nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixos/server: cleanup

Browse source
This commit is contained in:
Guanran Wang 2024-08-23 16:10:31 +08:00
parent 45fedb189e
commit 8a0667ee2a
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
6 changed files with 11 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -152,6 +152,7 @@
defaults.imports = [ defaults.imports = [
./nixos/profiles/core ./nixos/profiles/core
./nixos/profiles/server
]; ];
"tyo0" = { "tyo0" = {

2
hosts/blacksteel/default.nix
View file

@ -6,7 +6,6 @@
}: { }: {
imports = [ imports = [
# OS # OS
../../nixos/profiles/server
../../nixos/profiles/opt-in/mihomo ../../nixos/profiles/opt-in/mihomo
# Hardware # Hardware
@ -25,7 +24,6 @@
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
networking.hostName = "blacksteel"; networking.hostName = "blacksteel";
time.timeZone = "Asia/Shanghai";
system.stateVersion = "24.05"; system.stateVersion = "24.05";
######## Secrets ######## Secrets

2
hosts/tyo0/default.nix
View file

@ -6,7 +6,6 @@
}: { }: {
imports = [ imports = [
"${modulesPath}/virtualisation/amazon-image.nix" "${modulesPath}/virtualisation/amazon-image.nix"
../../nixos/profiles/server
./anti-feature.nix ./anti-feature.nix
./services/forgejo.nix ./services/forgejo.nix
@ -20,7 +19,6 @@
./services/vaultwarden.nix ./services/vaultwarden.nix
]; ];
time.timeZone = "Asia/Tokyo";
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1"; boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
system.stateVersion = "24.05"; system.stateVersion = "24.05";

6
nixos/profiles/core/default.nix
View file

@ -50,7 +50,7 @@
]; ];
users.mutableUsers = false; users.mutableUsers = false;
users.users = rec { users.users = {
"guanranwang" = { "guanranwang" = {
isNormalUser = true; isNormalUser = true;
description = "Guanran Wang"; description = "Guanran Wang";
@ -64,10 +64,6 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmd/uqiBahzKcKMJ+gT3dkUIdrWQgudspsDchDlx1E/ guanran928@outlook.com" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmd/uqiBahzKcKMJ+gT3dkUIdrWQgudspsDchDlx1E/ guanran928@outlook.com"
]; ];
}; };
"root" = {
openssh.authorizedKeys.keys = guanranwang.openssh.authorizedKeys.keys;
};
}; };
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;

2
nixos/profiles/core/nix.nix
View file

@ -26,7 +26,7 @@
"no-url-literals" "no-url-literals"
]; ];
flake-registry = ""; flake-registry = "";
trusted-users = ["root" "@wheel"]; trusted-users = ["@wheel"];
allow-import-from-derivation = false; allow-import-from-derivation = false;
auto-allocate-uids = true; auto-allocate-uids = true;
auto-optimise-store = true; auto-optimise-store = true;

13
nixos/profiles/server/default.nix
View file

@ -1,12 +1,15 @@
{pkgs, ...}: { {
pkgs,
config,
...
}: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
alacritty.terminfo
kitty.terminfo
foot.terminfo foot.terminfo
tmux.terminfo
wezterm.terminfo
]; ];
# TODO: colmena # TODO: colmena
services.openssh.settings.PermitRootLogin = "prohibit-password"; services.openssh.settings.PermitRootLogin = "prohibit-password";
users.users."root".openssh.authorizedKeys.keys = config.users.users.guanranwang.openssh.authorizedKeys.keys;
time.timeZone = "UTC";
} }