rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-05-31 14:58:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

ran deadnix

Browse source
This commit is contained in:
Rouven Seifert 2024-09-10 13:12:09 +02:00
parent cf5fdaed5d
commit 2281866548
7 changed files with 105 additions and 109 deletions
hosts
falkenstein/modules
dns
default.nix
monitoring
dmarc.nix
thinkpad
default.nix
modules/virtualisation
default.nix

2
hosts/falkenstein/modules/dns/default.nix
View file

@ -36,7 +36,7 @@ let
subdomains =
let
getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts);
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (label: { CNAME = [ "${hostname}.${domain}." ]; });
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { CNAME = [ "${hostname}.${domain}." ]; });
in
lib.attrsets.mergeAttrsList [
rec {

2
hosts/falkenstein/modules/monitoring/dmarc.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, ... }:
{
# required for elasticsearch
nixpkgs.config.allowUnfree = true;

88
hosts/thinkpad/default.nix
View file

@ -53,56 +53,56 @@
console.keyMap = "dvorak";
# services.openldap = {
# enable = true;
# urlList = [ "ldap:///" ];
# settings = {
# attrs = {
# olcLogLevel = "conns config";
# };
# children = {
# "cn=schema".includes = [
# "${pkgs.openldap}/etc/schema/core.ldif"
# # attributetype ( 9999.1.1 NAME 'isMemberOf'
# # DESC 'back-reference to groups this user is a member of'
# # SUP distinguishedName )
# "${pkgs.openldap}/etc/schema/cosine.ldif"
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
# "${pkgs.openldap}/etc/schema/nis.ldif"
# # "${pkgs.writeText "openssh.schema" ''
# # attributetype ( 9999.1.2 NAME 'sshPublicKey'
# # DESC 'SSH public key used by this user'
# # SUP name )
# # ''}"
# ];
services.openldap = {
enable = true;
urlList = [ "ldap:///" ];
settings = {
attrs = {
olcLogLevel = "conns config";
};
children = {
"cn=schema".includes = [
"${pkgs.openldap}/etc/schema/core.ldif"
# attributetype ( 9999.1.1 NAME 'isMemberOf'
# DESC 'back-reference to groups this user is a member of'
# SUP distinguishedName )
"${pkgs.openldap}/etc/schema/cosine.ldif"
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
"${pkgs.openldap}/etc/schema/nis.ldif"
# "${pkgs.writeText "openssh.schema" ''
# attributetype ( 9999.1.2 NAME 'sshPublicKey'
# DESC 'SSH public key used by this user'
# SUP name )
# ''}"
];
# "olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
"olcDatabase={1}mdb".attrs = {
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
# olcDatabase = "{1}mdb";
# olcDbDirectory = "/var/lib/openldap/data";
olcDatabase = "{1}mdb";
olcDbDirectory = "/var/lib/openldap/data";
# olcSuffix = "dc=ifsr,dc=de";
olcSuffix = "dc=ifsr,dc=de";
# /* your admin account, do not use writeText on a production system */
# olcRootDN = "cn=portunus,dc=ifsr,dc=de";
# olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
/* your admin account, do not use writeText on a production system */
olcRootDN = "cn=portunus,dc=ifsr,dc=de";
olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
# olcAccess = [
# /* custom access rules for userPassword attributes */
# ''{0}to attrs=userPassword
# by self write
# by anonymous auth
# by * none''
olcAccess = [
/* custom access rules for userPassword attributes */
''{0}to attrs=userPassword
by self write
by anonymous auth
by * none''
# /* allow read on anything else */
# ''{1}to *
# by * read''
# ];
# };
# };
# };
# };
/* allow read on anything else */
''{1}to *
by * read''
];
};
};
};
};
services = {

3
hosts/thinkpad/modules/virtualisation/default.nix
View file

@ -5,6 +5,9 @@
# enable = true;
# defaultNetwork.settings.dns_enabled = true;
# };
docker = {
enable = true;
};
libvirtd = {
enable = true;
qemu = {