From a311f82e3fab0376b7dbb5de906eefd7592cfa5d Mon Sep 17 00:00:00 2001 From: Lyn Date: Thu, 5 Sep 2024 22:22:18 +0200 Subject: [PATCH] refactored host configuration into host-agnostic profile files --- hosts/forgenite/default.nix | 50 ++----------------------------------- meta/profiles/base.nix | 29 +++++++++++++++++++++ meta/profiles/vm.nix | 5 ++++ 3 files changed, 36 insertions(+), 48 deletions(-) create mode 100644 meta/profiles/base.nix create mode 100644 meta/profiles/vm.nix diff --git a/hosts/forgenite/default.nix b/hosts/forgenite/default.nix index 3c95c98..62156bf 100644 --- a/hosts/forgenite/default.nix +++ b/hosts/forgenite/default.nix @@ -4,64 +4,18 @@ ./../../services/forgejo.nix ./../../users/lyn ./hardware-configuration.nix + ./../../meta/profiles/base.nix + ./../../meta/profiles/vm.nix ]; - # Write path for borgbackup repos for backup.nix - #_module.args.borgrepolistfile = ./borgrepos; - - # Enable Flakes and the new command-line tool - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - # Set default editor to vim - environment.variables.EDITOR = "vim"; # Use UEFI boot.loader.systemd-boot.enable = true; - # Use the GRUB 2 boot loader. - #boot.loader.grub.enable = true; - #boot.loader.grub.device = "/dev/sda"; - networking.hostName = "forgejo"; # Define your hostname. - # Set your time zone. - time.timeZone = "Europe/Berlin"; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - git - vim - wget - curl - htop - ]; - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - settings = { - X11Forwarding = true; - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - openFirewall = true; - }; - - #enable qemu-guestagent - services.qemuGuest.enable = true; - # Disable password checking for wheel group users so we can solely rely on ssh keys - security.sudo.wheelNeedsPassword = false; # Firewall stuff: networking.firewall.enable = true; networking.firewall.allowPing = true; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It's perfectly fine and recommended to leave diff --git a/meta/profiles/base.nix b/meta/profiles/base.nix new file mode 100644 index 0000000..7d5c927 --- /dev/null +++ b/meta/profiles/base.nix @@ -0,0 +1,29 @@ +{lib, config, pkgs, ...}: { + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nixpkgs.config.allowUnfree = true; + + environment.variables.EDITOR = "vim"; + + time.timeZone = "Europe/Berlin"; + + services.openssh = { + enable = true; + settings = { + X11Forwarding = true; + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + openFirewall = true; + }; + # Disable password checking for wheel group users so we can solely rely on ssh keys + security.sudo.wheelNeedsPassword = false; + + environment.systemPackages = with pkgs; [ + git + vim + wget + curl + htop + ]; +} \ No newline at end of file diff --git a/meta/profiles/vm.nix b/meta/profiles/vm.nix new file mode 100644 index 0000000..75c7eab --- /dev/null +++ b/meta/profiles/vm.nix @@ -0,0 +1,5 @@ +{ config, pkgs, lib, ... }: +{ + #enable qemu-guestagent + services.qemuGuest.enable = true; +} \ No newline at end of file