blahai/nyx
1
0
Fork 0
mirror of https://github.com/blahai/nyx.git synced 2025-01-18 19:10:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

a lot of theia configs

Browse source
This commit is contained in:
blahai 2024-10-24 12:31:32 +03:00
parent 45b526254e
commit abd0901d29
Signed by: blahai
SSH key fingerprint: SHA256:ZfCryi+V64yG+vC1ZIIsqgvBCmA31tTi7RJ6M8CvpRc
1 changed files with 87 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

112
hosts/theia/configuration.nix
View file

@ -1,18 +1,47 @@
{ modulesPath, lib, pkgs, ... }: { { modulesPath, lib, pkgs, ... }: {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
imports = [ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
(modulesPath + "/profiles/qemu-guest.nix") imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
];
boot.initrd.availableKernelModules = [ "virtio_scsi" "ahci" ]; boot = {
boot.initrd.kernelModules = [ ]; initrd.availableKernelModules = [
boot.kernelModules = [ "kvm-amd" ]; "ata_piix"
boot.extraModulePackages = [ ]; "uhci_hcd"
boot.loader.grub = { "virtio_pci"
"virtio_scsi"
"ahci"
"sd_mod"
"sr_mod"
"virtio_blk"
];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
loader.grub = {
enable = true;
device = "/dev/vda";
};
};
zramSwap = {
enable = true; enable = true;
algorithm = "zstd";
memoryPercent = 50;
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/09e65ff9-2195-41d8-b6a4-671c306742c3";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/FED3-A372";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
}; };
networking = { networking = {
hostName = "theia";
useDHCP = lib.mkDefault false; useDHCP = lib.mkDefault false;
defaultGateway = { defaultGateway = {
address = "178.63.247.183"; address = "178.63.247.183";
@ -22,32 +51,65 @@
interfaces = { interfaces = {
ens3 = { ens3 = {
ipv4 = { ipv4 = {
addresses = [ addresses = [{
{ address = "178.63.118.252";
address = "178.63.118.252"; prefixLength = 32;
prefixLength = 32; }];
}
];
routes = [ routes = [{
{ address = "178.63.247.183";
address = "178.63.247.183"; prefixLength = 32;
prefixLength = 32; }];
}
];
}; };
}; };
}; };
}; };
services.openssh = { services = {
enable = true; openssh = {
enable = true;
settings = { PasswordAuthentication = false; };
};
fail2ban = {
enable = true;
maxretry = 5;
bantime = "24h"; # Ban IPs for one day on the first ban
bantime-increment = {
enable = true; # Enable increment of bantime after each violation
overalljails = true; # Calculate the bantime based on all the violations
};
};
}; };
users.users.root = { users.users.root = {
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu elissa.tamminen@gmail.com" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLqPq70t6RbnI8UejEshYcfBP66I4OrLFjvGLLfIEXD"
]; ];
initialHashedPassword = "$y$j9T$TzqbL4iMGLjli6EEXfRCZ0$AhFJ4iCFxRlstth5owic3M5nq74Sp1qhtctjSBcgAl8"; initialHashedPassword =
"$y$j9T$TzqbL4iMGLjli6EEXfRCZ0$AhFJ4iCFxRlstth5owic3M5nq74Sp1qhtctjSBcgAl8";
}; };
users.users.pingu = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLqPq70t6RbnI8UejEshYcfBP66I4OrLFjvGLLfIEXD"
];
initialHashedPassword =
"$y$j9T$cxwKGmzYyC1eLeIysr8r/.$dsxxxV4NvXY.Wpd9LO.RiuMQuy2lYyy2HGrk52BJX08";
};
environment.systemPackages = with pkgs; [
git
curl
bat
neovim
btop
zip
jq
busybox
];
} }