titaniumtown/server-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make config deployable

Browse Source
This commit is contained in:
Simon Gardling 2025-03-21 18:07:04 -04:00
parent 5e0dc780ad
commit defeb65b68
Signed by: titaniumtown
GPG Key ID: 9AB28AC10ECE533D
3 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
configuration.nix
View File

@ -53,13 +53,6 @@
}; };
}; };
# https://github.com/viperML/nh
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
};
boot = { boot = {
# 6.12 LTS until 2027 # 6.12 LTS until 2027
kernelPackages = pkgs.linuxPackages_6_12; kernelPackages = pkgs.linuxPackages_6_12;
@ -105,9 +98,9 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { settings = {
AllowUsers = [ username ]; AllowUsers = [ username "root" ];
PasswordAuthentication = false; PasswordAuthentication = false;
PermitRootLogin = "no"; PermitRootLogin = "yes"; # for deploying configs
}; };
}; };
@ -139,12 +132,13 @@
borgbackup borgbackup
smartmontools smartmontools
nil nil
ripgrep ripgrep
intel-gpu-tools intel-gpu-tools
iotop
iftop
tmux tmux
@ -289,7 +283,7 @@
service_configs.torrent_group service_configs.torrent_group
]; ];
hashedPasswordFile = "${./secrets/hashedPass}"; hashedPasswordFile = builtins.toString ./secrets/hashedPass;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH" # laptop "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH" # laptop
@ -297,6 +291,8 @@
]; ];
}; };
users.users.root.openssh.authorizedKeys.keys = config.users.users.${username}.openssh.authorizedKeys.keys;
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
programs.fish.enable = true; programs.fish.enable = true;
programs.bash = { programs.bash = {

2
deploy.sh Executable file
View File

@ -0,0 +1,2 @@
#!/bin/sh
nixos-rebuild switch --flake .#muffin --target-host root@server --build-host root@server --verbose

18
flake.lock generated
View File

@ -183,11 +183,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742262784, "lastModified": 1742522051,
"narHash": "sha256-a/Knvms22n1Co7TR5uXW+gvpIZcmNWxzm7oUM+Unyok=", "narHash": "sha256-uDlj+5J7eTuFkDaNl9cYf++gJdEW23Z4zSuDcNANIQc=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "b72f0bc3698833e2d079fce2edf5bda04d411287", "rev": "57464e795fd31ceef845d7ce454d3b83e80e283e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -198,11 +198,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1742217307, "lastModified": 1742376361,
"narHash": "sha256-3fwpN7KN226ghLlpO9TR0/WpgQOmOj1e8bieUxpIYSk=", "narHash": "sha256-VFMgJkp/COvkt5dnkZB4D2szVdmF6DGm5ZdVvTUy61c=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "4f4d97d7b7be387286cc9c988760a7ebaa5be1f1", "rev": "daaae13dff0ecc692509a1332ff9003d9952d7a9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -214,11 +214,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742268799, "lastModified": 1742562948,
"narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", "narHash": "sha256-QUnzAW7CW0sCkFN1Kez/8UVq8EbBGNKOfHZHIZON0XQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "da044451c6a70518db5b730fe277b70f494188f1", "rev": "e7a04ccc42104e0554f0a2325930fe98db9a5325",
"type": "github" "type": "github"
}, },
"original": { "original": {