Compare commits

..

1 Commits

Author SHA1 Message Date
90baf7bfcb bluemap on bekkalokk 💀 2024-09-01 22:06:59 +02:00
8 changed files with 19 additions and 86 deletions

View File

@ -26,14 +26,10 @@ Det er sikkert lurt å lage en PR først om du ikke er vandt til nix enda.
Innen 24h skal alle systemene hente ned den nye konfigurasjonen og deploye den. Innen 24h skal alle systemene hente ned den nye konfigurasjonen og deploye den.
Du kan tvinge en maskin til å oppdatere seg før dette ved å kjøre: Du kan tvinge en maskin til å oppdatere seg før dette ved å kjøre:
`nixos-rebuild switch --update-input nixpkgs --update-input nixpkgs-unstable --no-write-lock-file --refresh --upgrade --flake git+https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git` `nixos-rebuild switch --update-input nixpkgs --update-input nixpkgs-unstable --no-write-lock-file --refresh --flake git+https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git --upgrade`
som root på maskinen. som root på maskinen.
Hvis du ikke har lyst til å oppdatere alle pakkene (og kanskje måtte vente en stund!) kan du kjøre
`nixos-rebuild switch --override-input nixpkgs nixpkgs --override-input nixpkgs-unstable nixpkgs-unstable --flake git+https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git`
## Seksjonen for hemmeligheter ## Seksjonen for hemmeligheter
For at hemmeligheter ikke skal deles med hele verden i git - eller å være world For at hemmeligheter ikke skal deles med hele verden i git - eller å være world

View File

@ -1,4 +1,4 @@
{ pkgs, lib, ... }: { pkgs, ... }:
{ {
imports = [ imports = [
@ -10,17 +10,12 @@
./services/acme.nix ./services/acme.nix
./services/auto-upgrade.nix ./services/auto-upgrade.nix
./services/irqbalance.nix
./services/logrotate.nix ./services/logrotate.nix
./services/nginx.nix ./services/nginx.nix
./services/openssh.nix ./services/openssh.nix
./services/postfix.nix
./services/smartd.nix
./services/thermald.nix ./services/thermald.nix
]; ];
boot.tmp.cleanOnBoot = lib.mkDefault true;
time.timeZone = "Europe/Oslo"; time.timeZone = "Europe/Oslo";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -47,11 +42,6 @@
programs.zsh.enable = true; programs.zsh.enable = true;
security.sudo.execWheelOnly = true;
security.sudo.extraConfig = ''
Defaults lecture = never
'';
users.groups."drift".name = "drift"; users.groups."drift".name = "drift";
# Trusted users on the nix builder machines # Trusted users on the nix builder machines

View File

@ -1,19 +1,8 @@
{ inputs, ... }: { inputs, ... }:
{ {
nix = { nix.gc.automatic = true;
gc = { nix.gc.options = "--delete-older-than 2d";
automatic = true; nix.settings.experimental-features = [ "nix-command" "flakes" ];
options = "--delete-older-than 2d";
};
settings = {
allow-dirty = true;
auto-optimise-store = true;
builders-use-substitutes = true;
experimental-features = [ "nix-command" "flakes" ];
log-lines = 50;
use-xdg-base-directories = true;
};
/* This makes commandline tools like /* This makes commandline tools like
** nix run nixpkgs#hello ** nix run nixpkgs#hello
@ -21,14 +10,8 @@
** use the same channel the system ** use the same channel the system
** was built with ** was built with
*/ */
registry = { nix.registry = {
"nixpkgs".flake = inputs.nixpkgs; nixpkgs.flake = inputs.nixpkgs;
"nixpkgs-unstable".flake = inputs.nixpkgs-unstable;
"pvv-nix".flake = inputs.self;
};
nixPath = [
"nixpkgs=${inputs.nixpkgs}"
"unstable=${inputs.unstable}"
];
}; };
nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
} }

View File

@ -1,4 +0,0 @@
{ ... }:
{
services.irqbalance.enable = true;
}

View File

@ -2,7 +2,6 @@
{ {
services.openssh = { services.openssh = {
enable = true; enable = true;
startWhenNeeded = true;
extraConfig = '' extraConfig = ''
PubkeyAcceptedAlgorithms=+ssh-rsa PubkeyAcceptedAlgorithms=+ssh-rsa
Match Group wheel Match Group wheel

View File

@ -1,23 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.services.postfix;
in
{
services.postfix = {
enable = true;
hostname = "${config.networking.hostName}.pvv.ntnu.no";
domain = "pvv.ntnu.no";
relayHost = "smtp.pvv.ntnu.no";
relayPort = 465;
config = {
smtp_tls_wrappermode = "yes";
smtp_tls_security_level = "encrypt";
};
# Nothing should be delivered to this machine
destination = [ ];
};
}

View File

@ -1,8 +0,0 @@
{ config, pkgs, lib, ... }:
{
services.smartd.enable = lib.mkDefault true;
environment.systemPackages = lib.optionals config.services.smartd.enable (with pkgs; [
smartmontools
]);
}

8
flake.lock generated
View File

@ -214,11 +214,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1725212759, "lastModified": 1722722932,
"narHash": "sha256-yZBsefIarFUEhFRj+rCGMp9Zvag3MCafqV/JfGVRVwc=", "narHash": "sha256-K81a2GQpY2kRX+C9ek9r91THlZB674CqRTSMMb5IO7E=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "e7b66b4bc6a89bab74bac45b87e9434f5165355f", "rev": "6580cfe546c902cdf11e17b0b8aa30b3c412bb34",
"revCount": 473, "revCount": 465,
"type": "git", "type": "git",
"url": "https://git.pvv.ntnu.no/Projects/nettsiden.git" "url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
}, },