From d96fbd63510048bf56d3d600a65f7983096c1bb1 Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Wed, 3 Mar 2021 00:51:39 +0100
Subject: migrating config

This deploy logic is primarily based on hxchn's deploy lib [1], with some
slight modifications to make it work with my setup. Everything seems to work
fine for now.

However, I am unsure about the usage of niv — the config doesn't seem to gain
much from it, apart from (some) additional complexity.

[1] https://gitlab.com/hexchen/nixfiles
---
 common/default.nix | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 common/default.nix

(limited to 'common')

diff --git a/common/default.nix b/common/default.nix
new file mode 100644
index 0000000..69c6309
--- /dev/null
+++ b/common/default.nix
@@ -0,0 +1,45 @@
+{ config, lib, pkgs, ... }:
+
+let
+  sources = import ../nix/sources.nix;
+
+in {
+  imports = [
+    ../modules
+  ];
+
+  networking.domain = lib.mkDefault "stuebinm.eu";
+  
+  services.journald.extraConfig = "MaxRetentionSec=48h";
+  nix.gc = {
+    automatic = lib.mkDefault true;
+    options = lib.mkDefault "--delete-older-than 1w";
+  };
+  
+  
+  i18n.defaultLocale = "en_US.UTF-8";
+  time.timeZone = "Europe/Amsterdam";
+  
+  environment.systemPackages = with pkgs; [
+    wget vim htop
+  ];
+
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTeuG1alKNNqoT2d5nUAlH0Otsk0NHM7nmkYC5Yfk8qcLsgY4v2dXlyrMzieajYgDjndEApgO3/S/V0EQGhvHc0UugC6LU84jHPwsgYVABRmFS74v/ww8NigaNIAevwWl+DxlnK4nnWdB1lo4xS69ooQdvoAjbubk16dP04LsAbH8Z+3cPB5WKAaayNx62DUwObzDSpztqCagCZzlqpwKG1UGJngrqEhk7B5Q0v9iCk91gqVkLSPllsB00+bqIimgkMVIZnoLLh7pcEgOvbG0yP2EG3ttDNN3jPpqE6mu+znfLq+ua/MwJy5hjmY5R54yPlcvFdsIU34jrdMCDvWqpV49VrLwVvkFN3lRZln/9eifkXXJciP4Ber3xEl8JltysV1PE5iJunWfbcOy0fwsYvBChDeyR5G3CLG2c25jKL9f1Iq95QBBMVYgIxq/dpGy0tjB+24w1JzsorvElsmz5etXLXCydLP07ic9PfSu1Wmwu7F0tweIk52x97sra6ePhtY+TTRffjjDz0DEho1bWDfrPV0xfPPAWXWTKYisVO4VVmMQsJbtXrfxUJbappM5vIXcJ+2JpT2Oh7Kiy3rjm+pd7rukgoCp7yN5z8v+2vuOfHqBuKUwlaRg/XNMyPrbnGGzVR1xzUuhwdOnjAyMmAr95Ne9hRBPwfVo2NR/ZZw=="
+  ];
+  
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "prohibit-password";
+    passwordAuthentication = false;
+  };
+
+  security.sudo.enable = false;
+  
+  security.acme = {
+    acceptTerms = true;
+    email = "stuebinm@disroot.org";
+  };
+
+}
-- 
cgit v1.2.3