From 921a59a30e11dad1a9537a6da0459c9df279cf7d Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Josh)" Date: Sun, 22 Sep 2024 12:31:03 -0500 Subject: [PATCH] more devices --- hosts/_common/components/stormd.nix | 29 ++++++++++ hosts/joe/configuration.nix | 1 + users/_common/home_manager/ssh.nix | 83 +++++++++++++++++++++------ users/_common/nix_modules/ssh-key.nix | 2 +- 4 files changed, 97 insertions(+), 18 deletions(-) create mode 100644 hosts/_common/components/stormd.nix diff --git a/hosts/_common/components/stormd.nix b/hosts/_common/components/stormd.nix new file mode 100644 index 0000000..1577b97 --- /dev/null +++ b/hosts/_common/components/stormd.nix @@ -0,0 +1,29 @@ +{ pkgs, ... }: +{ + # environment.systemPackages = with pkgs; [ + # ]; + + # TODO make a derivation for stormd binary and get it properlly in the store. This is super janky and the binary just has to exist there right now. + + # networking.firewall.allowedUDPPorts = [ 4242 ]; + + systemd.services."stormd" = { + description = "Stormd service"; + wants = [ "basic.target" ]; + after = [ + "basic.target" + "network.target" + ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "notify"; + Restart = "always"; + RestartSec = 1; + ExecStart = "/etc/stormd/stormd daemon"; + }; + unitConfig = { + StartLimitIntervalSec = 5; + StartLimitBurst = 3; + }; + }; +} diff --git a/hosts/joe/configuration.nix b/hosts/joe/configuration.nix index 2cd089b..37633e1 100644 --- a/hosts/joe/configuration.nix +++ b/hosts/joe/configuration.nix @@ -16,6 +16,7 @@ (settings.hostsDir + "/_common/components/home_manager.nix") (settings.hostsDir + "/_common/components/gnome_xorg.nix") (settings.hostsDir + "/_common/components/docker.nix") + # (settings.hostsDir + "/_common/components/stormd.nix") TODO figure out why this is failing (settings.hostsDir + "/_common/components/nebula.nix") # Users this machine has (settings.usersDir + "/root/configuration.nix") diff --git a/users/_common/home_manager/ssh.nix b/users/_common/home_manager/ssh.nix index b64b1e1..ea9bd2e 100644 --- a/users/_common/home_manager/ssh.nix +++ b/users/_common/home_manager/ssh.nix @@ -1,39 +1,30 @@ { age, ... }: { + # TODO can I put all IP's in the flake.nix top level settings and pull them in here instead? programs.ssh = { enable = true; matchBlocks = { + # EXTERNAL "github.com" = { identityFile = age.secrets.nix2github.path; }; "bitbucket.org" = { identityFile = age.secrets.nix2bitbucket.path; }; - "h001" = { - identityFile = age.secrets.nix2h001.path; - # TODO come back to these 10.12.14.## addrs and change them to intranet IP's instead of local network. - # LOCAL HOME NETWORK ONLY - hostname = "10.12.14.2"; - user = "root"; - }; - "h002" = { - identityFile = age.secrets.nix2h002.path; - hostname = "10.20.40.12"; - user = "luser"; - }; + # PERSONAL DEVICES "joe" = { identityFile = age.secrets.nix2joe.path; - hostname = "10.20.40.2"; + hostname = "10.20.40.102"; user = "josh"; }; "gpdPocket3" = { identityFile = age.secrets.nix2gpdPocket3.path; - hostname = "10.20.40.22"; # TODO onboard ot nebula network + hostname = "10.20.40.103"; user = "josh"; }; "t" = { identityFile = age.secrets.nix2t.path; - hostname = "10.20.40.4"; # TODO get these from flake.nix hosts? + hostname = "10.20.40.180"; user = "joshua.bell"; localForwards = [ { @@ -51,14 +42,72 @@ TERM = "vt100"; }; }; + "mbptv" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.20.40.109"; + user = "waka"; + setEnv = { + TERM = "vt100"; + }; + }; + "mbptv_" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.12.14.101"; + user = "waka"; + setEnv = { + TERM = "vt100"; + }; + }; + "nothing1" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.20.40.124"; + user = "TODO"; + }; + "ipad1" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.20.40.125"; + user = "TODO"; + }; + "tab1" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.20.40.120"; + user = "TODO"; + }; + "pixel6" = { + identityFile = age.secrets.nix2gpdPocket3.path; + hostname = "10.20.40.126"; # TODO ON BOARD + user = "TODO"; + }; + # HOME SERVERS + "h001" = { + identityFile = age.secrets.nix2h001.path; + hostname = "10.20.40.190"; + user = "root"; + }; + "h001_" = { + identityFile = age.secrets.nix2h001.path; + hostname = "10.12.14.2"; + user = "root"; + }; + "h002" = { + identityFile = age.secrets.nix2h002.path; + hostname = "10.20.40.191"; + user = "luser"; + }; + # LINODE SERVERS "l001" = { identityFile = age.secrets.nix2l001.path; - hostname = "172.105.22.34"; + hostname = "172.105.22.34"; # TODO REMOVE - OFF BOARD user = "root"; }; + "l002_" = { + identityFile = age.secrets.nix2l002.path; + hostname = "172.232.4.54"; + user = "luser"; + }; "l002" = { identityFile = age.secrets.nix2l002.path; - hostname = "172.232.4.54"; + hostname = "10.20.40.1"; user = "luser"; }; }; diff --git a/users/_common/nix_modules/ssh-key.nix b/users/_common/nix_modules/ssh-key.nix index 3acebb6..6c4d542 100644 --- a/users/_common/nix_modules/ssh-key.nix +++ b/users/_common/nix_modules/ssh-key.nix @@ -1,4 +1,4 @@ -{ settings, pkgs, ... }: +{ settings, ... }: { # Ensure SSH key pair generation for non-root users systemd.services.generate_ssh_key = {