milieu update

This commit is contained in:
HackENS milieu 2022-07-30 08:44:32 +02:00
parent 936f613834
commit 7613a24981
12 changed files with 68 additions and 30 deletions

1
configuration.nix Symbolic link
View file

@ -0,0 +1 @@
hosts/hackens-milieu/configuration.nix

View file

@ -8,7 +8,7 @@
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../profiles/hackens ../../profiles/shared-hackens
]; ];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.

View file

@ -7,6 +7,7 @@
./syncthing.nix ./syncthing.nix
./programs.nix ./programs.nix
./audio.nix ./audio.nix
./mosquitto.nix
./graphics.nix ./graphics.nix
./monitoring.nix ./monitoring.nix
./users.nix ./users.nix
@ -16,6 +17,8 @@
./nightworker.nix ./nightworker.nix
./ssd.nix ./ssd.nix
./aarch64.nix ./aarch64.nix
./latex.nix
./gnome.nix
# ./netboot-server.nix # -- fix quick xyz mode. # ./netboot-server.nix # -- fix quick xyz mode.
]; ];
} }

View file

@ -0,0 +1,8 @@
{ ... }:
{
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
}

View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, lib, ... }:
{ {
environment.pathsToLink = [ "/libexec" ]; environment.pathsToLink = [ "/libexec" ];
environment.sessionVariables.TERMINAL = [ "kitty" ]; environment.sessionVariables.TERMINAL = [ "kitty" ];
@ -7,7 +7,7 @@
BROWSER = "firefox"; BROWSER = "firefox";
}; };
services.xserver = { services.xserver = {
displayManager = { displayManager = lib.mkIf (!config.services.xserver.displayManager.gdm.enable) {
autoLogin = { autoLogin = {
enable = true; enable = true;
user = "hackens"; user = "hackens";
@ -17,7 +17,7 @@
windowManager.i3 = { windowManager.i3 = {
enable = true; enable = true;
extraSessionCommands = '' extraSessionCommands = ''
${pkgs.xlibs.xset}/bin/xset r rate 200 50 ${pkgs.xorg.xset}/bin/xset r rate 200 50
''; '';
extraPackages = with pkgs; [ extraPackages = with pkgs; [
rofi rofi
@ -37,7 +37,6 @@
liberation_ttf liberation_ttf
fira-code fira-code
fira-code-symbols fira-code-symbols
mplus-outline-fonts
dina-font dina-font
proggyfonts proggyfonts
powerline-fonts powerline-fonts

View file

@ -0,0 +1,4 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.texlive.combined.scheme-full ];
}

View file

@ -56,17 +56,4 @@
}; };
services.smartd.enable = true; services.smartd.enable = true;
services.smartd.extraOptions = [ "-A /var/log/smartd/" ]; # For netdata. services.smartd.extraOptions = [ "-A /var/log/smartd/" ]; # For netdata.
# MQTT for every usage, notably OctoPrint events.
services.mosquitto = {
enable = true;
listeners = [
{
address = "192.168.1.118";
}
];
settings = {
# allow_anonymous = true;
};
};
} }

View file

@ -0,0 +1,30 @@
{ ... }:
let
port = 1883;
in
{
services.mosquitto = {
enable = true;
logType = [ "all" ];
listeners = [
{
address = "0.0.0.0";
acl = [ "topic readwrite #" ];
port = port;
settings = {
allow_anonymous = true;
};
}
];
bridges.hackensOrg = {
topics = [ "# both" ];
addresses = [
{
address = "new.hackens.org";
}
];
};
};
networking.firewall.allowedTCPPorts = [ port ];
}

View file

@ -11,10 +11,11 @@
taskwarrior taskwarrior
# Slicers # Slicers
prusa-slicer super-slicer super-slicer
# prusa-slicer TODO: it is broken
# CAD/3D # CAD/3D
blender freecad openscad kicad-with-packages3d blender openscad # kicad-with-packages3d freecad
# Microcontrollers # Microcontrollers
arduino arduino-cli stm32flash stm32loader arduino arduino-cli stm32flash stm32loader
# FPGA # FPGA

View file

@ -25,6 +25,7 @@
services.locate.enable = true; services.locate.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.passwordAuthentication = false;
networking.firewall.enable = false; networking.firewall.enable = false;
documentation.info.enable = false; documentation.info.enable = false;
} }

View file

@ -1,23 +1,24 @@
{ pkgs, ... }: { pkgs, ... }:
let
superadmins = [
../../pubkeys/raito.keys
../../pubkeys/gdd.keys
../../pubkeys/BiBi.keys
];
in
{ {
users.users.hackens = { users.users.hackens = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" "dialout" "audio" "video" ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcKULx/AgnqBsgwRX2BfV8waq6JXIkvZHhu9Y8paofM8awq6Om56BZoA7AV45YOcJxO/eFDOxSegXXmt22s4WjIf8I049aMdsW54BNpFpC/h18cMzm5ylKVGHl1ier/WXxpBsA8YU++YdRlGHPpKnhCtYLnBzD4Q5h+05GMIHismNZP1aGpE9s01FuP8eaDDkZUba7oSpn03AA77DBw4/2ZreSbqo96Z6WwiG09KeZvxFtEIk98EQtmiExB2fwsK3/JIxIBCoZHh4SzERcslxxGgzdppd6NhhSh7g523zhiihLaTAPNXBovGm5wcKOU9uWe+pUWEbwV04E+809aVbkJOdYBCtIf8M91meqpupA8jK38uquePHEFvpNr5UmY0qUlJCoqTvoqg9XgrfJVjlPEmYknj/QjQzkA4k19y8njsyEjnYOBL6tsztg6Igl+NZXjBAPuAzxCsfHOtWw1WM5gANwqOL0V9f7+14yST3HwweqjHRj4xky6ritxK+ujfc= hackens@hackens-desktop" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcKULx/AgnqBsgwRX2BfV8waq6JXIkvZHhu9Y8paofM8awq6Om56BZoA7AV45YOcJxO/eFDOxSegXXmt22s4WjIf8I049aMdsW54BNpFpC/h18cMzm5ylKVGHl1ier/WXxpBsA8YU++YdRlGHPpKnhCtYLnBzD4Q5h+05GMIHismNZP1aGpE9s01FuP8eaDDkZUba7oSpn03AA77DBw4/2ZreSbqo96Z6WwiG09KeZvxFtEIk98EQtmiExB2fwsK3/JIxIBCoZHh4SzERcslxxGgzdppd6NhhSh7g523zhiihLaTAPNXBovGm5wcKOU9uWe+pUWEbwV04E+809aVbkJOdYBCtIf8M91meqpupA8jK38uquePHEFvpNr5UmY0qUlJCoqTvoqg9XgrfJVjlPEmYknj/QjQzkA4k19y8njsyEjnYOBL6tsztg6Igl+NZXjBAPuAzxCsfHOtWw1WM5gANwqOL0V9f7+14yST3HwweqjHRj4xky6ritxK+ujfc= hackens@hackens-desktop"
]; ];
openssh.authorizedKeys.keyFiles = [ openssh.authorizedKeys.keyFiles = superadmins;
../../pubkeys/raito.keys };
../../pubkeys/gdd.keys
];
};
users.users.root = { users.users.root = {
openssh.authorizedKeys.keyFiles = [ openssh.authorizedKeys.keyFiles = superadmins;
./pubkeys/raito.keys
./pubkeys/gdd.keys
];
}; };
} }

3
pubkeys/BiBi.keys Normal file
View file

@ -0,0 +1,3 @@
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACC4RyZ/2ZTACUl5j6K1VlLu4+WUI3eUuylxqPw9DVWnKH5u5pGld/6pL3Nq0rM5W5kfDLd0SWYDL5f1FUdBr2VugDGLO8swdOK6SWM3J5TN1c2ZwDAeBsbXF4scqXqT1Fxay31LPUCAy526P6pRowxwBZwEMn6wHc7Lp//LRMOqh2DSA==
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBABLEDU82YDUFYgji+hM1fdfpxzY2QHNRCrlSF1X9FSqLLBHYxcpIWEl6kd6bQTml+sjhIpdvbDzvr2MR4prk/zsiwDmuLrzv+j7jri7BZkBzREYYm45LQNhbJZuRaszEMpvOU902UOvEzPU2WDAtHH1G7fRnxjHsDAiVc/fUzJz9r9uXg==
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBADkJamWNY4+IdqAKI4p7NZ9EecVj3gc2oH/JpmyKREnQBBiCdNmu5HOqzplYYIEmr3HtGLZNcL8o0bvXNtX43onLQDsyOa2UuTNRYLOgx9Uq0tFLhGrDmDP1SK/v5OfcM9H+vm5NO4bFdPjqTrqwDOamUrSt83BY9XRue+JIe/nTzDX0g==