commit 5b0bd390fdd68f7db94b396afe4c232f4a290fc2 · ryan.freumh.org/eilean-nix

+44 -13
template/configuration.nix
···

       5
       5
        
           ./hardware-configuration.nix

     

       6
       6
        
         ];

     

       7
       7
        
       

     

       8
       8
       -
         nixpkgs.hostPlatform.system = "x86_64-linux";

     

       8
       8
       +
         boot.loader = {

     

       9
       9
       +
           systemd-boot.enable = true;

     

       10
       10
       +
           efi.canTouchEfiVariables = true;

     

       11
       11
       +
         };

     

       12
       12
       +
       

     

       9
       13
        
         nix.settings.experimental-features = [ "nix-command" "flakes" ];

     

       10
       10
       -
         system.stateVersion = "22.11";

     

       11
       11
       -
       

     

       12
       12
       -
         services.openssh = {

     

       13
       13
       -
           enable = true;

     

       14
       14
       -
           settings.passwordAuthentication = false;

     

       15
       15
       -
         };

     

       16
       14
        
       

     

       17
       15
        
         environment.systemPackages = with pkgs; [

     

       18
       16
        
           git # for nix flakes

     

       19
       17
        
           vim # for editing config files

     

       18
       18
       +
           # TODO add any other programs you want to install here

     

       20
       19
        
         ];

     

       21
       20
        
       

     

       22
       22
       -
         users.users.root = {

     

       23
       23
       -
           initialHashedPassword = "";

     

       24
       24
       -
           users.users.root.openssh.authorizedKeys.keys = [

     

       25
       25
       -
             # "ssh-ed25519 <key> <name>"

     

       26
       26
       -
           ];

     

       21
       21
       +
         # very simple prompt

     

       22
       22
       +
         programs.bash.promptInit = ''

     

       23
       23
       +
           PS1='\u@\h:\w \$ '

     

       24
       24
       +
         '';

     

       25
       25
       +
       

     

       26
       26
       +
         users.users = rec {

     

       27
       27
       +
           # TODO set hashed password from `nix run nixpkgs#mkpasswd`

     

       28
       28
       +
           root.initialHashedPassword = "";

     

       29
       29
       +
           # TODO change username, if desired

     

       30
       30
       +
           eilean = {

     

       31
       31
       +
             isNormalUser = true;

     

       32
       32
       +
             extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.

     

       33
       33
       +
             initialHashedPassword = root.initialHashedPassword;

     

       34
       34
       +
             # TODO define SSH keys if accessing remotely

     

       35
       35
       +
             openssh.authorizedKeys.keys = [

     

       36
       36
       +
               # "ssh-ed25519 <key> <name>"

     

       37
       37
       +
             ];

     

       38
       38
       +
           };

     

       39
       39
       +
         };

     

       40
       40
       +
       

     

       41
       41
       +
         services.openssh = {

     

       42
       42
       +
           enable = true;

     

       43
       43
       +
           settings.passwordAuthentication = false;

     

       27
       44
        
         };

     

       28
       45
        
       

     

       29
       46
        
         # TODO replace this with domain

     

       30
       47
        
         networking.domain = "example.org";

     

       31
       48
        
         security.acme.acceptTerms = true;

     

       32
       49
        
       

     

       50
       50
       +
         # TODO select internationalisation properties

     

       51
       51
       +
         i18n.defaultLocale = "en_GB.UTF-8";

     

       52
       52
       +
         time.timeZone = "Europe/London";

     

       53
       53
       +
         console.keyMap = "uk";

     

       54
       54
       +
       

     

       33
       55
        
         eilean = {

     

       34
       56
        
           # TODO replace these values

     

       35
       57
        
           username = "user";

     
···

       38
       60
        
           serverIpv6 = "2001:DB8::/64";

     

       39
       61
        
           publicInterface = "eth0";

     

       40
       62
        
       

     

       63
       63
       +
           # TODO enable desired services

     

       41
       64
        
           # mailserver.enable = true;

     

       42
       65
        
           # matrix.enable = true;

     

       43
       66
        
           # turn.enable = true;

     
···

       45
       68
        
           # gitea.enable = true;

     

       46
       69
        
           # dns.enable = true;

     

       47
       70
        
         };

     

       48
       48
       -
       }

     

       71
       71
       +
       

     

       72
       72
       +
         # This value determines the NixOS release from which the default

     

       73
       73
       +
         # settings for stateful data, like file locations and database versions

     

       74
       74
       +
         # on your system were taken. It's perfectly fine and recommended to leave

     

       75
       75
       +
         # this value at the release version of the first install of this system.

     

       76
       76
       +
         # Before changing this value read the documentation for this option

     

       77
       77
       +
         # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).

     

       78
       78
       +
         system.stateVersion = "23.05"; # Did you read the comment?

     

       79
       79
       +
       }