nixos/tests/nixops/legacy/base-configuration.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / nixops / legacy / base-configuration.nix

at 25.11-pre 893 B view raw

 1{
 2  lib,
 3  modulesPath,
 4  pkgs,
 5  ...
 6}:
 7let
 8  ssh-keys =
 9    if builtins.pathExists ../../ssh-keys.nix then # Outside sandbox
10      ../../ssh-keys.nix
11    # In sandbox
12    else
13      ./ssh-keys.nix;
14
15  inherit (import ssh-keys pkgs)
16    snakeOilPrivateKey
17    snakeOilPublicKey
18    ;
19in
20{
21  imports = [
22    (modulesPath + "/virtualisation/qemu-vm.nix")
23    (modulesPath + "/testing/test-instrumentation.nix")
24  ];
25  virtualisation.writableStore = true;
26  nix.settings.substituters = lib.mkForce [ ];
27  virtualisation.graphics = false;
28  documentation.enable = false;
29  services.qemuGuest.enable = true;
30  boot.loader.grub.enable = false;
31
32  services.openssh.enable = true;
33  users.users.root.openssh.authorizedKeys.keys = [
34    snakeOilPublicKey
35  ];
36  security.pam.services.sshd.limits = [
37    {
38      domain = "*";
39      item = "memlock";
40      type = "-";
41      value = 1024;
42    }
43  ];
44}