summaryrefslogtreecommitdiff
path: root/common/default.nix
diff options
context:
space:
mode:
authorstuebinm2021-03-03 00:51:39 +0100
committerstuebinm2021-03-03 00:51:39 +0100
commitd96fbd63510048bf56d3d600a65f7983096c1bb1 (patch)
tree192afecb97bcdb829e1461bebc283cc86fb99586 /common/default.nix
migrating config
This deploy logic is primarily based on hxchn's deploy lib [1], with some slight modifications to make it work with my setup. Everything seems to work fine for now. However, I am unsure about the usage of niv — the config doesn't seem to gain much from it, apart from (some) additional complexity. [1] https://gitlab.com/hexchen/nixfiles
Diffstat (limited to '')
-rw-r--r--common/default.nix45
1 files changed, 45 insertions, 0 deletions
diff --git a/common/default.nix b/common/default.nix
new file mode 100644
index 0000000..69c6309
--- /dev/null
+++ b/common/default.nix
@@ -0,0 +1,45 @@
+{ config, lib, pkgs, ... }:
+
+let
+ sources = import ../nix/sources.nix;
+
+in {
+ imports = [
+ ../modules
+ ];
+
+ networking.domain = lib.mkDefault "stuebinm.eu";
+
+ services.journald.extraConfig = "MaxRetentionSec=48h";
+ nix.gc = {
+ automatic = lib.mkDefault true;
+ options = lib.mkDefault "--delete-older-than 1w";
+ };
+
+
+ i18n.defaultLocale = "en_US.UTF-8";
+ time.timeZone = "Europe/Amsterdam";
+
+ environment.systemPackages = with pkgs; [
+ wget vim htop
+ ];
+
+
+ users.users.root.openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTeuG1alKNNqoT2d5nUAlH0Otsk0NHM7nmkYC5Yfk8qcLsgY4v2dXlyrMzieajYgDjndEApgO3/S/V0EQGhvHc0UugC6LU84jHPwsgYVABRmFS74v/ww8NigaNIAevwWl+DxlnK4nnWdB1lo4xS69ooQdvoAjbubk16dP04LsAbH8Z+3cPB5WKAaayNx62DUwObzDSpztqCagCZzlqpwKG1UGJngrqEhk7B5Q0v9iCk91gqVkLSPllsB00+bqIimgkMVIZnoLLh7pcEgOvbG0yP2EG3ttDNN3jPpqE6mu+znfLq+ua/MwJy5hjmY5R54yPlcvFdsIU34jrdMCDvWqpV49VrLwVvkFN3lRZln/9eifkXXJciP4Ber3xEl8JltysV1PE5iJunWfbcOy0fwsYvBChDeyR5G3CLG2c25jKL9f1Iq95QBBMVYgIxq/dpGy0tjB+24w1JzsorvElsmz5etXLXCydLP07ic9PfSu1Wmwu7F0tweIk52x97sra6ePhtY+TTRffjjDz0DEho1bWDfrPV0xfPPAWXWTKYisVO4VVmMQsJbtXrfxUJbappM5vIXcJ+2JpT2Oh7Kiy3rjm+pd7rukgoCp7yN5z8v+2vuOfHqBuKUwlaRg/XNMyPrbnGGzVR1xzUuhwdOnjAyMmAr95Ne9hRBPwfVo2NR/ZZw=="
+ ];
+
+ services.openssh = {
+ enable = true;
+ permitRootLogin = "prohibit-password";
+ passwordAuthentication = false;
+ };
+
+ security.sudo.enable = false;
+
+ security.acme = {
+ acceptTerms = true;
+ email = "stuebinm@disroot.org";
+ };
+
+}