forgot about tomate

This commit is contained in:
Rouven Seifert 2024-03-28 21:01:32 +01:00
parent 4334b5ef50
commit d482e15bcb
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
2 changed files with 113 additions and 112 deletions

112
modules/core/base.nix Executable file
View file

@ -0,0 +1,112 @@
{ pkgs, config, ... }: {
nix = {
package = pkgs.nixUnstable; # or versioned attributes like nix_2_4
extraOptions = ''
experimental-features = nix-command flakes
'';
};
system.activationScripts.report-nixos-changes = ''
if [ -e /run/current-system ] && [ -e $systemConfig ]; then
echo System package diff:
${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
fi
NO_FORMAT="\033[0m"
F_BOLD="\033[1m"
C_RED="\033[38;5;9m"
${pkgs.diffutils}/bin/cmp --silent \
<(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
<(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
|| echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
'';
# Select internationalisation properties.
console = {
#font = "Lat2-Terminus16";
font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
keyMap = pkgs.lib.mkForce "uk";
};
# Enable the OpenSSH daemon.
services.openssh.enable = true;
programs.mosh.enable = true;
# vs code server
services.vscode-server.enable = true;
# set root ssh keys
users.users.root.openssh.authorizedKeys = {
keys = [
# RSA keys go into keyFiles because they're shamefully long
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS8xkNH7JvKblekx5oel4HVKCz3uBbQYEaR9Z9nzTAr manuel@ifsr.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINogGKyXieCXQvVTa1z3ArS1TlqcVl2sSqvMpOjQo/Um jakob@krbs.me"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjNYNRBsY/Dc+/XOaGDui9tRa4VGPsHwYo3irGnMRbR felix@tycho"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdOcXORg+akeN2t3yZlKWdoTURKxtV29eQ7UrIMkCHv felix@entropy"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH73n+ZfJqNzIh9rPh6JYQaI4OAw9WKkPeqj2XRFmRfQ pascal@ifsr.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmb1kv+7HU1QKE53+gNxUhrggbwomC40Xjxd9hACkoo bennofs@d-cube"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0X6L7NwTHiOmFzo8mJBCy6H+DKUePAAXU4amm32DAQ fugi@arch"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHD1ZkrAmC9g5eJPDgv4zuEM+UIIEWromDzM1ltHt4TM fugi@macbook"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBtP2ltExnQL5llOvfSKp6OCZKbPWsa2s6P0i00XyrH helene_emilia.hausmann@mailbox.tu-dresden.de"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXMHwy4AZ9B4pMRBa/P/rb7N3SCas9e7Lp89plTHdFS halcyon@eisvogel.moe"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna simon@mayushii"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLlITzcTVnSi8EpEW3leSuqYCDhbnJyoGCjFOtIJ0Dl5uRNm0UNXS7AbQtLLylEeI1+/qinQDEWAJ6cBDAaPfNw= rouven@thinkpad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINJgYI2rXmw4uPXAMmOgqgJEwYfwj/IBExTCzs9Dgo+R w0lff"
];
keyFiles = [
../../keys/ssh/marcus-sapphire
../../keys/ssh/schrader
../../keys/ssh/jannusch
../../keys/ssh/jannusch-arch
../../keys/ssh/tassilo
../../keys/ssh/jonasga
../../keys/ssh/rouven
../../keys/ssh/joachim
];
};
time.timeZone = "Europe/Berlin";
# basic shell & editor
programs.vim.defaultEditor = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
atop
btop
bat
git
htop-vim
fd
ripgrep
tldr
tmux
usbutils
wget
neovim
helix
nmap
tcpdump
bat
dig
ethtool
iftop
ipcalc
iperf3
ipv6calc
lsof
ltrace
strace
mtr
traceroute
smartmontools
sysstat
tree
whois
eza
zsh
unzip
];
}

View file

@ -1,5 +1,4 @@
{ pkgs, config, ... }: { { ... }: {
imports = [ imports = [
./base.nix ./base.nix
./logging.nix ./logging.nix
@ -12,114 +11,4 @@
./sssd.nix ./sssd.nix
./zsh.nix ./zsh.nix
]; ];
nix = {
extraOptions = ''
experimental-features = nix-command flakes
'';
};
system.activationScripts.report-nixos-changes = ''
if [ -e /run/current-system ] && [ -e $systemConfig ]; then
echo System package diff:
${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
fi
NO_FORMAT="\033[0m"
F_BOLD="\033[1m"
C_RED="\033[38;5;9m"
${pkgs.diffutils}/bin/cmp --silent \
<(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
<(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
|| echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
'';
# Select internationalisation properties.
console = {
#font = "Lat2-Terminus16";
font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
keyMap = pkgs.lib.mkForce "uk";
};
# Enable the OpenSSH daemon.
services.openssh.enable = true;
programs.mosh.enable = true;
# vs code server
services.vscode-server.enable = true;
# set root ssh keys
users.users.root.openssh.authorizedKeys = {
keys = [
# RSA keys go into keyFiles because they're shamefully long
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS8xkNH7JvKblekx5oel4HVKCz3uBbQYEaR9Z9nzTAr manuel@ifsr.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINogGKyXieCXQvVTa1z3ArS1TlqcVl2sSqvMpOjQo/Um jakob@krbs.me"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjNYNRBsY/Dc+/XOaGDui9tRa4VGPsHwYo3irGnMRbR felix@tycho"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdOcXORg+akeN2t3yZlKWdoTURKxtV29eQ7UrIMkCHv felix@entropy"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH73n+ZfJqNzIh9rPh6JYQaI4OAw9WKkPeqj2XRFmRfQ pascal@ifsr.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmb1kv+7HU1QKE53+gNxUhrggbwomC40Xjxd9hACkoo bennofs@d-cube"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0X6L7NwTHiOmFzo8mJBCy6H+DKUePAAXU4amm32DAQ fugi@arch"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHD1ZkrAmC9g5eJPDgv4zuEM+UIIEWromDzM1ltHt4TM fugi@macbook"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBtP2ltExnQL5llOvfSKp6OCZKbPWsa2s6P0i00XyrH helene_emilia.hausmann@mailbox.tu-dresden.de"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXMHwy4AZ9B4pMRBa/P/rb7N3SCas9e7Lp89plTHdFS halcyon@eisvogel.moe"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna simon@mayushii"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLlITzcTVnSi8EpEW3leSuqYCDhbnJyoGCjFOtIJ0Dl5uRNm0UNXS7AbQtLLylEeI1+/qinQDEWAJ6cBDAaPfNw= rouven@thinkpad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINJgYI2rXmw4uPXAMmOgqgJEwYfwj/IBExTCzs9Dgo+R w0lff"
];
keyFiles = [
../../keys/ssh/marcus-sapphire
../../keys/ssh/schrader
../../keys/ssh/jannusch
../../keys/ssh/jannusch-arch
../../keys/ssh/tassilo
../../keys/ssh/jonasga
../../keys/ssh/rouven
../../keys/ssh/joachim
];
};
time.timeZone = "Europe/Berlin";
# basic shell & editor
programs.vim.defaultEditor = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
atop
btop
bat
git
htop-vim
fd
ripgrep
tldr
tmux
usbutils
wget
neovim
helix
nmap
tcpdump
bat
dig
ethtool
iftop
ipcalc
iperf3
ipv6calc
lsof
ltrace
strace
mtr
traceroute
smartmontools
sysstat
tree
whois
eza
zsh
unzip
];
} }