krebs: cleanup default.nix
This commit is contained in:
parent
91833c560a
commit
3189052d4d
@ -67,20 +67,10 @@ in
|
|||||||
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
||||||
# apt-cacher-ng in first place)
|
# apt-cacher-ng in first place)
|
||||||
|
|
||||||
|
|
||||||
# local discovery in shackspace
|
# local discovery in shackspace
|
||||||
nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
|
nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
|
||||||
krebs.tinc.retiolum.extraConfig = "TCPOnly = yes";
|
krebs.tinc.retiolum.extraConfig = "TCPOnly = yes";
|
||||||
|
|
||||||
nix = {
|
|
||||||
# use the up to date prism cache
|
|
||||||
binaryCaches = [
|
|
||||||
"https://cache.nixos.org/"
|
|
||||||
];
|
|
||||||
binaryCachePublicKeys = [
|
|
||||||
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
@ -125,10 +115,6 @@ in
|
|||||||
swapDevices = [
|
swapDevices = [
|
||||||
{ device = "/dev/disk/by-label/swap"; }
|
{ device = "/dev/disk/by-label/swap"; }
|
||||||
];
|
];
|
||||||
# fallout of ipv6calypse
|
|
||||||
networking.extraHosts = ''
|
|
||||||
hass.shack 10.42.2.191
|
|
||||||
'';
|
|
||||||
|
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users."0x4a6f".pubkey
|
config.krebs.users."0x4a6f".pubkey
|
||||||
|
@ -14,18 +14,13 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
krebs.announce-activation.enable = true;
|
krebs.announce-activation.enable = true;
|
||||||
krebs.enable = true;
|
krebs.enable = true;
|
||||||
krebs.tinc.retiolum.enable = true;
|
krebs.tinc.retiolum.enable = mkDefault true;
|
||||||
|
|
||||||
krebs.build.user = mkDefault config.krebs.users.krebs;
|
krebs.build.user = mkDefault config.krebs.users.krebs;
|
||||||
|
|
||||||
networking.hostName = config.krebs.build.host.name;
|
networking.hostName = config.krebs.build.host.name;
|
||||||
|
|
||||||
nix.maxJobs = 1;
|
nix.maxJobs = 1;
|
||||||
nix.trustedBinaryCaches = [
|
|
||||||
"https://cache.nixos.org"
|
|
||||||
"http://cache.nixos.org"
|
|
||||||
"http://hydra.nixos.org"
|
|
||||||
];
|
|
||||||
nix.useSandbox = true;
|
nix.useSandbox = true;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
@ -39,8 +34,6 @@ with import <stockholm/lib>;
|
|||||||
defaultLocale = lib.mkForce "C";
|
defaultLocale = lib.mkForce "C";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
||||||
|
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
@ -55,18 +48,13 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
users.mutableUsers = false;
|
users.mutableUsers = false;
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
# TODO
|
|
||||||
config.krebs.users.jeschli-brauerei.pubkey
|
config.krebs.users.jeschli-brauerei.pubkey
|
||||||
config.krebs.users.lass.pubkey
|
config.krebs.users.lass.pubkey
|
||||||
config.krebs.users.lass-mors.pubkey
|
config.krebs.users.lass-mors.pubkey
|
||||||
config.krebs.users.makefu.pubkey
|
config.krebs.users.makefu.pubkey
|
||||||
# TODO HARDER:
|
|
||||||
config.krebs.users.makefu-omo.pubkey
|
|
||||||
config.krebs.users.tv.pubkey
|
config.krebs.users.tv.pubkey
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
# The NixOS release to be compatible with for stateful data such as databases.
|
# The NixOS release to be compatible with for stateful data such as databases.
|
||||||
system.stateVersion = "17.03";
|
system.stateVersion = "17.03";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user