From 4835d30b624311b1cd9ab4765aaad90a0edbf3db Mon Sep 17 00:00:00 2001 From: ElnuDev Date: Tue, 7 Nov 2023 10:55:54 -0800 Subject: [PATCH] hosts: add elnucentre --- hosts/default.nix | 24 +++++++++++++ hosts/elnucentre/default.nix | 26 ++++++++++++++ hosts/elnucentre/hardware-configuration.nix | 38 +++++++++++++++++++++ hosts/elnucentre/home.nix | 13 +++++++ hosts/elnucentre/modules/ssh.nix | 11 ++++++ 5 files changed, 112 insertions(+) create mode 100644 hosts/elnucentre/default.nix create mode 100644 hosts/elnucentre/hardware-configuration.nix create mode 100644 hosts/elnucentre/home.nix create mode 100644 hosts/elnucentre/modules/ssh.nix diff --git a/hosts/default.nix b/hosts/default.nix index bacc4f3..77425f8 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -167,4 +167,28 @@ in } ]; }; + + elnucentre = lib.nixosSystem { + inherit system; + specialArgs = { + inherit user; + }; + modules = configImports ++ [ + ./elnucentre + { + networking.hostName = "elnucentre"; + } + home-manager.nixosModules.home-manager { + home-manager = { + useUserPackages = true; + extraSpecialArgs = { inherit user; }; + users.${user} = { + imports = hmImports ++ [ + (import ./elnucentre/home.nix) + ]; + }; + }; + } + ]; + }; } diff --git a/hosts/elnucentre/default.nix b/hosts/elnucentre/default.nix new file mode 100644 index 0000000..790f5cc --- /dev/null +++ b/hosts/elnucentre/default.nix @@ -0,0 +1,26 @@ +{ config, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ./modules/ssh.nix + ]; + + services.tailscale.enable = true; + networking.firewall = { + checkReversePath = "loose"; + trustedInterfaces = [ "tailscale0" ]; + allowedUDPPorts = [ config.services.tailscale.port ]; + }; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + grub = { + efiSupport = true; + device = "nodev"; + }; + }; +} diff --git a/hosts/elnucentre/hardware-configuration.nix b/hosts/elnucentre/hardware-configuration.nix new file mode 100644 index 0000000..74d369c --- /dev/null +++ b/hosts/elnucentre/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/elnucentre/home.nix b/hosts/elnucentre/home.nix new file mode 100644 index 0000000..77b08f8 --- /dev/null +++ b/hosts/elnucentre/home.nix @@ -0,0 +1,13 @@ +{ lib, ... }: + +{ + imports = [ + ../../modules/bash + ../../modules/neovim + ]; + # Disable greeter, which is getting run twice somehow + programs.bash = with import ../../modules/bash/bashrc.nix; { + bashrcExtra = lib.mkForce bashrcExtra; + profileExtra = greeter; + }; +} diff --git a/hosts/elnucentre/modules/ssh.nix b/hosts/elnucentre/modules/ssh.nix new file mode 100644 index 0000000..834319e --- /dev/null +++ b/hosts/elnucentre/modules/ssh.nix @@ -0,0 +1,11 @@ +{ user, ... }: + +let keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQNlGt62dBMojVCX7EUIia+wfSDfLzV4YCPi8SZ2xrp elnu@elnu.com" # elnu + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH62YpVC8GaZXE8CHfyl1yAXXdlUSGNkyE95whYdUpct elnu@elnu.com" # pang13 +]; in +{ + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = keys; + users.users.${user}.openssh.authorizedKeys.keys = keys; +} \ No newline at end of file