lbailly/config-perso
1
0
Fork 0
Code Pull requests Projects Releases Packages Activity
config-perso/BOcal/net_config.nix
catvayor 796c11b823 nixfmt
2024-05-14 19:21:19 +02:00

139 lines
4.2 KiB
Nix
Raw Blame History

{
lib,
users,
mods,
pkgs,
...
}:
let
machines = {
"54:bf:64:5d:33:5e" = "arturgo";
"54:bf:64:5d:33:f9" = "catvayor";
"54:bf:64:5d:32:d4" = "darksysy";
"48:4d:7e:d6:fa:1e" = "empraeleerup";
"48:4d:7e:d6:cf:57" = "glohuglohu";
"54:bf:64:5d:33:7e" = "h";
"54:bf:64:5d:32:b7" = "inutile.club";
"54:bf:64:5d:33:f5" = "jimmicrosoft";
"48:4d:7e:d6:fc:e8" = "krik";
"54:bf:64:5d:31:fd" = "loony";
};
distant-users = builtins.attrValues machines;
distant-users-id = builtins.genList (i: {
name = builtins.elemAt distant-users i;
uid = 2001 + i;
}) (builtins.length distant-users);
remote_sys = (
import (pkgs.path + "/nixos/lib/eval-config.nix") {
system = "x86_64-linux";
specialArgs = {
inherit users mods;
};
modules = [ (import ./net-user/configuration.nix distant-users-id) ];
}
);
remote_build = remote_sys.config.system.build;
json_maker =
mac: user:
pkgs.writeText "netboot-${mac}.json" ''
{
"kernel": "/kernel",
"initrd": [ "/initrd" ],
"cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}"
}
'';
json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}'';
cmds = [
"mkdir -p $out/v1/boot"
"ln -s ${remote_build.kernel}/bzImage $out/kernel"
"ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd"
] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines));
webroot = pkgs.runCommand "netboot-apiroot" { } (builtins.concatStringsSep "\n" cmds);
in
{
users.groups.bocal.gid = 2000;
users.users =
let
template =
{ name, uid }:
{
inherit name;
value = {
isNormalUser = true;
inherit uid;
shell = pkgs.zsh;
group = "bocal";
homeMode = "750";
};
};
in
builtins.listToAttrs (map template distant-users-id)
// {
bocal = {
isNormalUser = true;
uid = 2000;
shell = pkgs.zsh;
group = "bocal";
homeMode = "750";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB"
];
};
};
home-manager.users.bocal = {
home.stateVersion = "23.11";
imports = with mods.home; [
zsh
neovim
];
programs.zsh.shellAliases = {
"redac" = "/home/bocal/bin/redac";
"faire" = "redac faire";
};
};
services.pixiecore = {
enable = true;
openFirewall = true;
dhcpNoBind = true;
apiServer = "http://localhost:8000";
mode = "api";
listen = "192.168.222.1";
};
services.nfs.server = {
enable = true;
exports =
let
template =
{ name, uid }:
"/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)";
in
builtins.concatStringsSep "\n" (
[ "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" ]
++ map template distant-users-id
);
};
services.dnsmasq = {
enable = true;
settings = {
interface = [ "netboot-client" ];
bind-dynamic = true;
dhcp-option = "3,0.0.0.0";
dhcp-range = "192.168.222.100,192.168.222.200,255.255.255.0,12h";
};
};
services.nginx = {
enable = true;
virtualHosts."localhost" = {
listen = [
{
addr = "localhost";
port = 8000;
}
];
root = webroot;
};
};
}
View git blame Copy permalink