diff options
author | lassulus <lass@aidsballs.de> | 2015-04-08 13:30:26 +0200 |
---|---|---|
committer | tv <tv@shackspace.de> | 2015-05-19 23:17:19 +0200 |
commit | 1916df697eeca2d4b187c319ba927875ef62f25e (patch) | |
tree | 92003bae378179e780acd3c0558f00c034980030 /cloudkrebs.nix | |
parent | 70924424419c490279ede9196caf859f96422da8 (diff) |
add cloudkrebs.nix
Diffstat (limited to 'cloudkrebs.nix')
-rw-r--r-- | cloudkrebs.nix | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/cloudkrebs.nix b/cloudkrebs.nix new file mode 100644 index 000000000..6df0ee4f9 --- /dev/null +++ b/cloudkrebs.nix @@ -0,0 +1,62 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./modules/tv/base-cac-CentOS-7-64bit.nix + ./modules/lass/retiolum-cloudkrebs.nix + ./modules/lass/networking-cloudkrebs.nix + ]; + + nix.maxJobs = 1; + + #activationScripts + #split up and move into base + + #TODO move into modules + users.extraUsers = { + #main user + root = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors" + ]; + hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj."; + }; + lass = { + uid = 1337; + name = "lass"; + #isNormalUser = true; + group = "users"; + createHome = true; + home = "/home/lass"; + useDefaultShell = true; + isSystemUser = false; + description = "lassulus"; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors" + ]; + hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj."; + }; + }; + + environment.systemPackages = with pkgs; [ + ]; + + services.openssh = { + enable = true; + hostKeys = [ + # XXX bits here make no science + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + permitRootLogin = "yes"; + }; + + networking.firewall = { + enable = true; + + allowedTCPPorts = [ + 22 + ]; + }; + +} |