diff --git a/nix/chell.nix b/nix/chell.nix index 00969ef..f42d8df 100644 --- a/nix/chell.nix +++ b/nix/chell.nix @@ -14,4 +14,14 @@ hardware.keyboard.qmk.enable = true; services.xserver.xkb.options = "caps:escape,compose:102"; + + services.nginx = { + enable = true; + virtualHosts."main.chell.org" = { + forceSSL = false; + locations."/" = { + root = "/var/www"; + }; + }; + }; } diff --git a/nix/flake.nix b/nix/flake.nix index e2cf8ee..3f8ee0e 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -36,6 +36,15 @@ nur.modules.nixos.default ]; }; + kleiner = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs; + hostname = "kleiner"; + }; + modules = [ + ./kleiner.nix + ]; + }; }; }; } diff --git a/nix/kleiner.nix b/nix/kleiner.nix new file mode 100644 index 0000000..ddba748 --- /dev/null +++ b/nix/kleiner.nix @@ -0,0 +1,110 @@ +{ lib, hostname, pkgs, ... }: +let + mkHome = home: "/blk/Cs/home/${home}"; + + sshKeys = { + zentux = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsDJW7Cb44KNR98JpK2DR6IfnY8w/hi59wF+q/7YRqYkxWouA6qe82q0mtWbTA+KArp2iX1gf3T8X+AtxC3l0jbly5Fd+rCGPe/DQkWOFA7OH6FPYPsx2QS0FWHGn9EIgBr+AmBQTKLJzTrDFuomU8Js43LmShisVvhB6Tz/GLgyWOL8lD9dhsX0jiN+m/w3/ai2DjyBkC/e30sy5YmZlhrSwKLg6jX1axH/Omb6plk9GIRMFMwtfNusK94GpySWedUcCG0Wb5ofRe+wDtiewvpnpiJePesSjMMDouOcPNk9UepB0JXqlvOCBztfuEqzoXjIpLnXN/NHEMUjAt7Qbn sentox@Pink" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINURGekLS+vl+1LvmbMUpIAGpgMI5CcAqTAUld68foZX zentux@lamarr" + ]; + iora = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmoWfBVEkZAJVMozRoqdt75kvSHbwsJFqRCo8+qv2WgElVGihCUn6NKOj8po8lY2RRDNVvVVCTrxsz02laUgRQMCX/je127EmDOcWxm9lh+3hdvl+ozlnDnywA/vLnLvSkDC49aJqnEypJDZsKr7skqjL90rA56FNFDHbtQy+wbaqXBzsFnvYPiV5ai6BrMaR2AzmIndW5uDEsmw++ywW+ammq68KG+cKSW+OTPcECi3Kb3Dlzj6xyfSKKPAaZ6RvmyVFad+cOPUdlh+wN1PKdMO7Ro2MXoon0IMIbHKGBt1am6FEsXrv+XLjLj2273gHbvkUtJFc5HD5+jD2pQtrp scosh@localhost" + ]; + jonah = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdodLoRBivHJrEuGVBHhR3W7wQbVBh+fVGBz1+eYT+V jonah@fedora.fritz.box" + ]; + }; +in +{ + nix.settings.trusted-users = [ "zentux" ]; + nixpkgs.hostPlatform = "aarch64-linux"; + imports = [ ]; + + hardware.enableRedistributableFirmware = true; + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + networking = { + hostName = "${hostname}"; + wireless.enable = true; + useDHCP = lib.mkDefault true; + }; + + time.timeZone = "Europe/Berlin"; + + users.users = { + zentux = { + description = "overlord"; + extraGroups = [ "wheel" "git" ]; + home = mkHome "zentux"; + isNormalUser = true; + packages = [ ]; + shell = pkgs.nushell; + openssh.authorizedKeys.keys = sshKeys.zentux; + }; + + git = { + description = "git"; + group = "git"; + extraGroups = [ ]; + isSystemUser = true; + openssh.authorizedKeys.keys = sshKeys.zentux; + }; + wg = { + description = "Wohngemeinschaft Access"; + group = "wg"; + isSystemUser = true; + openssh.authorizedKeys.keys + = sshKeys.iora + ++ sshKeys.zentux; + }; + + iora = { + isNormalUser = true; + home = mkHome "iora"; + extraGroups = [ ]; + packages = [ ]; + openssh.authorizedKeys.keys = sshKeys.iora; + }; + jonah = { + isNormalUser = true; + home = mkHome "jonah"; + extraGroups = [ ]; + packages = [ ]; + openssh.authorizedKeys.keys = sshKeys.jonah; + }; + }; + users.groups.git = {}; + users.groups.wg = { + members = [ "iora" "jonah" "zentux" ]; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; + fsType = "ext4"; + }; + "/blk/Cs" = { + device = "/dev/disk/by-uuid/27b7258e-84b3-483e-972f-124657ea2fcf"; + fsType = "ext4"; + }; + }; + + environment.systemPackages = with pkgs; [ + bat + file + fzf + git + helix + joshuto + jujutsu + ripgrep + vim + wget + zellij + ]; + + services.openssh.enable = true; + + system.stateVersion = "25.05"; +}