bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remote deployment configuration

Browse source
This commit is contained in:
Filippo Berto 2022-12-18 19:02:50 +01:00
parent 1bdc118dc7
commit 429efc52ae
Signed by: bertof
GPG key ID: 9DBF7E6A1D2CE9ED
4 changed files with 35 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

27
flake.nix
View file

@ -119,6 +119,7 @@
./nixos_modules/bertof_user.nix ./nixos_modules/bertof_user.nix
./nixos_modules/distributed.nix ./nixos_modules/distributed.nix
./nixos_modules/remote-deploy.nix
./nixos_modules/extended_registry.nix ./nixos_modules/extended_registry.nix
./nixos_modules/automatic-garbage-collection.nix ./nixos_modules/automatic-garbage-collection.nix
./nixos_modules/automatic-upgrade.nix ./nixos_modules/automatic-upgrade.nix
@ -251,20 +252,40 @@
}; };
}; };
images = with flake-utils.lib; eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: images = with flake-utils.lib; let
installerModules = [
# Nix configuration
{
nixpkgs = { inherit overlays config; };
nix = {
extraOptions = "experimental-features = nix-command flakes";
registry = {
stable = { from = { id = "stable"; type = "indirect"; }; flake = nixpkgs; };
unstable = { from = { id = "unstable"; type = "indirect"; }; flake = nixpkgs-u; };
};
};
}
./nixos_modules/bertof_user.nix
./nixos_modules/distributed.nix
./nixos_modules/extended_registry.nix
./nixos_modules/zerotier.nix
];
in
eachSystem [ system.x86_64-linux system.aarch64-linux ] (system:
{ {
packages = { packages = {
# Installer ISO # Installer ISO
install-iso = nixos-generators.nixosGenerate { install-iso = nixos-generators.nixosGenerate {
inherit system; inherit system;
modules = commonModules ++ [ ./nixos_modules/installer.nix ]; modules = installerModules ++ [ ./nixos_modules/installer.nix ];
format = "install-iso"; format = "install-iso";
}; };
# Installer DigitalOcean # Installer DigitalOcean
do = nixos-generators.nixosGenerate { do = nixos-generators.nixosGenerate {
inherit system; inherit system;
modules = commonModules ++ [ ./nixos_modules/installer.nix ]; modules = installerModules ++ [ ./nixos_modules/installer.nix ];
format = "do"; format = "do";
}; };
}; };

2
loki/configuration.nix
View file

@ -106,7 +106,7 @@ with lib; {
openssh = { openssh = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
permitRootLogin = "no"; # permitRootLogin = "no";
passwordAuthentication = false; passwordAuthentication = false;
}; };
# plex = { enable = true; openFirewall = true; group = "users"; }; # plex = { enable = true; openFirewall = true; group = "users"; };

10
nixos_modules/remote-deploy.nix Normal file
View file

@ -0,0 +1,10 @@
{
services.openssh = {
enable = true;
openFirewall = true;
permitRootLogin = "prohibit-password";
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
};
}

2
thor/configuration.nix
View file

@ -128,8 +128,6 @@ with lib; {
openssh = { openssh = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
permitRootLogin = "no";
passwordAuthentication = false;
forwardX11 = true; forwardX11 = true;
}; };
pipewire = { pipewire = {