c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-11-21 14:59:08 +01:00
parent cbcf3a0e3d
commit 7ed54e66ec
4 changed files with 104 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
hosts/lush.nix
View File

@@ -1,5 +1,16 @@
{ lib, pkgs, ... }:
{ lib, pkgs, inputs, ... }:
{
system.stateVersion = "23.05"; # Did you read the comment?
imports = [
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
#inputs.nixos-hardware.nixosModules.raspberry-pi-4
];
#nixpkgs.hostPlatform.system = "aarch64-linux";
#nixpkgs.buildPlatform.system = "x86_64-linux";
hardware.enableRedistributableFirmware = true;
# This causes an overlay which causes a lot of rebuilding
environment.noXlibs = lib.mkForce false;
@@ -12,28 +23,34 @@
};
boot = {
kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
#kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
loader = {
generic-extlinux-compatible.enable = lib.mkDefault true;
grub.enable = lib.mkDefault false;
};
};
nix.settings = {
experimental-features = lib.mkDefault "nix-command flakes";
trusted-users = [ "root" "@wheel" ];
services.openssh = {
enable = true;
ports = [ 22 ];
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
};
# end of base.nix
environment.systemPackages = with pkgs; [ vim git ];
services.openssh.enable = true;
networking.hostName = "luna";
networking.hostName = "lush";
users = {
users.me = {
password = "hello";
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICWsqiz0gEepvPONYxqhKKq4Vxfe1h+jo11k88QozUch me@bitwarden"
];
};
};
networking = {
@@ -50,7 +67,6 @@
/*
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
loader = {
@@ -58,64 +74,6 @@
generic-extlinux-compatible.enable = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
};
networking = {
hostName = hostname;
wireless = {
enable = true;
networks."${SSID}".psk = SSIDpassword;
interfaces = [ interface ];
};
};
environment.systemPackages = with pkgs; [ vim ];
services.openssh.enable = true;
users = {
mutableUsers = false;
users."${user}" = {
isNormalUser = true;
password = password;
extraGroups = [ "wheel" ];
};
};
system.stateVersion = "23.11";
*/
}

111
hosts/rpi.nix
View File

@@ -1,13 +1,24 @@
{ lib, pkgs, ... }:
{ lib, pkgs, inputs, ... }:
{
imports = [
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
inputs.nixos-hardware.nixosModules.raspberry-pi-4
../common/all.nix
../common/nixos-headless.nix
../users/me/default.nix
../users/me/headless.nix
../users/root/default.nix
];
system.stateVersion = "23.05";
# to cross compile
#nixpkgs.hostPlatform.system = "aarch64-linux";
#nixpkgs.buildPlatform.system = "x86_64-linux";
hardware.enableRedistributableFirmware = true;
# This causes an overlay which causes a lot of rebuilding
environment.noXlibs = lib.mkForce false;
# "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" creates a
@@ -20,7 +31,7 @@
};
boot = {
kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
#kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
loader = {
generic-extlinux-compatible.enable = lib.mkDefault true;
grub.enable = lib.mkDefault false;
@@ -80,43 +91,67 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjgXf9S9hxjyph2EEFh1el0z4OUT9fMoFAaDanjiuKa me@main"
];
################################ samba ######################################
services.samba-wsdd.enable = true; # make shares visible for windows 10 clients
services.samba = {
enable = true;
securityType = "user";
extraConfig = ''
security = user
map to guest = bad user
guest account = me
server role = standalone server
workgroup = WORKGROUP
'';
shares = {
rpi_schule = {
path = "${workDir}/rpi-schule/";
"guest ok" = "yes";
"read only" = "no";
public = "yes";
writable = "yes";
printable = "no";
comment = "share for rpi in school wlan";
};
share = {
comment = "share for sharing stuff";
path = "${workDir}/share";
public = "yes";
"guest ok" = "yes";
"read only" = "no";
writable = "yes";
};
};
};
enable = true;
securityType = "user";
extraConfig = ''
server role = standalone server
map to guest = bad user
usershare allow guests = yes
hosts allow = 192.168.0.0/16
hosts deny = 0.0.0.0
workgroup = WORKGROUP
security = user
'';
shares = {
files = {
"valid users" = "files";
"comment" = "all my files";
"path" = "/home/files/storage/files";
"read only" = "no";
"guest ok" = "no";
"force user" = "files";
"force group" = "files";
"force create mode" = "0777";
# Papierkorb
"vfs object" = "recycle";
"recycle:repository" = "/home/files/storage/files/trash-files";
"recycle:keeptree" = "No";
"recycle:versions" = "Yes";
"recycle:touch" = "Yes";
"recycle:touch_mtime" = "Yes";
"recycle:maxsize" = "8000";
};
lan = {
"comment" = "gastordner";
"path" = "/home/files/storage/lan";
"read only" = "no";
"guest ok" = "yes";
"force user" = "files";
"force group" = "files";
"force create mode" = "0777";
# Papierkorb
"vfs object" = "recycle";
"recycle:repository" = "/home/files/storage/files/trash-lan";
"recycle:keeptree" = "No";
"recycle:versions" = "Yes";
"recycle:touch" = "Yes";
"recycle:touch_mtime" = "Yes";
"recycle:maxsize" = "8000";
};
mama = {
"comment" = "Meine Dateien auf Mamas Laptop";
"path" = "/home/files/storage/files/stuff/Mamas-Laptop";
"read only" = "no";
"guest ok" = "no";
"valid users" = "mamafiles";
"force user" = "files";
"force group" = "files";
"force create mode" = "0777";
};
};
};
}