74 lines
3.3 KiB
Nix
74 lines
3.3 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
mainUser = config.users.extraUsers.mainUser;
|
|
inherit (import <stockholm/lib>) genid;
|
|
|
|
in {
|
|
users.extraUsers = {
|
|
dev = {
|
|
name = "dev";
|
|
uid = genid "dev";
|
|
extraGroups = [ "docker" "vboxusers" ];
|
|
description = "user for collaborative development";
|
|
home = "/home/dev";
|
|
useDefaultShell = true;
|
|
createHome = true;
|
|
openssh.authorizedKeys.keys = [
|
|
config.krebs.users.lass.pubkey
|
|
config.krebs.users.lass-android.pubkey
|
|
config.krebs.users.jeschli-bln.pubkey
|
|
config.krebs.users.jeschli-brauerei.pubkey
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjtdqRxD0+UU7O8xogSqAQYd/Hrc79CTTKnvbhKy7jp2TVfxQpl81ndSH6DN6Cz90mu65C+DFGq43YtKTPqXmTn1+2wru71C2UOl6ZR0tmU7UELkRt4SJuFQLEgQCt3BWvXJPye6cKRRIlb+XZHWyVyCDxHo9EYO2GWI1wIP8mHMltKj65mobHY+R0CJNhhwlFURzTto8C30ejfVg2OW81qkNWqYtpdC9txLUlQ9/LBVKrafHGprmcBEp9qtecVgx8kxHpS7cuQNYoFcfljug4IyFO+uBfdbKqnGM5mra3huNhX3+AcQxKbLMlRgZD+jc47Xs+s5qSvWBou2ygd5T413k/SDOTCxDjidA+dcwzRo0qUWcGL201a5g+F0EvWv8rjre9m0lii6QKEoPyj60y3yfaIHeafels1Ia1FItjkBe8XydiXf7rKq8nmVRlpo8vl+vKwVuJY783tObHjUgBtXJdmnyYGiXxkxSrXa2mQhPz3KodK/QrnqCP27dURcMlp1hFF3LxFz7WtMCLW0yvDuUsuI2pdq0+zdt702wuwXVNIvbq/ssvX/CL8ryBLAogaxN9DN0vpjk+aXQLn11Zt99MgmnnqUgvOKQi1Quog/SxnSBiloKqB6aA10a28Uxoxkr0KAfhWhX3XPpfGMlbVj4GJuevLp0sGDVQT2biUQ== rhaist@RH-NB"
|
|
];
|
|
packages = with pkgs; [
|
|
emacs25-nox
|
|
|
|
(pkgs.symlinkJoin {
|
|
name = "tmux";
|
|
paths = [
|
|
(pkgs.writeDashBin "tmux" ''
|
|
exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
|
|
set-option -g default-terminal screen-256color
|
|
|
|
#use session instead of windows
|
|
bind-key c new-session
|
|
bind-key p switch-client -p
|
|
bind-key n switch-client -n
|
|
bind-key C-s switch-client -l
|
|
''} "$@"
|
|
'')
|
|
pkgs.tmux
|
|
];
|
|
})
|
|
];
|
|
};
|
|
};
|
|
|
|
krebs.iptables.tables.filter.INPUT.rules = [
|
|
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT";}
|
|
{ predicate = "-p tcp --dport 9000"; target = "ACCEPT";}
|
|
];
|
|
|
|
krebs.per-user.dev.packages = [
|
|
pkgs.go
|
|
];
|
|
environment.variables.GOPATH = "$HOME/go";
|
|
|
|
security.sudo.extraConfig = ''
|
|
${mainUser.name} ALL=(dev) NOPASSWD: ALL
|
|
'';
|
|
|
|
networking.interfaces.et0.ipv4.addresses = [
|
|
{ address = "10.99.23.1"; prefixLength = 24; }
|
|
];
|
|
virtualisation.docker.enable = true;
|
|
environment.etc."docker/daemon.json".source = pkgs.writeText "daemon.json" ''
|
|
{
|
|
"bip": "172.25.0.1/16"
|
|
}
|
|
'';
|
|
services.rabbitmq.enable = true;
|
|
}
|