From 001acc5a523db45414ebfdca808e308f027e39b5 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 29 Nov 2019 13:43:27 +0100
Subject: ma iso: add justdoit,target-config.nix

---
 makefu/1systems/iso/target-config.nix | 40 +++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 makefu/1systems/iso/target-config.nix

(limited to 'makefu/1systems/iso/target-config.nix')

diff --git a/makefu/1systems/iso/target-config.nix b/makefu/1systems/iso/target-config.nix
new file mode 100644
index 00000000..ba4e3207
--- /dev/null
+++ b/makefu/1systems/iso/target-config.nix
@@ -0,0 +1,40 @@
+{ ... }:
+
+{
+  imports = [ ./hardware-configuration.nix ./generated.nix ];
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
+  boot.zfs.forceImportRoot = false;
+  boot.zfs.forceImportAll = false;
+  boot.kernelParams = [
+    "boot.shell_on_fail"
+    "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+  ];
+  users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb" ];
+  boot.tmpOnTmpfs = true;
+  programs.bash.enableCompletion = true;
+  services.journald.extraConfig = ''
+    SystemMaxUse=1G
+    RuntimeMaxUse=128M
+  '';
+
+  # minimal
+  programs.command-not-found.enable = false;
+  time.timeZone = "Europe/Berlin";
+  programs.ssh.startAgent = false;
+  nix.useSandbox = true;
+  users.mutableUsers = false;
+  networking.firewall.rejectPackets = true;
+  networking.firewall.allowPing = true;
+  services.openssh.enable = true;
+  i18n = {
+    consoleKeyMap = "us";
+    defaultLocale = "en_US.UTF-8";
+  };
+  boot.kernel.sysctl = {
+    "net.ipv6.conf.all.use_tempaddr" = 2;
+    "net.ipv6.conf.default.use_tempaddr" = 2;
+  };
+  services.nscd.enable = false;
+}
-- 
cgit v1.2.3