From 4ba06c3ab13f1a1ec5eb7f3e68ae7b51a12c45c2 Mon Sep 17 00:00:00 2001 From: mrflos Date: Wed, 11 Sep 2024 20:37:40 +0300 Subject: [PATCH] feat(modules): minimal server conf and cleaning --- .../ThinkCentre-M710q-zoro-configuration.nix | 116 +++--------------- modules/minimal-server.nix | 34 +++++ 2 files changed, 52 insertions(+), 98 deletions(-) create mode 100644 modules/minimal-server.nix diff --git a/machines/ThinkCentre-M710q-zoro-configuration.nix b/machines/ThinkCentre-M710q-zoro-configuration.nix index 431e7b6..ec6f31e 100644 --- a/machines/ThinkCentre-M710q-zoro-configuration.nix +++ b/machines/ThinkCentre-M710q-zoro-configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - { config, lib, pkgs, ... }: { @@ -37,108 +33,32 @@ }; }; - # Pick only one of the below networking options. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Set your time zone. time.timeZone = "Europe/Moscow"; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkb.options in tty. - # }; - # Enable the X11 windowing system. - # services.xserver.enable = true; - - - - - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # hardware.pulseaudio.enable = true; - # OR - # services.pipewire = { - # enable = true; - # pulse.enable = true; - # }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.alice = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # packages = with pkgs; [ - # firefox - # tree - # ]; - # }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - git - neovim + imports = [ + ../modules/minimal-server.nix ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + users.users.optisseur = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + initialPassword = "ACHANGER"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBM+2TwkopAQF7splTWjORQoxjcp67VhodwzvTMlL8g florian@florian-LinuxMint-MBP" + ]; + }; - # List services that you want to enable: - - # Enable the OpenSSH daemon. services.openssh.enable = true; + services.openssh.ports = [ 4222 ]; + services.openssh.settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; # Did you read the comment? + networking.firewall.allowedTCPPorts = [ 80 443 4222 ]; + system.stateVersion = "24.05"; } diff --git a/modules/minimal-server.nix b/modules/minimal-server.nix new file mode 100644 index 0000000..da497bc --- /dev/null +++ b/modules/minimal-server.nix @@ -0,0 +1,34 @@ +# cli basic programs and configs that should be available on every server +{ config, pkgs, ... }: +{ + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + bat + btop + findutils + fzf + gnugrep + git + glances + htop + lazygit + lsd + mc + micro + mosh + neovim + ripgrep + tmux + tree + unzip + wget + ]; +}