os/hosts/droppie/droppie.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

61 lines
1.4 KiB
Nix
Raw Normal View History

2023-01-28 21:27:52 +00:00
{
config,
pkgs,
lib,
self,
...
}:
with lib; let
2022-08-13 16:08:27 +00:00
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
2023-01-28 21:27:52 +00:00
in {
2022-08-13 16:08:27 +00:00
imports = [
./configuration.nix
./nextcloud-web-tunnel.nix
./restic-backup.nix
2022-08-13 16:08:27 +00:00
];
config = {
hardware.cpu.intel.updateMicrocode = true;
2022-08-14 15:51:01 +00:00
pub-solar.core.disk-encryption-active = false;
2022-10-03 01:09:12 +00:00
pub-solar.core.lite = true;
2022-08-13 18:15:22 +00:00
security.sudo.extraRules = [
{
2023-01-28 21:27:52 +00:00
users = ["${psCfg.user.name}"];
2022-08-13 18:15:22 +00:00
commands = [
{
command = "ALL";
2023-01-28 21:27:52 +00:00
options = ["NOPASSWD"];
2022-08-13 18:15:22 +00:00
}
];
}
];
2022-08-23 16:04:21 +00:00
services.ddclient = {
enable = false;
2022-08-23 16:04:21 +00:00
ipv6 = true;
2023-01-28 21:27:52 +00:00
domains = ["backup.b12f.io"];
2022-08-23 16:04:21 +00:00
server = "ddns.hosting.de";
2022-08-23 16:23:08 +00:00
username = "b12f";
use = "web, web=https://ipcheck-ds.wieistmeineip.de/callback/, web-skip='ip\":\"'";
2022-08-23 16:04:21 +00:00
passwordFile = "/run/agenix/dyndns-droppie.key";
};
age.secrets."dyndns-droppie.key" = {
file = "${self}/secrets/dyndns-droppie.key";
mode = "400";
owner = "root";
2022-08-23 16:04:21 +00:00
};
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQSephFJU0NMbVbhwvVJ2/m6jcPYo1IsWCsoarqKin root@droppie
age.secrets."droppie-ssh-root.key" = {
file = "${self}/secrets/droppie-ssh-root.key";
path = "/home/${psCfg.user.name}/.ssh/id_ed25519";
mode = "400";
owner = psCfg.user.name;
};
2022-08-13 16:08:27 +00:00
};
}