add local user on bolty to allow for normal dotfile builds on bolty as it was a workstation
Some checks failed
use nix / build (push) Failing after 3m18s
Some checks failed
use nix / build (push) Failing after 3m18s
This commit is contained in:
parent
ad14c6f92d
commit
ed35c0547b
3 changed files with 35 additions and 2 deletions
25
flake.nix
25
flake.nix
|
|
@ -37,6 +37,29 @@
|
||||||
];
|
];
|
||||||
specialArgs = {inherit inputs system;};
|
specialArgs = {inherit inputs system;};
|
||||||
};
|
};
|
||||||
|
mkPrivateServer = pkgs: system: hostname:
|
||||||
|
pkgs.lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
modules = [
|
||||||
|
(./. + "/nixos/boxes/${hostname}")
|
||||||
|
(import ./nixos/server-common.nix)
|
||||||
|
sops.nixosModules.sops
|
||||||
|
disko.nixosModules.disko
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
users.cyryl = {
|
||||||
|
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
|
||||||
|
_module.args.inputs = inputs;
|
||||||
|
_module.args.system = system;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
specialArgs = {inherit inputs system;};
|
||||||
|
};
|
||||||
mkRaspi = pkgs: hostname: let
|
mkRaspi = pkgs: hostname: let
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
in
|
in
|
||||||
|
|
@ -173,7 +196,7 @@
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
foryog = mkWorkstation nixpkgs-nixos-unstable "x86_64-linux" "foryog";
|
foryog = mkWorkstation nixpkgs-nixos-unstable "x86_64-linux" "foryog";
|
||||||
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
|
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
|
||||||
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
|
bolty = mkPrivateServer nixpkgs-stable "x86_64-linux" "bolty";
|
||||||
cupsnet = mkServer nixpkgs-stable "aarch64-linux" "cupsnet";
|
cupsnet = mkServer nixpkgs-stable "aarch64-linux" "cupsnet";
|
||||||
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1";
|
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1";
|
||||||
airnix = mkServer nixpkgs-stable "aarch64-linux" "airnix";
|
airnix = mkServer nixpkgs-stable "aarch64-linux" "airnix";
|
||||||
|
|
|
||||||
|
|
@ -29,4 +29,9 @@
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
|
users.extraUsers.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPbJNY48F1Vn11aDX5hJSj4oS2NIKEH2busqoyQTLIvk cyryl@bolty"];
|
||||||
|
users.users.cyryl = {
|
||||||
|
home = "/data/home/cyryl";
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -29,8 +29,13 @@ in {
|
||||||
openssh.authorizedKeys.keys = authorizedKeys;
|
openssh.authorizedKeys.keys = authorizedKeys;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.users.cyryl = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = authorizedKeys;
|
||||||
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
settings.trusted-users = ["root" "nix-builder"];
|
settings.trusted-users = ["root" "nix-builder" "cyryl"];
|
||||||
sshServe.enable = true;
|
sshServe.enable = true;
|
||||||
sshServe.keys = authorizedKeys;
|
sshServe.keys = authorizedKeys;
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue