From 618f4900e04057c817613007f0c45bc05c7a5a00 Mon Sep 17 00:00:00 2001 From: sinavir Date: Wed, 17 May 2023 01:10:18 +0200 Subject: [PATCH] web-01: refactor of network and ssh --- machines/web-01/configuration.nix | 10 ++++------ machines/web-01/networking.nix | 4 ++++ machines/web-01/ssh.nix | 7 +++++++ 3 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 machines/web-01/networking.nix create mode 100644 machines/web-01/ssh.nix diff --git a/machines/web-01/configuration.nix b/machines/web-01/configuration.nix index 1187078..35c7ad2 100644 --- a/machines/web-01/configuration.nix +++ b/machines/web-01/configuration.nix @@ -2,28 +2,26 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ name, config, pkgs, lib, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + ./networking.nix + ./ssh.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - networking.hostName = "web-01";# Define your hostname. + networking.hostName = name; time.timeZone = "Europe/Paris"; - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens3.useDHCP = lib.mkDefault true; users.users.root.openssh.authorizedKeys.keyFiles = [ ../../admin_keys/anon.keys ../../admin_keys/mdebray.keys ]; - # Enable the OpenSSH daemon. - services.openssh.enable = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/machines/web-01/networking.nix b/machines/web-01/networking.nix new file mode 100644 index 0000000..cd57656 --- /dev/null +++ b/machines/web-01/networking.nix @@ -0,0 +1,4 @@ +{ lib, ... }: { + # TODO: Switch to networkd + networking.useDHCP = lib.mkDefault true; +} diff --git a/machines/web-01/ssh.nix b/machines/web-01/ssh.nix new file mode 100644 index 0000000..0d9c50b --- /dev/null +++ b/machines/web-01/ssh.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + services.openssh = { + passwordAuthentication = false; + enable = true; + }; +}