From 66060b0b362895a0484be162cd915957ed8ad00d Mon Sep 17 00:00:00 2001 From: polsevev Date: Wed, 12 Feb 2025 21:40:04 +0100 Subject: [PATCH] flake --- nixos/hephaestus/configuration.nix | 31 ++++++++++++++++-------------- nixos/hephaestus/flake.nix | 20 +++++++++++++++++++ 2 files changed, 37 insertions(+), 14 deletions(-) create mode 100644 nixos/hephaestus/flake.nix diff --git a/nixos/hephaestus/configuration.nix b/nixos/hephaestus/configuration.nix index d7ea600..564cd38 100644 --- a/nixos/hephaestus/configuration.nix +++ b/nixos/hephaestus/configuration.nix @@ -5,10 +5,9 @@ { config, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; # Bootloader. boot.loader.systemd-boot.enable = true; @@ -23,10 +22,12 @@ # Enable networking networking.networkmanager.enable = true; + networking.defaultGateway.address = "192.168.1.1"; networking.interfaces.enp3s0.ipv4.addresses = [{ address = "192.168.1.25"; prefixLength = 24; }]; + networking.nameservers = [ "192.168.1.69" "1.1.1.1" ]; # Set your time zone. time.timeZone = "Europe/Oslo"; @@ -47,31 +48,31 @@ isNormalUser = true; description = "Hephaestus"; extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; []; + packages = with pkgs; [ ]; }; - users.users.ansible= { + users.users.ansible = { isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "sudo"]; - packages = with pkgs; []; + extraGroups = [ "wheel" "networkmanager" "sudo" ]; + packages = with pkgs; [ ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGKOGZKJO31YZem1OTZtIg3fKaatbFmqmRNRD+K9GpX rgl002@student.uib.no" ]; }; - + security.sudo.wheelNeedsPassword = false; # Allow unfree packages nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget btop vim tailscale python3 ]; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # Some programs need SUID wrappers, can be configured further or are # started in user sessions. @@ -86,7 +87,9 @@ services.tailscale.enable = true; # Enable the OpenSSH daemon. services.openssh.enable = true; - services.openssh.settings.PermitRootLogin = "yes"; + services.openssh.settings.PermitRootLogin = "no"; + nix.settings.trusted-users = [ "rolf" ]; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; @@ -101,4 +104,4 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.11"; # Did you read the comment? -} \ No newline at end of file +} diff --git a/nixos/hephaestus/flake.nix b/nixos/hephaestus/flake.nix new file mode 100644 index 0000000..0ee84a7 --- /dev/null +++ b/nixos/hephaestus/flake.nix @@ -0,0 +1,20 @@ +{ + description = "A simple NixOS flake"; + + inputs = { + # NixOS official package source, using the nixos-24.11 branch here + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + # Please replace my-nixos with your hostname + nixosConfigurations.hephaestus = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the previous configuration.nix we used, + # so the old configuration file still takes effect + ./configuration.nix + ]; + }; + }; +} \ No newline at end of file