diff options
author | lassulus <lassulus@lassul.us> | 2017-07-14 00:41:36 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2017-07-14 00:41:36 +0200 |
commit | 8d128c769aec24d8989db8220d680ea6f4735193 (patch) | |
tree | 8c8a6132fda88ba989bbb7fc170b54b1ca242987 /krebs/2configs/default.nix | |
parent | c4627764062a42f8d952ff90557c1e0d8735485f (diff) | |
parent | 58380c82848c3db0bd6c3d74904153f3464c2098 (diff) |
Merge remote-tracking branch 'ni/master'
Diffstat (limited to 'krebs/2configs/default.nix')
-rw-r--r-- | krebs/2configs/default.nix | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix new file mode 100644 index 000000000..53ad56d65 --- /dev/null +++ b/krebs/2configs/default.nix @@ -0,0 +1,51 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +{ + krebs.enable = true; + krebs.tinc.retiolum.enable = true; + + krebs.build.user = mkDefault config.krebs.users.krebs; + + networking.hostName = config.krebs.build.host.name; + + nix.maxJobs = 1; + nix.trustedBinaryCaches = [ + "https://cache.nixos.org" + "http://cache.nixos.org" + "http://hydra.nixos.org" + ]; + nix.useSandbox = true; + + environment.systemPackages = with pkgs; [ + git + rxvt_unicode.terminfo + ]; + + programs.ssh.startAgent = false; + + services.openssh = { + enable = true; + hostKeys = [ + { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + services.cron.enable = false; + services.nscd.enable = false; + services.ntp.enable = false; + + users.mutableUsers = false; + users.extraUsers.root.openssh.authorizedKeys.keys = [ + # TODO + config.krebs.users.lass.pubkey + config.krebs.users.makefu.pubkey + # TODO HARDER: + config.krebs.users.makefu-omo.pubkey + config.krebs.users.tv.pubkey + ]; + + + # The NixOS release to be compatible with for stateful data such as databases. + system.stateVersion = "15.09"; + +} |