pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
nix/lxc-nix/configuration.nix
pazpi 863438fb14
Removed old Nas ssh Key
2024-08-16 18:20:06 +02:00

131 lines
3.4 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
let
parameters = import ./parameters.nix { };
# GID = 888;
# user = "rtorrent";
# passwordHash = "$y$j9T$dA94KVg1/jYLqclQQbTDk.$cnfxBWUN8P4shr8Kkipv5bU/RCtQNoAwYFDZ0X/BYs5";
timeZone = "Europe/Rome";
defaultLocale = "en_US.UTF-8";
in
{
imports = [
# Need to load some defaults for running in an lxc container.
# This is explained in:
# https://github.com/nix-community/nixos-generators/issues/79
# "${modulesPath}/virtualisation/lxc-container.nix"
# ./modules/qbittorrent.nix
./modules/rutorrent.nix
# ./services/qbittorrent.nix
./services/rutorrent.nix
./services/networking.nix
];
# This doesn't do _everything_ we need, because `boot.isContainer` is
# specifically talking about light-weight NixOS containers, not LXC. But it
# does at least gives us something to start with.
boot.isContainer = true;
networking = {
hostName = parameters.containerName;
};
nixpkgs.config.allowUnfree = true;
# Extra packages
# environment.systemPackages = with pkgs; [ ];
services = {
openssh.enable = true;
tailscale = {
enable = false;
useRoutingFeatures = "both";
extraUpFlags = [ "--exit-node=${parameters.tailscaleExitNodeIP}" ];
authKeyFile = builtins.toFile "authKey" ''${parameters.tailscaleAuthKey}'';
};
};
time.timeZone = parameters.timeZone;
i18n = {
defaultLocale = defaultLocale;
extraLocaleSettings = {
LC_ADDRESS = defaultLocale;
LC_IDENTIFICATION = defaultLocale;
LC_MEASUREMENT = defaultLocale;
LC_MONETARY = defaultLocale;
LC_NAME = defaultLocale;
LC_PAPER = defaultLocale;
LC_TELEPHONE = defaultLocale;
# LC_NUMERIC = defaultLocale;
# LC_TIME = defaultLocale;
};
};
users = {
# If set to false, the contents of the user and group files will simply
# be replaced on system activation.
# This also holds for the user passwords.
# All changed passwords will be reset according
# to the `users.users` configuration on activation.
mutableUsers = false;
users.root = {
hashedPassword = "$6$gir1YD6tNdC9xAj0$zLr1yt/ea9PvwygjHfQVnPmeCd1.2zrAKWiN80duidwOkZF6hwm06ta6J3O9uw6F3uUHC0N7iiKYhCgXXR.Q7/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
];
};
users.pazpi = {
isNormalUser = true;
shell = pkgs.bash;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
];
};
# groups = {
# qbittorrent = { gid = GID; };
# };
# users."${user}" = {
# isNormalUser = true;
# group = "qbittorrent";
# extraGroups = [ "user" "multimedia" ];
# # initialHashedPassword = passwordHash;
# };
};
# # Enable passwordless sudo.
# security.sudo.extraRules = [
# {
# users = [ user ];
# commands = [
# {
# command = "ALL";
# options = [ "NOPASSWD" ];
# }
# ];
# }
# ];
# Supress systemd units that don't work because of LXC.
# https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak
systemd.suppressedSystemUnits = [
"dev-mqueue.mount"
"sys-kernel-debug.mount"
"sys-fs-fuse-connections.mount"
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "24.05";
}
Reference in a new issue View git blame Copy permalink