machines(new.hackens.org): init structure
This commit is contained in:
parent
7d83d4d602
commit
bafafb052b
8 changed files with 154 additions and 0 deletions
17
hosts/hackens-org/admins.nix
Normal file
17
hosts/hackens-org/admins.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
users.users.rlahfa = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ "wheel" ];
|
||||||
|
hashedPassword = "$6$y/I6nKCMYUku7$91vTR5kYz4nHyhbuA/j6kPsD8Vfo/Rg7ri6Ympftra9V6emOt/mPg0AScECtYjSIxretvfQ3sPUF1Ho0IWx381";
|
||||||
|
openssh.authorizedKeys.keyFiles = [ ./pubkeys/rlahfa.keys ];
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root.openssh.authorizedKeys.keyFiles = [ ./pubkeys/beigbeder.keys ]; # Jacques Beigbeder est tjrs root.
|
||||||
|
|
||||||
|
# Enable the OpenSSH daemon.
|
||||||
|
services.openssh.enable = true;
|
||||||
|
|
||||||
|
# Open ports in the firewall.
|
||||||
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||||
|
}
|
32
hosts/hackens-org/configuration.nix
Normal file
32
hosts/hackens-org/configuration.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
# Edit this configuration file to define what should be installed on
|
||||||
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./physical.nix
|
||||||
|
./admins.nix
|
||||||
|
./wiki.nix
|
||||||
|
./bridge.nix
|
||||||
|
./webpass.nix
|
||||||
|
./gha.nix
|
||||||
|
./sync.nix
|
||||||
|
./misc
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.hostName = "hackens-org"; # Define your hostname.
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "21.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
}
|
||||||
|
|
29
hosts/hackens-org/hardware-configuration.nix
Normal file
29
hosts/hackens-org/hardware-configuration.nix
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "uhci_hcd" "ahci" "virtio_pci" "virtio_blk" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/8deb32c9-ee6a-4de8-94da-239c8ec509a2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/0795-75ED";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/bd7c1c01-ce31-4db3-9c06-70716020e24a"; } ];
|
||||||
|
|
||||||
|
}
|
12
hosts/hackens-org/misc/default.nix
Normal file
12
hosts/hackens-org/misc/default.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./static-website.nix
|
||||||
|
./game2048.nix
|
||||||
|
./casauth.nix
|
||||||
|
./nds.nix
|
||||||
|
./prez.nix
|
||||||
|
./public.nix
|
||||||
|
./jarvis.nix
|
||||||
|
];
|
||||||
|
}
|
16
hosts/hackens-org/physical.nix
Normal file
16
hosts/hackens-org/physical.nix
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
# Use the GRUB 2 boot loader.
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
boot.loader.grub.device = "/dev/vdb"; # or "nodev" for efi only
|
||||||
|
|
||||||
|
time.timeZone = "Europe/Paris";
|
||||||
|
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.interfaces.eth0 = {
|
||||||
|
ipv4.addresses = [ { address = "129.199.129.76"; prefixLength = 24; } ];
|
||||||
|
};
|
||||||
|
networking.defaultGateway = { address = "129.199.129.1"; interface = "eth0"; };
|
||||||
|
|
||||||
|
}
|
4
hosts/hackens-org/pubkeys/beigbeder.keys
Normal file
4
hosts/hackens-org/pubkeys/beigbeder.keys
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFOudRjw38khtJF9MM8lfGXLJlK06E26+njysWgw1wXB3t06I5BGyLKXI9STpitU7y1dN5xirMxxiI1BhP4TodM= root@somewhereelse
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOfTmWRWNED9gIz2lHny2X7+vLSY9H8f0kV6aFg/ASthH1pE2C8Kh14CqFyVZn0hAHtv0GnTooDxCsK0K+d0OEc= root@muguet
|
||||||
|
ssh-dss AAAAB3NzaC1kc3MAAACBAJNMK9B+tMMjOB0hh7XfzUKinE7gc/6qqVUI5e6jAFhCTVTGt5nFzfAR6CSs3OXkzPiwcDBFMAF4pZeUTX+tngbRN3qTqxX5CY4jvQB//qbI2NJ+tQ5285zOTbteXRiVEqCsMwTmPbvXG2scSu8kv5lT1Lqt5DxqqGjEk8NlBQaPAAAAFQCvFewj+YbJHBnp61pxt9rDp8OcLwAAAIA/ZLyl8tNBrBKREYcc9GPEpEnMZdibw9xzZtttlYguXIwJAE13hd0L8NF15RD28fmTu27gOjroz/VryAdEUp/pAddb8amCBc4H+0lwTNxjK8+VCEDb4yQM4256KuP/7emMLCQmC/U2H5FR+lPW4GWS0lkEE3jXX7H5XwftJebGhQAAAIEAgy1xPXQUBvPmNOFCM7KK8Z1P5BoLNibV4Kep5ocRLQvJqPg708tVnnTjXlRDE6NfOU2I4MWAFbc6Czs0TtUIt7Uxgkt+IbdKUhaAdlhYCFVtVcosWuxomIXuCUDRx9MYsZXW07ftHdQOUkX7z9TM7czpcxJawsAwXgG8cpdmC2o= root@any
|
||||||
|
ssh-dss AAAAB3NzaC1kc3MAAACBALj6OepClhPE7r9oqOV4K2X0tkHacvZ9mN7hsKnwYk7WeIngg6POOgWNHo9Ux/1bOmpeKJW15dk52IqZWZMm2PoMppz1WnyMizD4yCmj6RMkmZ/aeR0LQ6wk8io4NBCb+BZs2kSt+Xqdii67a5yiB5TWrYPIN4PGZBR/PoIUhL85AAAAFQCao6QOHBxUUZ2AZDuLeGf4ooZ9owAAAIEAiMveqdiRroL/99bfHLqSOudbNQXePra5E2VbL25vhYNTWEBvxCHSsJWIkp2XemZG5NXNC7qXo30+lslZm6VUR1Z9imd6GERugVU5WLjpVmXt8tT9IL/gtZh/FrntchjHkHRWmJJUU93m9aOIgsMvEsczmjgapQm0f39mxtPR7JQAAACAdqXNZok6Dta7Ab77MduzP++9Cr+WwcsZmERwVF4VkMVeC8QuCEwfWuj43sppEzcRj7P31gIJh+Mm8NEqFh+L5Rc5KsPhvbax1KyIz48Th3UmfK4B2iDx4RdH2Kf1NLhkMjW9onx/c5Hsv3MFNErJozvgz2BrfmFS2TLmpdD1Fvg= root@somewhere
|
4
hosts/hackens-org/pubkeys/rlahfa.keys
Normal file
4
hosts/hackens-org/pubkeys/rlahfa.keys
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDcEkYM1r8QVNM/G5CxJInEdoBCWjEHHDdHlzDYNSUIdHHsn04QY+XI67AdMCm8w30GZnLUIj5RiJEWXREUApby0GrfxGGcy8otforygfgtmuUKAUEHdU2MMwrQI7RtTZ8oQ0USRGuqvmegxz3l5caVU7qGvBllJ4NUHXrkZSja2/51vq80RF4MKkDGiz7xUTixI2UcBwQBCA/kQedKV9G28EH+1XfvePqmMivZjl+7VyHsgUVj9eRGA1XWFw59UPZG8a7VkxO/Eb3K9NF297HUAcFMcbY6cPFi9AaBgu3VC4eetDnoN/+xT1owiHi7BReQhGAy/6cdf7C/my5ehZwD
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKIIcqryU28FkV+UpiTnGCOfwKO5jFhkdvU7a7Ew2KoZ
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMLf6B8VV//BhOWihYK8Zy1CJ3sg4w2bP0aBO0VPs4hS
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE0xMwWedkKosax9+7D2OlnMxFL/eV4CvFZLsbLptpXr
|
40
hosts/hackens-org/wiki.nix
Normal file
40
hosts/hackens-org/wiki.nix
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.dokuwiki.hackens = {
|
||||||
|
enable = true;
|
||||||
|
nginx = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# TODO: move to hackens.org
|
||||||
|
hostName = "hackens.ens.fr";
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
$conf['title'] = 'hackEns';
|
||||||
|
$conf['start'] = 'accueil';
|
||||||
|
$conf['lang'] = 'fr';
|
||||||
|
$conf['template'] = 'starter-bootstrap';
|
||||||
|
$conf['license'] = '0';
|
||||||
|
$conf['breadcrumbs'] = 0;
|
||||||
|
$conf['htmlok'] = 1;
|
||||||
|
$conf['sitemap'] = 7;
|
||||||
|
$conf['rss_type'] = 'rss2';
|
||||||
|
$conf['userewrite'] = '1';
|
||||||
|
$conf['useslash'] = 1;
|
||||||
|
$conf['plugin']['tokenbucketauth']['tba_send_mail'] = 'hackens@clipper.ens.fr';
|
||||||
|
'';
|
||||||
|
|
||||||
|
pluginsConfig = ''
|
||||||
|
$plugins['authmysql'] = 0;
|
||||||
|
$plugins['syntaxhighlighter3'] = 0;
|
||||||
|
$plugins['popularity'] = 0;
|
||||||
|
$plugins['authpgsql'] = 0;
|
||||||
|
$plugins['authpdo'] = 0;
|
||||||
|
$plugins['authldap'] = 0;
|
||||||
|
'';
|
||||||
|
|
||||||
|
disableActions = "register";
|
||||||
|
superUser = "@admin";
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue