From 34819caf1fd61b4f7de1293b719d80e59c2220b1 Mon Sep 17 00:00:00 2001 From: L-Nafaryus Date: Mon, 10 Mar 2025 23:20:09 +0500 Subject: [PATCH] new: nixosConfigurations.priscilla --- nixosConfigurations/default.nix | 7 ++ nixosConfigurations/priscilla/default.nix | 103 ++++++++++++++++++++++ nixosConfigurations/vinheim/users.nix | 2 +- 3 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 nixosConfigurations/priscilla/default.nix diff --git a/nixosConfigurations/default.nix b/nixosConfigurations/default.nix index 2ac2e49..7b4ff51 100644 --- a/nixosConfigurations/default.nix +++ b/nixosConfigurations/default.nix @@ -44,4 +44,11 @@ bonPkgs = self.packages.x86_64-linux; }; }; + + priscilla = lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./priscilla + ]; + }; } diff --git a/nixosConfigurations/priscilla/default.nix b/nixosConfigurations/priscilla/default.nix new file mode 100644 index 0000000..45004bb --- /dev/null +++ b/nixosConfigurations/priscilla/default.nix @@ -0,0 +1,103 @@ +{ + modulesPath, + config, + lib, + pkgs, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + system.stateVersion = "25.05"; + + system.build.qcow2 = import "${modulesPath}/../lib/make-disk-image.nix" { + inherit lib config pkgs; + diskSize = 10240; + format = "qcow2"; + partitionTableType = "hybrid"; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + autoResize = true; + fsType = "ext4"; + }; + + boot = { + loader.grub.enable = lib.mkForce true; + loader.grub.device = lib.mkDefault "/dev/vda"; + loader.timeout = lib.mkForce 0; + kernelParams = ["console=tty1" "console=ttyS0,115200"]; + }; + + networking = { + useDHCP = true; + firewall.enable = true; + }; + + services = { + qemuGuest = { + enable = true; + }; + + openssh = { + enable = true; + openFirewall = true; + }; + + journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; + + resolved = { + enable = true; + dnssec = "false"; + }; + }; + + users.users.l-nafaryus = { + isNormalUser = true; + extraGroups = ["wheel"]; + shell = pkgs.nushell; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS" + ]; + initialPassword = "nixos"; + }; + + users.users.root.openssh.authorizedKeys.keys = + config.users.users.l-nafaryus.openssh.authorizedKeys.keys; + + nix = { + settings = { + experimental-features = ["nix-command" "flakes"]; + trusted-users = ["l-nafaryus"]; + allowed-users = ["l-nafaryus"]; + substituters = [ + "https://cache.elnafo.ru" + "https://bonfire.cachix.org" + "https://nix-community.cachix.org" + ]; + trusted-public-keys = [ + "cache.elnafo.ru:j3VD+Hn+is2Qk3lPXDSdPwHJQSatizk7V82iJ2RP1yo=" + "bonfire.cachix.org-1:mzAGBy/Crdf8NhKail5ciK7ZrGRbPJJobW6TwFb7WYM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + auto-optimise-store = true; + allowed-uris = [ + "github:" + "git+https://github.com/" + "git+ssh://github.com/" + "git+https://vcs.elnafo.ru/" + "git+ssh://vcs.elnafo.ru/" + ]; + }; + gc = { + automatic = lib.mkDefault true; + dates = lib.mkDefault "weekly"; + options = lib.mkDefault "--delete-older-than 7d"; + }; + }; +} diff --git a/nixosConfigurations/vinheim/users.nix b/nixosConfigurations/vinheim/users.nix index 4faf0ee..dc18204 100644 --- a/nixosConfigurations/vinheim/users.nix +++ b/nixosConfigurations/vinheim/users.nix @@ -81,7 +81,7 @@ in { podman-compose dive - ksshaskpass + kdePackages.ksshaskpass dbeaver-bin