From 0022285600c5443b9709f5a60a33e38956e1eb14 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sun, 15 Sep 2024 00:00:51 +0300 Subject: [PATCH] feat(tazjin/nixos): set up yggdrasil on all physical machines Change-Id: I1d722c6d2e6192c445e77cb9b186a5320c2a60ec Reviewed-on: https://cl.tvl.fyi/c/depot/+/12485 Reviewed-by: tazjin Tested-by: BuildkiteCI --- users/tazjin/nixos/koptevo/default.nix | 4 ++++ users/tazjin/nixos/modules/home-config.nix | 2 +- users/tazjin/nixos/modules/physical.nix | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix index ec490e453..a8c98427d 100644 --- a/users/tazjin/nixos/koptevo/default.nix +++ b/users/tazjin/nixos/koptevo/default.nix @@ -218,6 +218,10 @@ in Listen = true; Port = 9443; # yggd }]; + + AllowedPublicKeys = [ + "573fd89392e2741ead4edd85034c91c88f1e560d991bbdbf1fccb6233db4d325" # koptevo + ]; }; }; diff --git a/users/tazjin/nixos/modules/home-config.nix b/users/tazjin/nixos/modules/home-config.nix index 77fe3f69b..9aa1cab46 100644 --- a/users/tazjin/nixos/modules/home-config.nix +++ b/users/tazjin/nixos/modules/home-config.nix @@ -6,7 +6,7 @@ users.users.tazjin = { isNormalUser = true; createHome = true; - extraGroups = [ "wheel" "networkmanager" "video" "adbusers" ]; + extraGroups = [ "wheel" "networkmanager" "video" "adbusers" "yggdrasil" ]; uid = 1000; shell = pkgs.fish; initialHashedPassword = "$2b$05$1eBPdoIgan/C/L8JFqIHBuVscQyTKw1L/4VBlzlLvLBEf6CXS3EW6"; diff --git a/users/tazjin/nixos/modules/physical.nix b/users/tazjin/nixos/modules/physical.nix index 569230633..92b22112d 100644 --- a/users/tazjin/nixos/modules/physical.nix +++ b/users/tazjin/nixos/modules/physical.nix @@ -102,6 +102,13 @@ in # run manually patchelfed binaries environment.stub-ld.enable = false; + # Enable yggdrasil network. + services.yggdrasil = { + enable = true; + persistentKeys = true; + settings.IfName = "ygg0"; + }; + programs = { fish.enable = true; mosh.enable = true;