add enable options for modules/common/default
All checks were successful
flake / flake (push) Successful in 2m9s
All checks were successful
flake / flake (push) Successful in 2m9s
This commit is contained in:
parent
b39549e1a9
commit
d9233021c7
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -15,6 +14,8 @@
|
|||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Impermanence
|
## Impermanence
|
||||||
custom.impermanence = {
|
custom.impermanence = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -29,6 +28,8 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Impermanence
|
## Impermanence
|
||||||
custom.impermanence.enable = true;
|
custom.impermanence.enable = true;
|
||||||
|
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
../../modules/spotify/default.nix
|
../../modules/spotify/default.nix
|
||||||
./bluetooth.nix
|
./bluetooth.nix
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
@ -17,6 +16,8 @@
|
|||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Impermanence
|
## Impermanence
|
||||||
custom.impermanence = {
|
custom.impermanence = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -15,6 +14,8 @@
|
|||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Impermanence
|
## Impermanence
|
||||||
custom.impermanence.enable = true;
|
custom.impermanence.enable = true;
|
||||||
|
|
||||||
|
@ -3,7 +3,6 @@
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../modules/common/default.nix
|
|
||||||
../../modules/rpi/rpi4.nix
|
../../modules/rpi/rpi4.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -13,6 +12,8 @@
|
|||||||
networking.hostName = "li";
|
networking.hostName = "li";
|
||||||
networking.domain = "pop.ts.hillion.co.uk";
|
networking.domain = "pop.ts.hillion.co.uk";
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Custom Services
|
## Custom Services
|
||||||
custom.locations.autoServe = true;
|
custom.locations.autoServe = true;
|
||||||
|
|
||||||
|
@ -3,7 +3,6 @@
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../modules/common/default.nix
|
|
||||||
../../modules/rpi/rpi4.nix
|
../../modules/rpi/rpi4.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -13,6 +12,8 @@
|
|||||||
networking.hostName = "microserver";
|
networking.hostName = "microserver";
|
||||||
networking.domain = "home.ts.hillion.co.uk";
|
networking.domain = "home.ts.hillion.co.uk";
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Custom Services
|
## Custom Services
|
||||||
custom.locations.autoServe = true;
|
custom.locations.autoServe = true;
|
||||||
|
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -19,6 +18,8 @@
|
|||||||
"net.ipv4.conf.all.forwarding" = true;
|
"net.ipv4.conf.all.forwarding" = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Interactive password
|
## Interactive password
|
||||||
custom.users.jake.password = true;
|
custom.users.jake.password = true;
|
||||||
|
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -15,6 +14,8 @@
|
|||||||
boot.loader.grub.enable = false;
|
boot.loader.grub.enable = false;
|
||||||
boot.loader.generic-extlinux-compatible.enable = true;
|
boot.loader.generic-extlinux-compatible.enable = true;
|
||||||
|
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Custom Services
|
## Custom Services
|
||||||
custom = {
|
custom = {
|
||||||
locations.autoServe = true;
|
locations.autoServe = true;
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../modules/common/default.nix
|
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -17,6 +16,7 @@
|
|||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
custom.locations.autoServe = true;
|
custom.locations.autoServe = true;
|
||||||
|
custom.defaults = true;
|
||||||
|
|
||||||
## Tailscale
|
## Tailscale
|
||||||
age.secrets."tailscale/tywin.storage.ts.hillion.co.uk".file = ../../secrets/tailscale/tywin.storage.ts.hillion.co.uk.age;
|
age.secrets."tailscale/tywin.storage.ts.hillion.co.uk".file = ../../secrets/tailscale/tywin.storage.ts.hillion.co.uk.age;
|
||||||
|
@ -1,60 +0,0 @@
|
|||||||
{ pkgs, lib, config, agenix, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../home/default.nix
|
|
||||||
./shell.nix
|
|
||||||
./ssh.nix
|
|
||||||
./update_scripts.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
nix = {
|
|
||||||
settings.experimental-features = [ "nix-command" "flakes" ];
|
|
||||||
settings = {
|
|
||||||
auto-optimise-store = true;
|
|
||||||
};
|
|
||||||
gc = {
|
|
||||||
automatic = true;
|
|
||||||
dates = "weekly";
|
|
||||||
options = "--delete-older-than 90d";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
|
||||||
i18n.defaultLocale = "en_GB.UTF-8";
|
|
||||||
|
|
||||||
users = {
|
|
||||||
mutableUsers = false;
|
|
||||||
users."jake" = {
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [ "wheel" ]; # enable sudo
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
security.sudo.wheelNeedsPassword = false;
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
systemPackages = with pkgs; [
|
|
||||||
agenix.packages."${system}".default
|
|
||||||
gh
|
|
||||||
git
|
|
||||||
htop
|
|
||||||
nix
|
|
||||||
sapling
|
|
||||||
vim
|
|
||||||
];
|
|
||||||
variables.EDITOR = "vim";
|
|
||||||
shellAliases = {
|
|
||||||
ls = "ls -p --color=auto";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
networking = rec {
|
|
||||||
nameservers = [ "1.1.1.1" "8.8.8.8" ];
|
|
||||||
networkmanager.dns = "none";
|
|
||||||
};
|
|
||||||
networking.firewall.enable = true;
|
|
||||||
|
|
||||||
custom.hostinfo.enable = true;
|
|
||||||
}
|
|
@ -1,44 +0,0 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
users.users."jake".openssh.authorizedKeys.keys = [
|
|
||||||
"sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBBwJH4udKNvi9TjOBgkxpBBy7hzWqmP0lT5zE9neusCpQLIiDhr6KXYMPXWXdZDc18wH1OLi2+639dXOvp8V/wgAAAAEc3NoOg== jake@beryllium-keys"
|
|
||||||
|
|
||||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOt74U+rL+BMtAEjfu/Optg1D7Ly7U+TupRxd5u9kfN7oJnW4dJA25WRSr4dgQNq7MiMveoduBY/ky2s0c9gvIA= jake@jake-gentoo"
|
|
||||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC0uKIvvvkzrOcS7AcamsQRFId+bqPwUC9IiUIsiH5oWX1ReiITOuEo+TL9YMII5RyyfJFeu2ZP9moNuZYlE7Bs= jake@jake-mbp"
|
|
||||||
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAyFsYYjLZ/wyw8XUbcmkk6OKt2IqLOnWpRE5gEvm3X0V4IeTOL9F4IL79h7FTsPvi2t9zGBL1hxeTMZHSGfrdWaMJkQp94gA1W30MKXvJ47nEVt0HUIOufGqgTTaAn4BHxlFUBUuS7UxaA4igFpFVoPJed7ZMhMqxg+RWUmBAkcgTWDMgzUx44TiNpzkYlG8cYuqcIzpV2dhGn79qsfUzBMpGJgkxjkGdDEHRk66JXgD/EtVasZvqp5/KLNnOpisKjR88UJKJ6/buV7FLVra4/0hA9JtH9e1ecCfxMPbOeluaxlieEuSXV2oJMbQoPP87+/QriNdi/6QuCHkMDEhyGw== jake@jake-mbp"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw4lgH20nfuchDqvVf0YciqN0GnBw5hfh8KIun5z0P7wlNgVYnCyvPvdIlGf2Nt1z5EGfsMzMLhKDOZkcTMlhupd+j2Er/ZB764uVBGe1n3CoPeasmbIlnamZ12EusYDvQGm2hVJTGQPPp9nKaRxr6ljvTMTNl0KWlWvKP4kec74d28MGgULOPLT3HlAyvUymSULK4lSxFK0l97IVXLa8YwuL5TNFGHUmjoSsi/Q7/CKaqvNh+ib1BYHzHYsuEzaaApnCnfjDBNexHm/AfbI7s+g3XZDcZOORZn6r44dOBNFfwvppsWj3CszwJQYIFeJFuMRtzlC8+kyYxci0+FXHn jake@jake-gentoo"
|
|
||||||
|
|
||||||
];
|
|
||||||
|
|
||||||
programs.mosh.enable = true;
|
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
openFirewall = true;
|
|
||||||
|
|
||||||
settings = {
|
|
||||||
PermitRootLogin = "no";
|
|
||||||
PasswordAuthentication = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.ssh.knownHosts = {
|
|
||||||
# Global Internet hosts
|
|
||||||
"ssh.gitea.hillion.co.uk".publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCxQpywsy+WGeaEkEL67xOBL1NIE++pcojxro5xAPO6VQe2N79388NRFMLlX6HtnebkIpVrvnqdLOs0BPMAokjaWCC4Ay7T/3ko1kXSOlqHY5Ye9jtjRK+wPHMZgzf74a3jlvxjrXJMA70rPQ3X+8UGpA04eB3JyyLTLuVvc6znMe53QiZ0x+hSz+4pYshnCO2UazJ148vV3htN6wRK+uqjNdjjQXkNJ7llNBSrvmfrLidlf0LRphEk43maSQCBcLEZgf4pxXBA7rFuZABZTz1twbnxP2ziyBaSOs7rcII+jVhF2cqJlElutBfIgRNJ3DjNiTcdhNaZzkwJ59huR0LUFQlHI+SALvPzE9ZXWVOX/SqQG+oIB8VebR52icii0aJH7jatkogwNk0121xmhpvvR7gwbJ9YjYRTpKs4lew3bq/W/OM8GF/FEuCsCuNIXRXKqIjJVAtIpuuhxPymFHeqJH3wK3f6jTJfcAz/z33Rwpow2VOdDyqrRfAW8ti73CCnRlN+VJi0V/zvYGs9CHldY3YvMr7rSd0+fdGyJHSTSRBF0vcyRVA/SqSfcIo/5o0ssYoBnQCg6gOkc3nNQ0C0/qh1ww17rw4hqBRxFJ2t3aBUMK+UHPxrELLVmG6ZUmfg9uVkOoafjRsoML6DVDB4JAk5JsmcZhybOarI9PJfEQ==";
|
|
||||||
|
|
||||||
# Tailscale hosts
|
|
||||||
"boron.cx.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOtQy+FGs/2cN82X15LUGJk8iAAxkttEffwpNnpmLXdg";
|
|
||||||
"be.lt.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILV3OSUT+cqFqrFHZGfn7/xi5FW3n1qjUFy8zBbYs2Sm";
|
|
||||||
"dancefloor.dancefloor.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXkGueVYKr2wp/VHo2QLis0kmKtc/Upg3pGoHr6RkzY";
|
|
||||||
"gendry.jakehillion.terminals.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXM5aDvNv4MTITXAvJWSS2yvr/mbxJE31tgwJtcl38c";
|
|
||||||
"homeassistant.homeassistant.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM2ytacl/zYXhgvosvhudsl0zW5eQRHXm9aMqG9adux";
|
|
||||||
"jorah.cx.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILA9Hp37ljgVRZwjXnTh+XqRuQWk23alOqe7ptwSr2A5";
|
|
||||||
"li.pop.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHQWgcDFL9UZBDKHPiEGepT1Qsc4gz3Pee0/XVHJ6V6u";
|
|
||||||
"microserver.home.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPOCPqXm5a+vGB6PsJFvjKNgjLhM5MxrwCy6iHGRjXw";
|
|
||||||
"router.home.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlCj/i2xprN6h0Ik2tthOJQy6Qwq3Ony73+yfbHYTFu";
|
|
||||||
"theon.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN59psLVu3/sQORA4x3p8H3ei8MCQlcwX5T+k3kBeBMf";
|
|
||||||
"tywin.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGATsjWO0qZNFp2BhfgDuWi+e/ScMkFxp79N2OZoed1k";
|
|
||||||
};
|
|
||||||
programs.ssh.knownHostsFiles = [ ./github_known_hosts ];
|
|
||||||
}
|
|
@ -4,13 +4,17 @@
|
|||||||
imports = [
|
imports = [
|
||||||
./backups/default.nix
|
./backups/default.nix
|
||||||
./chia.nix
|
./chia.nix
|
||||||
./common/hostinfo.nix
|
./defaults.nix
|
||||||
./desktop/awesome/default.nix
|
./desktop/awesome/default.nix
|
||||||
|
./home/default.nix
|
||||||
|
./hostinfo.nix
|
||||||
./ids.nix
|
./ids.nix
|
||||||
./impermanence.nix
|
./impermanence.nix
|
||||||
./locations.nix
|
./locations.nix
|
||||||
./resilio.nix
|
./resilio.nix
|
||||||
./services/default.nix
|
./services/default.nix
|
||||||
|
./shell/default.nix
|
||||||
|
./ssh/default.nix
|
||||||
./storj.nix
|
./storj.nix
|
||||||
./tailscale.nix
|
./tailscale.nix
|
||||||
./users.nix
|
./users.nix
|
||||||
|
62
modules/defaults.nix
Normal file
62
modules/defaults.nix
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
{ pkgs, lib, config, agenix, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
options.custom.defaults = lib.mkEnableOption "defaults";
|
||||||
|
|
||||||
|
config = lib.mkIf config.custom.defaults {
|
||||||
|
nix = {
|
||||||
|
settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
|
settings = {
|
||||||
|
auto-optimise-store = true;
|
||||||
|
};
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 90d";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
|
time.timeZone = "Europe/London";
|
||||||
|
i18n.defaultLocale = "en_GB.UTF-8";
|
||||||
|
|
||||||
|
users = {
|
||||||
|
mutableUsers = false;
|
||||||
|
users.${config.custom.user} = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ "wheel" ]; # enable sudo
|
||||||
|
uid = config.ids.uids.${config.custom.user};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
systemPackages = with pkgs; [
|
||||||
|
agenix.packages."${system}".default
|
||||||
|
gh
|
||||||
|
git
|
||||||
|
htop
|
||||||
|
nix
|
||||||
|
sapling
|
||||||
|
vim
|
||||||
|
];
|
||||||
|
variables.EDITOR = "vim";
|
||||||
|
shellAliases = {
|
||||||
|
ls = "ls -p --color=auto";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = rec {
|
||||||
|
nameservers = [ "1.1.1.1" "8.8.8.8" ];
|
||||||
|
networkmanager.dns = "none";
|
||||||
|
};
|
||||||
|
networking.firewall.enable = true;
|
||||||
|
|
||||||
|
# Delegation
|
||||||
|
custom.home.defaults = true;
|
||||||
|
custom.hostinfo.enable = true;
|
||||||
|
custom.shell.enable = true;
|
||||||
|
custom.ssh.enable = true;
|
||||||
|
};
|
||||||
|
}
|
@ -6,7 +6,9 @@
|
|||||||
./tmux/default.nix
|
./tmux/default.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
config = {
|
options.custom.home.defaults = lib.mkEnableOption "home";
|
||||||
|
|
||||||
|
config = lib.mkIf config.custom.home.defaults {
|
||||||
home-manager = {
|
home-manager = {
|
||||||
users.root.home = {
|
users.root.home = {
|
||||||
stateVersion = "22.11";
|
stateVersion = "22.11";
|
||||||
@ -22,5 +24,9 @@
|
|||||||
file.".zshrc".text = "";
|
file.".zshrc".text = "";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Delegation
|
||||||
|
custom.home.git.enable = true;
|
||||||
|
custom.home.tmux.enable = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,15 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.custom.home.git;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
home-manager.users.jake.programs.git = {
|
options.custom.home.git = {
|
||||||
|
enable = lib.mkEnableOption "git";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
home-manager.users.jake.programs.git = lib.mkIf (config.custom.user == "jake") {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
user = {
|
user = {
|
||||||
@ -19,4 +27,5 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,8 +1,17 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.custom.home.tmux;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
|
options.custom.home.tmux = {
|
||||||
|
enable = lib.mkEnableOption "tmux";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
home-manager.users.jake.programs.tmux = {
|
home-manager.users.jake.programs.tmux = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = lib.readFile ./.tmux.conf;
|
extraConfig = lib.readFile ./.tmux.conf;
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,20 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.custom.shell;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
config = {
|
imports = [
|
||||||
|
./update_scripts.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
options.custom.shell = {
|
||||||
|
enable = lib.mkEnableOption "shell";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
custom.shell.update_scripts.enable = true;
|
||||||
|
|
||||||
users.defaultUserShell = pkgs.zsh;
|
users.defaultUserShell = pkgs.zsh;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ direnv ];
|
environment.systemPackages = with pkgs; [ direnv ];
|
@ -1,6 +1,8 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
cfg = config.custom.shell.update_scripts;
|
||||||
|
|
||||||
update = pkgs.writeScriptBin "update" ''
|
update = pkgs.writeScriptBin "update" ''
|
||||||
#! ${pkgs.runtimeShell}
|
#! ${pkgs.runtimeShell}
|
||||||
set -e
|
set -e
|
||||||
@ -50,7 +52,11 @@ let
|
|||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = {
|
options.custom.shell.update_scripts = {
|
||||||
|
enable = lib.mkEnableOption "update_scripts";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
update
|
update
|
||||||
];
|
];
|
55
modules/ssh/default.nix
Normal file
55
modules/ssh/default.nix
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.custom.ssh;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.custom.ssh = {
|
||||||
|
enable = lib.mkEnableOption "ssh";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
users.users =
|
||||||
|
if config.custom.user == "jake" then {
|
||||||
|
"jake".openssh.authorizedKeys.keys = [
|
||||||
|
"sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBBwJH4udKNvi9TjOBgkxpBBy7hzWqmP0lT5zE9neusCpQLIiDhr6KXYMPXWXdZDc18wH1OLi2+639dXOvp8V/wgAAAAEc3NoOg== jake@beryllium-keys"
|
||||||
|
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOt74U+rL+BMtAEjfu/Optg1D7Ly7U+TupRxd5u9kfN7oJnW4dJA25WRSr4dgQNq7MiMveoduBY/ky2s0c9gvIA= jake@jake-gentoo"
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC0uKIvvvkzrOcS7AcamsQRFId+bqPwUC9IiUIsiH5oWX1ReiITOuEo+TL9YMII5RyyfJFeu2ZP9moNuZYlE7Bs= jake@jake-mbp"
|
||||||
|
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAyFsYYjLZ/wyw8XUbcmkk6OKt2IqLOnWpRE5gEvm3X0V4IeTOL9F4IL79h7FTsPvi2t9zGBL1hxeTMZHSGfrdWaMJkQp94gA1W30MKXvJ47nEVt0HUIOufGqgTTaAn4BHxlFUBUuS7UxaA4igFpFVoPJed7ZMhMqxg+RWUmBAkcgTWDMgzUx44TiNpzkYlG8cYuqcIzpV2dhGn79qsfUzBMpGJgkxjkGdDEHRk66JXgD/EtVasZvqp5/KLNnOpisKjR88UJKJ6/buV7FLVra4/0hA9JtH9e1ecCfxMPbOeluaxlieEuSXV2oJMbQoPP87+/QriNdi/6QuCHkMDEhyGw== jake@jake-mbp"
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw4lgH20nfuchDqvVf0YciqN0GnBw5hfh8KIun5z0P7wlNgVYnCyvPvdIlGf2Nt1z5EGfsMzMLhKDOZkcTMlhupd+j2Er/ZB764uVBGe1n3CoPeasmbIlnamZ12EusYDvQGm2hVJTGQPPp9nKaRxr6ljvTMTNl0KWlWvKP4kec74d28MGgULOPLT3HlAyvUymSULK4lSxFK0l97IVXLa8YwuL5TNFGHUmjoSsi/Q7/CKaqvNh+ib1BYHzHYsuEzaaApnCnfjDBNexHm/AfbI7s+g3XZDcZOORZn6r44dOBNFfwvppsWj3CszwJQYIFeJFuMRtzlC8+kyYxci0+FXHn jake@jake-gentoo"
|
||||||
|
];
|
||||||
|
} else { };
|
||||||
|
|
||||||
|
programs.mosh.enable = true;
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
PermitRootLogin = "no";
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.ssh.knownHosts = {
|
||||||
|
# Global Internet hosts
|
||||||
|
"ssh.gitea.hillion.co.uk".publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCxQpywsy+WGeaEkEL67xOBL1NIE++pcojxro5xAPO6VQe2N79388NRFMLlX6HtnebkIpVrvnqdLOs0BPMAokjaWCC4Ay7T/3ko1kXSOlqHY5Ye9jtjRK+wPHMZgzf74a3jlvxjrXJMA70rPQ3X+8UGpA04eB3JyyLTLuVvc6znMe53QiZ0x+hSz+4pYshnCO2UazJ148vV3htN6wRK+uqjNdjjQXkNJ7llNBSrvmfrLidlf0LRphEk43maSQCBcLEZgf4pxXBA7rFuZABZTz1twbnxP2ziyBaSOs7rcII+jVhF2cqJlElutBfIgRNJ3DjNiTcdhNaZzkwJ59huR0LUFQlHI+SALvPzE9ZXWVOX/SqQG+oIB8VebR52icii0aJH7jatkogwNk0121xmhpvvR7gwbJ9YjYRTpKs4lew3bq/W/OM8GF/FEuCsCuNIXRXKqIjJVAtIpuuhxPymFHeqJH3wK3f6jTJfcAz/z33Rwpow2VOdDyqrRfAW8ti73CCnRlN+VJi0V/zvYGs9CHldY3YvMr7rSd0+fdGyJHSTSRBF0vcyRVA/SqSfcIo/5o0ssYoBnQCg6gOkc3nNQ0C0/qh1ww17rw4hqBRxFJ2t3aBUMK+UHPxrELLVmG6ZUmfg9uVkOoafjRsoML6DVDB4JAk5JsmcZhybOarI9PJfEQ==";
|
||||||
|
|
||||||
|
# Tailscale hosts
|
||||||
|
"boron.cx.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOtQy+FGs/2cN82X15LUGJk8iAAxkttEffwpNnpmLXdg";
|
||||||
|
"be.lt.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILV3OSUT+cqFqrFHZGfn7/xi5FW3n1qjUFy8zBbYs2Sm";
|
||||||
|
"dancefloor.dancefloor.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXkGueVYKr2wp/VHo2QLis0kmKtc/Upg3pGoHr6RkzY";
|
||||||
|
"gendry.jakehillion.terminals.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXM5aDvNv4MTITXAvJWSS2yvr/mbxJE31tgwJtcl38c";
|
||||||
|
"homeassistant.homeassistant.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPM2ytacl/zYXhgvosvhudsl0zW5eQRHXm9aMqG9adux";
|
||||||
|
"jorah.cx.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILA9Hp37ljgVRZwjXnTh+XqRuQWk23alOqe7ptwSr2A5";
|
||||||
|
"li.pop.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHQWgcDFL9UZBDKHPiEGepT1Qsc4gz3Pee0/XVHJ6V6u";
|
||||||
|
"microserver.home.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPOCPqXm5a+vGB6PsJFvjKNgjLhM5MxrwCy6iHGRjXw";
|
||||||
|
"router.home.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlCj/i2xprN6h0Ik2tthOJQy6Qwq3Ony73+yfbHYTFu";
|
||||||
|
"theon.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN59psLVu3/sQORA4x3p8H3ei8MCQlcwX5T+k3kBeBMf";
|
||||||
|
"tywin.storage.ts.hillion.co.uk".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGATsjWO0qZNFp2BhfgDuWi+e/ScMkFxp79N2OZoed1k";
|
||||||
|
};
|
||||||
|
programs.ssh.knownHostsFiles = [ ./github_known_hosts ];
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user