From 1118a8d90404e1db60e78d74c7f7f153f2e8cfe8 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Fri, 8 Sep 2023 13:42:13 +0200 Subject: [PATCH] Add server config --- flake.nix | 6 ++++-- modules/dwl/default.nix | 2 ++ modules/misc/default.nix | 13 +++++++++++-- modules/misc/zsh/init.zsh | 2 +- modules/server/default.nix | 25 +++++++++++++++++++++++++ 5 files changed, 43 insertions(+), 5 deletions(-) create mode 100644 modules/server/default.nix diff --git a/flake.nix b/flake.nix index 145498b..d425704 100644 --- a/flake.nix +++ b/flake.nix @@ -38,7 +38,7 @@ } @ rawInput: let user = "zoriya"; - mkSystem = system: hostname: de: custom: let + mkSystem = hostname: de: custom: let inputs = rawInput // {inherit user;}; in nixpkgs.lib.nixosSystem { @@ -87,13 +87,15 @@ }; in { nixosConfigurations = { - fuhen = mkSystem "x86_64-linux" "fuhen" "dwl" [ + fuhen = mkSystem "fuhen" "dwl" [ tuxedo-nixos.nixosModules.default ({lib, ...}: { hardware.tuxedo-keyboard.enable = true; hardware.tuxedo-control-center.enable = true; }) ]; + + saikai = mkSystem "saikai" "server" []; }; }; } diff --git a/modules/dwl/default.nix b/modules/dwl/default.nix index e71c296..4f357e1 100644 --- a/modules/dwl/default.nix +++ b/modules/dwl/default.nix @@ -18,6 +18,8 @@ }; }; + networking.networkmanager.enable = true; + environment.systemPackages = with pkgs; [ dwl ags.packages.x86_64-linux.default diff --git a/modules/misc/default.nix b/modules/misc/default.nix index d67eabe..22fcfb0 100644 --- a/modules/misc/default.nix +++ b/modules/misc/default.nix @@ -19,7 +19,6 @@ }; efi.canTouchEfiVariables = true; }; - networking.networkmanager.enable = true; services.automatic-timezoned.enable = true; programs.gnupg.agent = { @@ -45,7 +44,17 @@ }; virtualisation.docker.enable = true; - documentation.dev.enable = true; + + documentation = { + enable = true; + dev.enable = true; + man = { + enable = true; + generateCaches = true; + }; + info.enable = true; + nixos.enable = true; + }; # boot.kernelPackages = pkgs.linuxPackages_latest; # This was needed on older versions of the kernel. diff --git a/modules/misc/zsh/init.zsh b/modules/misc/zsh/init.zsh index 6f5fee7..caf018f 100644 --- a/modules/misc/zsh/init.zsh +++ b/modules/misc/zsh/init.zsh @@ -27,7 +27,7 @@ function zvm_before_init() { function zvm_after_init() { # Restore plugin bindings that zsh-vi-mode overrides. bindkey '^r' _atuin_search_widget - bindkey '\ej' jq-complete + # bindkey '\ej' jq-complete bindkey '^[d' kill-word ZVM_LINE_INIT_MODE=$ZVM_MODE_INSERT } diff --git a/modules/server/default.nix b/modules/server/default.nix new file mode 100644 index 0000000..b7fb679 --- /dev/null +++ b/modules/server/default.nix @@ -0,0 +1,25 @@ +{ + # Make it use predictable interface names starting with eth0 + boot.kernelParams = ["net.ifnames=0"]; + + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + + services.fail2ban = { + enable = true; + bantime = "-1"; + }; + + virtualisation.oci-containers.containers."watchtower" = { + autoStart = true; + image = "containrrr/watchtower"; + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + ]; + }; +}