summaryrefslogtreecommitdiffstats
path: root/cloudkrebs.nix
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2015-04-08 13:30:26 +0200
committertv <tv@shackspace.de>2015-05-19 23:17:19 +0200
commit1916df697eeca2d4b187c319ba927875ef62f25e (patch)
tree92003bae378179e780acd3c0558f00c034980030 /cloudkrebs.nix
parent70924424419c490279ede9196caf859f96422da8 (diff)
add cloudkrebs.nix
Diffstat (limited to 'cloudkrebs.nix')
-rw-r--r--cloudkrebs.nix62
1 files changed, 62 insertions, 0 deletions
diff --git a/cloudkrebs.nix b/cloudkrebs.nix
new file mode 100644
index 000000000..6df0ee4f9
--- /dev/null
+++ b/cloudkrebs.nix
@@ -0,0 +1,62 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ./modules/tv/base-cac-CentOS-7-64bit.nix
+ ./modules/lass/retiolum-cloudkrebs.nix
+ ./modules/lass/networking-cloudkrebs.nix
+ ];
+
+ nix.maxJobs = 1;
+
+ #activationScripts
+ #split up and move into base
+
+ #TODO move into modules
+ users.extraUsers = {
+ #main user
+ root = {
+ openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors"
+ ];
+ hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj.";
+ };
+ lass = {
+ uid = 1337;
+ name = "lass";
+ #isNormalUser = true;
+ group = "users";
+ createHome = true;
+ home = "/home/lass";
+ useDefaultShell = true;
+ isSystemUser = false;
+ description = "lassulus";
+ extraGroups = [ "wheel" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors"
+ ];
+ hashedPassword = "$6$3CFU7MPj$qr1cn6p2kvZRdt1pueBLC1WLzV7KPbk8Qi11Wq8l2sVT0JFMf8BOULJOx8xS1KXqZHnUW1p7VN3dZ1VUepQGj.";
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ ];
+
+ services.openssh = {
+ enable = true;
+ hostKeys = [
+ # XXX bits here make no science
+ { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+ ];
+ permitRootLogin = "yes";
+ };
+
+ networking.firewall = {
+ enable = true;
+
+ allowedTCPPorts = [
+ 22
+ ];
+ };
+
+}