2024-08-23 21:01:33 +02:00
|
|
|
{
|
2024-08-24 09:52:56 +02:00
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
lib,
|
|
|
|
flakes,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
with lib; {
|
2024-08-23 21:01:33 +02:00
|
|
|
imports = [
|
|
|
|
flakes.vpsadminos.nixosConfigurations.container
|
|
|
|
flakes.home-manager.nixosModules.home-manager
|
|
|
|
flakes.impermanence.nixosModule
|
|
|
|
./srv
|
|
|
|
];
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
vim
|
|
|
|
git
|
|
|
|
];
|
|
|
|
|
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
|
|
|
settings.PasswordAuthentication = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
home-manager = {
|
|
|
|
useGlobalPkgs = true;
|
|
|
|
useUserPackages = true;
|
|
|
|
|
2024-08-24 09:52:56 +02:00
|
|
|
extraSpecialArgs = {inherit flakes;};
|
2024-08-23 21:01:33 +02:00
|
|
|
|
|
|
|
users.fabian = {
|
|
|
|
imports = [
|
|
|
|
flakes.impermanence.nixosModules.home-manager.impermanence
|
|
|
|
./home
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
programs = {
|
|
|
|
zsh.enable = true;
|
|
|
|
fuse.userAllowOther = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.hostName = "vps";
|
|
|
|
|
|
|
|
nix = {
|
|
|
|
package = pkgs.nixFlakes;
|
|
|
|
|
|
|
|
extraOptions = ''
|
|
|
|
experimental-features = nix-command flakes repl-flake
|
|
|
|
'';
|
|
|
|
|
|
|
|
# No me interesa el global registry
|
|
|
|
settings.flake-registry = "";
|
|
|
|
};
|
|
|
|
|
|
|
|
users = {
|
|
|
|
users.fabian = {
|
|
|
|
isNormalUser = true;
|
|
|
|
uid = 1000;
|
|
|
|
group = "fabian";
|
|
|
|
shell = pkgs.zsh;
|
2024-08-24 09:52:56 +02:00
|
|
|
extraGroups = ["users" "wheel" "networkmanager" "dialout" "libvirtd"];
|
2024-09-19 04:51:09 +02:00
|
|
|
openssh.authorizedKeys.keyFiles = [../pki/fabian.ssh];
|
2024-08-23 21:01:33 +02:00
|
|
|
};
|
|
|
|
groups.fabian.gid = 1000;
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.extraConfig = ''
|
|
|
|
DefaultTimeoutStartSec=900s
|
|
|
|
'';
|
|
|
|
|
|
|
|
security.dhparams = {
|
|
|
|
enable = true;
|
|
|
|
defaultBitSize = 4096;
|
|
|
|
};
|
|
|
|
|
|
|
|
fileSystems = {
|
|
|
|
"/mnt/export2008" = {
|
|
|
|
device = "172.16.129.19:/nas/5876";
|
|
|
|
fsType = "nfs";
|
2024-08-24 09:52:56 +02:00
|
|
|
options = ["nofail" "noatime"];
|
2024-08-23 21:01:33 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
"/mnt/export2011" = {
|
|
|
|
device = "172.16.129.151:/nas/5876/bepasty";
|
|
|
|
fsType = "nfs";
|
2024-08-24 09:52:56 +02:00
|
|
|
options = ["nofail" "noatime" "noexec"];
|
2024-08-23 21:01:33 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
services.earlyoom = {
|
|
|
|
enable = mkDefault true;
|
|
|
|
enableNotifications = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
# Coredumps son un riesgo de seguridad y puden usar mucho disco
|
|
|
|
systemd.coredump.extraConfig = ''
|
|
|
|
Storage=none
|
|
|
|
ProcessSizeMax=0
|
|
|
|
'';
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Amsterdam";
|
|
|
|
|
|
|
|
system.stateVersion = "24.05";
|
|
|
|
}
|