diff --git a/flake.lock b/flake.lock index 9a06f64..17e121a 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1732521221, - "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", + "lastModified": 1741246872, + "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", + "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 151d0a9..185d04c 100644 --- a/flake.nix +++ b/flake.nix @@ -42,6 +42,7 @@ services.openssh = { enable = true; + openFirewall = true; startWhenNeeded = true; settings.PasswordAuthentication = false; settings.KbdInteractiveAuthentication = false; @@ -99,6 +100,7 @@ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS" ]; + initialPassword = "test"; }; programs.fish.enable = true; @@ -112,9 +114,98 @@ }) ]; }; + + systemConfig2 = { + modules = with inputs; [ + ({ + modulesPath, + config, + ... + }: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + # (modulesPath + "/virtualisation/qemu-vm.nix") + ]; + + system.stateVersion = "25.05"; + + system.build.qcow2 = import "${modulesPath}/../lib/make-disk-image.nix" { + inherit lib config pkgs; + diskSize = 10240; + format = "qcow2"; + partitionTableType = "hybrid"; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + autoResize = true; + fsType = "ext4"; + }; + + boot = { + loader.grub.enable = lib.mkForce true; + loader.grub.device = lib.mkDefault "/dev/vda"; + loader.timeout = lib.mkForce 0; + kernelParams = ["console=tty1" "console=ttyS0,115200"]; + }; + + # boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"]; + + networking = { + useDHCP = true; + firewall.enable = true; + }; + + services = { + qemuGuest = { + enable = true; + }; + + openssh = { + enable = true; + openFirewall = true; + # openFirewall = true; + # startWhenNeeded = true; + # settings.PasswordAuthentication = true; + # settings.KbdInteractiveAuthentication = true; + # settings.X11Forwarding = true; + }; + + journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; + + resolved = { + enable = true; + dnssec = "false"; + }; + }; + + users.users.l-nafaryus = { + isNormalUser = true; + extraGroups = ["wheel"]; + shell = pkgs.nushell; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS" + ]; + initialPassword = "nixos"; + }; + + users.users.root.openssh.authorizedKeys.keys = + config.users.users.l-nafaryus.openssh.authorizedKeys.keys; + + # virtualisation.qemu.options = [ + # "-net user,hostfwd=tcp::10022-:22" + # "-net nic" + # "-nographic" + # ]; + }) + ]; + }; in { nixosConfigurations = { - nixtt = lib.nixosSystem (systemConfig // {system = "x86_64-linux";}); + nixtt = lib.nixosSystem (systemConfig2 // {system = "x86_64-linux";}); }; devShells = {