ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

more devices

Browse source
This commit is contained in:
RingOfStorms (Josh) 2024-09-22 12:31:03 -05:00
parent 1c6f6ef6d3
commit 921a59a30e
4 changed files with 97 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

29
hosts/_common/components/stormd.nix Normal file
View file

@ -0,0 +1,29 @@
{ pkgs, ... }:
{
# environment.systemPackages = with pkgs; [
# ];
# TODO make a derivation for stormd binary and get it properlly in the store. This is super janky and the binary just has to exist there right now.
# networking.firewall.allowedUDPPorts = [ 4242 ];
systemd.services."stormd" = {
description = "Stormd service";
wants = [ "basic.target" ];
after = [
"basic.target"
"network.target"
];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "notify";
Restart = "always";
RestartSec = 1;
ExecStart = "/etc/stormd/stormd daemon";
};
unitConfig = {
StartLimitIntervalSec = 5;
StartLimitBurst = 3;
};
};
}

1
hosts/joe/configuration.nix
View file

@ -16,6 +16,7 @@
(settings.hostsDir + "/_common/components/home_manager.nix") (settings.hostsDir + "/_common/components/home_manager.nix")
(settings.hostsDir + "/_common/components/gnome_xorg.nix") (settings.hostsDir + "/_common/components/gnome_xorg.nix")
(settings.hostsDir + "/_common/components/docker.nix") (settings.hostsDir + "/_common/components/docker.nix")
# (settings.hostsDir + "/_common/components/stormd.nix") TODO figure out why this is failing
(settings.hostsDir + "/_common/components/nebula.nix") (settings.hostsDir + "/_common/components/nebula.nix")
# Users this machine has # Users this machine has
(settings.usersDir + "/root/configuration.nix") (settings.usersDir + "/root/configuration.nix")

83
users/_common/home_manager/ssh.nix
View file

@ -1,39 +1,30 @@
{ age, ... }: { age, ... }:
{ {
# TODO can I put all IP's in the flake.nix top level settings and pull them in here instead?
programs.ssh = { programs.ssh = {
enable = true; enable = true;
matchBlocks = { matchBlocks = {
# EXTERNAL
"github.com" = { "github.com" = {
identityFile = age.secrets.nix2github.path; identityFile = age.secrets.nix2github.path;
}; };
"bitbucket.org" = { "bitbucket.org" = {
identityFile = age.secrets.nix2bitbucket.path; identityFile = age.secrets.nix2bitbucket.path;
}; };
"h001" = { # PERSONAL DEVICES
identityFile = age.secrets.nix2h001.path;
# TODO come back to these 10.12.14.## addrs and change them to intranet IP's instead of local network.
# LOCAL HOME NETWORK ONLY
hostname = "10.12.14.2";
user = "root";
};
"h002" = {
identityFile = age.secrets.nix2h002.path;
hostname = "10.20.40.12";
user = "luser";
};
"joe" = { "joe" = {
identityFile = age.secrets.nix2joe.path; identityFile = age.secrets.nix2joe.path;
hostname = "10.20.40.2"; hostname = "10.20.40.102";
user = "josh"; user = "josh";
}; };
"gpdPocket3" = { "gpdPocket3" = {
identityFile = age.secrets.nix2gpdPocket3.path; identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.22"; # TODO onboard ot nebula network hostname = "10.20.40.103";
user = "josh"; user = "josh";
}; };
"t" = { "t" = {
identityFile = age.secrets.nix2t.path; identityFile = age.secrets.nix2t.path;
hostname = "10.20.40.4"; # TODO get these from flake.nix hosts? hostname = "10.20.40.180";
user = "joshua.bell"; user = "joshua.bell";
localForwards = [ localForwards = [
{ {
@ -51,14 +42,72 @@
TERM = "vt100"; TERM = "vt100";
}; };
}; };
"mbptv" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.109";
user = "waka";
setEnv = {
TERM = "vt100";
};
};
"mbptv_" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.12.14.101";
user = "waka";
setEnv = {
TERM = "vt100";
};
};
"nothing1" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.124";
user = "TODO";
};
"ipad1" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.125";
user = "TODO";
};
"tab1" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.120";
user = "TODO";
};
"pixel6" = {
identityFile = age.secrets.nix2gpdPocket3.path;
hostname = "10.20.40.126"; # TODO ON BOARD
user = "TODO";
};
# HOME SERVERS
"h001" = {
identityFile = age.secrets.nix2h001.path;
hostname = "10.20.40.190";
user = "root";
};
"h001_" = {
identityFile = age.secrets.nix2h001.path;
hostname = "10.12.14.2";
user = "root";
};
"h002" = {
identityFile = age.secrets.nix2h002.path;
hostname = "10.20.40.191";
user = "luser";
};
# LINODE SERVERS
"l001" = { "l001" = {
identityFile = age.secrets.nix2l001.path; identityFile = age.secrets.nix2l001.path;
hostname = "172.105.22.34"; hostname = "172.105.22.34"; # TODO REMOVE - OFF BOARD
user = "root"; user = "root";
}; };
"l002_" = {
identityFile = age.secrets.nix2l002.path;
hostname = "172.232.4.54";
user = "luser";
};
"l002" = { "l002" = {
identityFile = age.secrets.nix2l002.path; identityFile = age.secrets.nix2l002.path;
hostname = "172.232.4.54"; hostname = "10.20.40.1";
user = "luser"; user = "luser";
}; };
}; };

2
users/_common/nix_modules/ssh-key.nix
View file

@ -1,4 +1,4 @@
{ settings, pkgs, ... }: { settings, ... }:
{ {
# Ensure SSH key pair generation for non-root users # Ensure SSH key pair generation for non-root users
systemd.services.generate_ssh_key = { systemd.services.generate_ssh_key = {