diff options
author | lassulus <lass@aidsballs.de> | 2015-04-10 01:36:40 +0200 |
---|---|---|
committer | tv <tv@shackspace.de> | 2015-05-19 23:17:19 +0200 |
commit | 6593d16308109ded64d5c842d6a12c4106767df4 (patch) | |
tree | 347b039093b675308412098177525a31d9cecd77 /modules/cloudkrebs | |
parent | fe612ca7256643fda95b779fefd67a5dc89707e9 (diff) |
cloudkrebs: move to new folder structure
Diffstat (limited to 'modules/cloudkrebs')
-rw-r--r-- | modules/cloudkrebs/default.nix | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/modules/cloudkrebs/default.nix b/modules/cloudkrebs/default.nix new file mode 100644 index 000000000..cda40b216 --- /dev/null +++ b/modules/cloudkrebs/default.nix @@ -0,0 +1,61 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../tv/base-cac-CentOS-7-64bit.nix + ../lass/retiolum-cloudkrebs.nix + ../lass/networking-cloudkrebs.nix + ../../secrets/cloudkrebs-pw.nix + ]; + + nix.maxJobs = 1; + + #activationScripts + #split up and move into base + + #TODO move into modules + users.extraUsers = { + #main user + root = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors" + ]; + }; + lass = { + uid = 1337; + name = "lass"; + #isNormalUser = true; + group = "users"; + createHome = true; + home = "/home/lass"; + useDefaultShell = true; + isSystemUser = false; + description = "lassulus"; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors" + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + ]; + + services.openssh = { + enable = true; + hostKeys = [ + # XXX bits here make no science + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + permitRootLogin = "yes"; + }; + + networking.firewall = { + enable = true; + + allowedTCPPorts = [ + 22 + ]; + }; + +} |