ./bash ./htop.nix @@ -28,6 +27,11 @@ with import ./lib; defaultUserShell = "/run/current-system/sw/bin/bash"; mutableUsers = false; users = { + root = { + openssh.authorizedKeys.keys = [ + config.krebs.users.tv.pubkey + ]; + }; tv = { inherit (config.krebs.users.tv) home uid; isNormalUser = true; -- cgit v1.2.3 From fbd485cd86c7e9984819357398f912a2d5510845 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Sep 2023 12:56:39 +0200 Subject: tv: emigrate --- tv/2configs/default.nix | 137 ------------------------------------------------ 1 file changed, 137 deletions(-) delete mode 100644 tv/2configs/default.nix (limited to 'tv/2configs/default.nix') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix deleted file mode 100644 index 91aad54cf..000000000 --- a/tv/2configs/default.nix +++ /dev/null @@ -1,137 +0,0 @@ -with import ./lib; -{ config, pkgs, ... }: { - boot.tmpOnTmpfs = true; - - krebs.enable = true; - - krebs.build.user = config.krebs.users.tv; - - networking.hostId = mkDefault (hashToLength 8 config.networking.hostName); - networking.hostName = config.krebs.build.host.name; - - imports = [ - ./backup.nix - ./bash - ./htop.nix - ./nets/hkw.nix - ./networkd.nix - ./nginx - ./nix.nix - ./pki - ./ssh.nix - ./sshd.nix - ./vim.nix - ./xdg.nix - { - users = { - defaultUserShell = "/run/current-system/sw/bin/bash"; - mutableUsers = false; - users = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.tv.pubkey - ]; - }; - tv = { - inherit (config.krebs.users.tv) home uid; - isNormalUser = true; - extraGroups = [ "tv" ]; - }; - }; - }; - } - { - i18n.defaultLocale = mkDefault "C.UTF-8"; - security.sudo.extraConfig = '' - Defaults env_keep+="SSH_CLIENT _CURRENT_DESKTOP_NAME" - Defaults mailto="${config.krebs.users.tv.mail}" - Defaults !lecture - ''; - time.timeZone = "Europe/Berlin"; - } - - { - nixpkgs.config.allowUnfree = false; - } - { - environment.homeBinInPath = true; - - environment.profileRelativeEnvVars.PATH = mkForce [ "/bin" ]; - - environment.systemPackages = with pkgs; [ - rxvt_unicode.terminfo - ]; - - environment.shellAliases = mkForce { - gp = "${pkgs.pari}/bin/gp -q"; - df = "df -h"; - du = "du -h"; - - # TODO alias cannot contain #\' - # "ps?" = "ps ax | head -n 1;ps ax | fgrep -v ' grep --color=auto ' | grep"; - - ls = "ls -h --color=auto --group-directories-first"; - dmesg = "dmesg -L --reltime"; - view = "vim -R"; - }; - - environment.variables = { - NIX_PATH = mkForce (concatStringsSep ":" [ - "secrets=/var/src/stockholm/null" - "/var/src" - ]); - }; - } - - { - services.cron.enable = false; - services.ntp.enable = false; - services.timesyncd.enable = true; - } - - { - boot.kernel.sysctl = { - # Enable IPv6 Privacy Extensions - # - # XXX use mkForce here because since NixOS 21.11 there's a collision in - # net.ipv6.conf.default.use_tempaddr, and boot.kernel.sysctl incapable - # of merging. - # - # XXX net.ipv6.conf.all.use_tempaddr is set because it was mentioned in - # https://tldp.org/HOWTO/Linux+IPv6-HOWTO/ch06s05.html - # TODO check if that is really necessary, otherwise we can rely solely - # on networking.tempAddresses in the future (when nothing is <21.11) - "net.ipv6.conf.all.use_tempaddr" = mkForce 2; - "net.ipv6.conf.default.use_tempaddr" = mkForce 2; - }; - } - - { - tv.iptables.enable = true; - tv.iptables.accept-echo-request = "internet"; - } - - { - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - } - - { - environment.systemPackages = [ - pkgs.field - pkgs.get - pkgs.git - pkgs.git-crypt - pkgs.git-preview - pkgs.hashPassword - pkgs.htop - pkgs.kpaste - pkgs.nix-prefetch-scripts - pkgs.ovh-zone - pkgs.push - ]; - } - ]; -} -- cgit v1.2.3