diff options
author | tv <tv@krebsco.de> | 2015-07-16 23:22:30 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2015-07-16 23:22:30 +0200 |
commit | 6aadd262fc1ec1cb7159da9ee62bd35616ddc23d (patch) | |
tree | 57983c04bb49fe0375300861111a61cede545794 /old/modules/rmdir | |
parent | 546d86da1e3cab814372fc57c83e737617c7fed8 (diff) |
Goodbye old world, and thanks for all the fish!
Diffstat (limited to 'old/modules/rmdir')
-rw-r--r-- | old/modules/rmdir/default.nix | 87 | ||||
-rw-r--r-- | old/modules/rmdir/networking.nix | 15 | ||||
-rw-r--r-- | old/modules/rmdir/paths.nix | 12 | ||||
-rw-r--r-- | old/modules/rmdir/users.nix | 19 |
4 files changed, 0 insertions, 133 deletions
diff --git a/old/modules/rmdir/default.nix b/old/modules/rmdir/default.nix deleted file mode 100644 index 7279df7..0000000 --- a/old/modules/rmdir/default.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ config, pkgs, ... }: - -let - inherit (builtins) readFile; -in - -{ - imports = - [ - { users.extraUsers = import <secrets/extraUsers.nix>; } - ./networking.nix - ./users.nix - ../tv/base.nix - ../tv/base-cac-CentOS-7-64bit.nix - ../tv/config/consul-server.nix - ../tv/exim-smarthost.nix - ../tv/git/public.nix - ../tv/sanitize.nix - { - imports = [ ../tv/identity ]; - tv.identity = { - enable = true; - self = config.tv.identity.hosts.rmdir; - }; - } - { - imports = [ ../tv/iptables ]; - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "ssh" - "tinc" - "smtp" - "xmpp-client" - "xmpp-server" - ]; - input-retiolum-accept-new-tcp = [ - "http" - ]; - }; - } - { - imports = [ ../tv/retiolum ]; - tv.retiolum = { - enable = true; - hosts = <retiolum-hosts>; - connectTo = [ - "cd" - "mkdir" - "fastpoke" - "pigstarter" - "ire" - ]; - }; - } - ]; - - nix.maxJobs = 1; - - environment.systemPackages = with pkgs; [ - git # required for ./deploy, clone_or_update - htop - iftop - iotop - iptables - mutt # for mv - nethogs - rxvt_unicode.terminfo - tcpdump - ]; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - permitRootLogin = "yes"; - }; - - sound.enable = false; -} diff --git a/old/modules/rmdir/networking.nix b/old/modules/rmdir/networking.nix deleted file mode 100644 index fb39c5d..0000000 --- a/old/modules/rmdir/networking.nix +++ /dev/null @@ -1,15 +0,0 @@ -_: - -{ - networking.hostName = "rmdir"; - networking.interfaces.enp2s1.ip4 = [ - { - address = "167.88.44.94"; - prefixLength = 24; - } - ]; - networking.defaultGateway = "167.88.44.1"; - networking.nameservers = [ - "8.8.8.8" - ]; -} diff --git a/old/modules/rmdir/paths.nix b/old/modules/rmdir/paths.nix deleted file mode 100644 index f873912..0000000 --- a/old/modules/rmdir/paths.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - lib.file.url = ../../lib; - modules.file.url = ../../modules; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; - cache = ../../tmp/git-cache; - }; - pubkeys.file.url = ../../pubkeys; - retiolum-hosts.file.url = ../../hosts; - secrets.file.url = ../../secrets/cd/nix; -} diff --git a/old/modules/rmdir/users.nix b/old/modules/rmdir/users.nix deleted file mode 100644 index 82f078b..0000000 --- a/old/modules/rmdir/users.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ ... }: - -let - inherit (builtins) readFile; -in - -{ - users.extraUsers = - { - root = { - openssh.authorizedKeys.keys = [ - (readFile <pubkeys/deploy_wu.ssh.pub>) - (readFile <pubkeys/tv_wu.ssh.pub>) - ]; - }; - }; - - users.mutableUsers = false; -} |